urlscan.io logo urlscan.io
SecurityTrails logo

skypost.ulifestyle.com.hk Open in urlscan Pro
118.143.30.166  Public Scan

Go To Rescan Add Verdict Report
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Submission: On November 23 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 125 IPs in 13 countries across 83 domains to perform 729 HTTP transactions. The main IP is 118.143.30.166, located in Kowloon, Hong Kong and belongs to HUTCHISON-AS-AP HGC Global Communications Limited, HK. The main domain is skypost.ulifestyle.com.hk. The Cisco Umbrella rank of the primary domain is 576303.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on June 20th 2023. Valid for: a year.
This is the only time skypost.ulifestyle.com.hk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
78 118.143.30.166 9304 (HUTCHISON...)
1 118.143.30.151 9304 (HUTCHISON...)
8 65.9.66.75 16509 (AMAZON-02)
8 2606:4700::68... 13335 (CLOUDFLAR...)
4 2606:50c0:800... 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 18.245.60.76 16509 (AMAZON-02)
4 2a03:2880:f08... 32934 (FACEBOOK)
28 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
31 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 3 2a03:2880:f17... 32934 (FACEBOOK)
1 2001:4860:480... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a02:2638:3::3 44788 (ASN-CRITE...)
2 65.9.66.104 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 52.48.81.28 16509 (AMAZON-02)
4 141.95.98.64 16276 (OVH)
2 6 2a02:2638:3::c 44788 (ASN-CRITE...)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
2 16.163.169.164 16509 (AMAZON-02)
1 4 35.244.159.8 396982 (GOOGLE-CL...)
1 21 2a00:1450:400... 15169 (GOOGLE)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 151.101.195.52 54113 (FASTLY)
3 108.138.1.25 16509 (AMAZON-02)
4 34.107.231.31 396982 (GOOGLE-CL...)
2 13.215.0.207 16509 (AMAZON-02)
1 18.66.112.106 16509 (AMAZON-02)
43 2a00:1450:400... 15169 (GOOGLE)
13 2600:9000:249... 16509 (AMAZON-02)
1 99.86.4.128 16509 (AMAZON-02)
1 2600:9000:224... 16509 (AMAZON-02)
1 2.23.78.67 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
4 108.138.9.235 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
13 104.22.69.131 13335 (CLOUDFLAR...)
1 6 145.40.97.66 54825 (PACKET)
3 2a0c:5c87:524... 55081 (24SHELLS)
5 185.86.139.58 201081 (SMARTADSE...)
5 2606:4700:440... 13335 (CLOUDFLAR...)
5 2602:803:c003... 26667 (RUBICONPR...)
5 185.64.189.112 62713 (AS-PUBMATIC)
6 31 185.89.210.212 29990 (ASN-APPNEX)
8 96.46.186.57 7979 (SERVERS-COM)
5 2a02:2638:3::7 44788 (ASN-CRITE...)
8 216.52.2.48 30282 (AS-INAPCD...)
5 185.106.140.18 7979 (SERVERS-COM)
5 34.120.63.153 396982 (GOOGLE-CL...)
6 192.96.203.13 30633 (LEASEWEB-...)
9 51.38.120.206 16276 (OVH)
5 18.198.246.226 16509 (AMAZON-02)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 34.95.69.49 396982 (GOOGLE-CL...)
3 184.30.21.51 16625 (AKAMAI-AS)
8 2a0c:5c87:523... 55081 (24SHELLS)
2 162.19.138.116 16276 (OVH)
4 2602:803:c004... 26667 (RUBICONPR...)
1 15 69.173.144.165 26667 (RUBICONPR...)
5 151.101.129.108 54113 (FASTLY)
13 185.89.210.20 29990 (ASN-APPNEX)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
9 11 142.250.185.130 15169 (GOOGLE)
1 184.30.17.243 16625 (AKAMAI-AS)
2 19 37.157.4.28 198622 (ADFORM)
11 2600:9000:223... 16509 (AMAZON-02)
1 35.241.31.249 396982 (GOOGLE-CL...)
4 142.250.186.166 15169 (GOOGLE)
4 144.76.104.53 24940 (HETZNER-AS)
1 8 144.76.238.55 24940 (HETZNER-AS)
1 2620:1ec:46::45 8075 (MICROSOFT...)
4 37.252.171.53 29990 (ASN-APPNEX)
2 5 2a02:26f0:f50... 20940 (AKAMAI-ASN1)
2 2a01:4f8:242:... 24940 (HETZNER-AS)
2 67.202.105.22 32748 (STEADFAST)
1 2 193.3.178.4 399668 (E-PLANNING-)
7 184.30.16.195 16625 (AKAMAI-AS)
1 1 2.18.160.23 16625 (AKAMAI-AS)
7 185.83.71.234 55081 (24SHELLS)
2 2a0c:5c87:523... 55081 (24SHELLS)
5 2a02:6ea0:c70... 60068 (CDN77 ^_^)
4 4 46.228.174.117 56396 (AMOBEE)
1 1 2001:678:cb4:... 56396 (AMOBEE)
4 198.47.127.19 3257 (GTT-BACKB...)
4 151.101.193.108 54113 (FASTLY)
12 95.101.149.233 16625 (AKAMAI-AS)
68 37.157.5.71 198622 (ADFORM)
12 2606:4700::68... 13335 (CLOUDFLAR...)
4 6 104.18.36.155 13335 (CLOUDFLAR...)
3 88.99.219.174 24940 (HETZNER-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 185.64.191.210 62713 (AS-PUBMATIC)
2 2.16.97.41 16625 (AKAMAI-AS)
3 159.69.70.9 24940 (HETZNER-AS)
2 44.231.226.65 16509 (AMAZON-02)
1 35.244.193.51 15169 (GOOGLE)
1 131.153.158.209 60558 (SECUREDSE...)
1 15.197.193.217 16509 (AMAZON-02)
1 184.30.20.22 16625 (AKAMAI-AS)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 76.223.111.18 16509 (AMAZON-02)
3 3.127.95.101 16509 (AMAZON-02)
1 1 5.200.43.243 48096 (ITGRAD)
1 194.55.244.181 34959 (PROCLOUD ...)
1 151.236.118.210 204720 (CDNETWORKS)
1 1 8.2.110.113 46636 (NATCOWEB)
3 209.192.201.180 7979 (SERVERS-COM)
1 2 185.86.139.102 201081 (SMARTADSE...)
2 3 185.184.8.90 204995 (RTB-HOUSE...)
1 1 35.227.252.103 396982 (GOOGLE-CL...)
1 212.36.83.246 15699 (AS_ADAM A...)
1 52.19.208.136 16509 (AMAZON-02)
3 3 31.172.81.159 44066 (DE-FIRSTC...)
2 2 89.108.119.28 197695 (AS-REG)
1 2 2a02:6b8::90 208722 (GLOBAL_DC)
1 1 70.42.32.31 22075 (AS-OUTBRAIN)
1 1 23.201.255.110 16625 (AKAMAI-AS)
1 2 2001:6d0:4001... 52016 (ADFACT)
1 98.98.134.241 ()
729 125
78    118.143.30.166 (Kowloon, Hong Kong)

ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK)
skypost.ulifestyle.com.hk
1    118.143.30.151 (Kowloon, Hong Kong)

ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK)
beauty.ulifestyle.com.hk
8    65.9.66.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-75.fra56.r.cloudfront.net
resource01-proxy.ulifestyle.com.hk
8    2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
4    2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)
googleads.github.io
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    18.245.60.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-76.fra60.r.cloudfront.net
sb.scorecardresearch.com
4    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
28    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
13    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
31    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
9    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2250:2400:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
2    2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
8    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
59362a77c0aa6d870809addf552816bc.safeframe.googlesyndication.com
1    2a00:1450:400c:c06::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    52.48.81.28 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-81-28.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
4    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
6    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
2    16.163.169.164 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-16-163-169-164.ap-east-1.compute.amazonaws.com
dw.hketgroup.com
4    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
google-bidout-d.openx.net
us-u.openx.net
u.openx.net
21    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
rtbdemand.apiip.net
1    151.101.195.52 (United States)

ASN54113 (FASTLY, US)
rtbpass.andbeyond.media
3    108.138.1.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com
4    34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com
p.adlooxtracking.com
2    13.215.0.207 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-215-0-207.ap-southeast-1.compute.amazonaws.com
prebid.andbeyond.media
1    18.66.112.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-106.fra56.r.cloudfront.net
viselb01.hket.com
43    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
13    2600:9000:2491:9a00:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)
rumcdn.geoedge.be
1    99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
1    2600:9000:2240:2e00:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
wrappers.geoedge.be
1    2.23.78.67 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-78-67.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    2606:4700:10::6816:34ad (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
2    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
4    108.138.9.235 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-9-235.fra56.r.cloudfront.net
aax.amazon-adsystem.com
2    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
13    104.22.69.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
6    145.40.97.66 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
3    2a0c:5c87:5241::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
ghb2.adtelligent.com
5    185.86.139.58 (France)

ASN201081 (SMARTADSERVER, FR)
prg-apac.smartadserver.com
5    2606:4700:4400::ac40:994e (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
5    2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
5    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
31    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
8    96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
5    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
8    216.52.2.48 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
5    185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)
rtb.adxpremium.services
5    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
6    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
sync.aralego.com
9    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
5    18.198.246.226 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-246-226.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
4    2606:4700:20::681a:a19 (United States)

ASN13335 (CLOUDFLARENET, US)
rtb.adpone.com
1    2606:4700::6812:1691 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
1    2606:4700:10::6816:545 (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
3    184.30.21.51 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-21-51.deploy.static.akamaitechnologies.com
a.teads.tv
8    2a0c:5c87:5239::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)
ghb1.adtelligent.com
ads54.adtelligent.com
2    162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
lb.eu-1-id5-sync.com
4    2602:803:c004:200::154 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
beacon-fra2.rubiconproject.com
15    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
5    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
13    185.89.210.20 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ams3-ib.adnxs.com
1    2606:4700:10::6816:4192 (United States)

ASN13335 (CLOUDFLARENET, US)
j.adlooxtracking.com
11    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
cm.g.doubleclick.net
1    184.30.17.243 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-243.deploy.static.akamaitechnologies.com
ad.yieldlab.net
19    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
11    2600:9000:223d:2a00:10:43f:4352:ad61 (United States)

ASN16509 (AMAZON-02, US)
gw.geoedge.be
1    35.241.31.249 (Mountain View, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.31.241.35.bc.googleusercontent.com
data00.adlooxtracking.com
4    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
ad.doubleclick.net
4    144.76.104.53 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de
hal9000.redintelligence.net
8    144.76.238.55 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.238.76.144.clients.your-server.de
hal900021.redintelligence.net
1    2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
4    37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
fra1-ib.adnxs.com
5    2a02:26f0:f500:6::216:5bd4 (Munich, Germany)

ASN20940 (AKAMAI-ASN1, NL)
www.bing.com
2    2a01:4f8:242:57ce::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)
s.console.adtarget.com.tr
2    67.202.105.22 (United States)

ASN32748 (STEADFAST, US)
PTR: ip22.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
2    193.3.178.4 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
7    184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
hbx.media.net
7    185.83.71.234 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
2    2a0c:5c87:5237::2 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)
s.adtelligent.com
5    2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
vid.vidoomy.com
vpaid.vidoomy.com
4    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
4    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
4    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
12    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
68    37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
12    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum.casalemedia.com
3    88.99.219.174 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.174.219.99.88.clients.your-server.de
hal900029.redintelligence.net
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
2    2.16.97.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com
sync.teads.tv
3    159.69.70.9 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.9.70.69.159.clients.your-server.de
hal900017.redintelligence.net
2    44.231.226.65 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-231-226-65.us-west-2.compute.amazonaws.com
prod.tahoe-analytics.publishers.advertising.a2z.com
1    35.244.193.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.193.244.35.bc.googleusercontent.com
lexicon.33across.com
1    131.153.158.209 (Amsterdam, Netherlands)

ASN60558 (SECUREDSERVERS-EU, US)
id.a-mx.com
1    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
1    2606:4700:e2::ac40:8513 (United States)

ASN13335 (CLOUDFLARENET, US)
adxbid.info
1    2606:4700:20::681a:567 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
3    3.127.95.101 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-95-101.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    5.200.43.243 (Russian Federation)

ASN48096 (ITGRAD, RU)
ads.adlook.me
1    194.55.244.181 (Moscow, Russian Federation)

ASN34959 (PROCLOUD PROCLOUD MSK, RU)
sync.dmp.otm-r.com
1    151.236.118.210 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)
cache.betweendigital.com
1    8.2.110.113 (United States)

ASN46636 (NATCOWEB, US)
as.ck-ie.com
3    209.192.201.180 (United States)

ASN7979 (SERVERS-COM, US)
user-sync.adxpremium.services
2    185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    35.227.252.103 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
1    212.36.83.246 (Sant Vicenç dels Horts, Spain)

ASN15699 (AS_ADAM Adam Datacenter, ES)
PTR: lb2.vdmy.dtic.es
a.vidoomy.com
1    52.19.208.136 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-208-136.eu-west-1.compute.amazonaws.com
ice.360yield.com
3    31.172.81.159 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
sync.bumlam.com
2    89.108.119.28 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d51802.reg.regrucolo.ru
x01.aidata.io
2    2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
an.yandex.ru
1    70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
2    2001:6d0:4001::226 (Russian Federation)

ASN52016 (ADFACT, RU)
www.tns-counter.ru
1    98.98.134.241 (None, )

ASN- ()
pixel-sync.sitescout.com
Apex Domain
Subdomains		 Transfer
87 adform.net
cm.adform.net — Cisco Umbrella Rank: 1267
track.adform.net — Cisco Umbrella Rank: 4256
s1.adform.net — Cisco Umbrella Rank: 9253
786 KB
87 ulifestyle.com.hk
skypost.ulifestyle.com.hk — Cisco Umbrella Rank: 576303
beauty.ulifestyle.com.hk — Cisco Umbrella Rank: 736032
resource01-proxy.ulifestyle.com.hk — Cisco Umbrella Rank: 458423
1 MB
72 googlesyndication.com
2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
59362a77c0aa6d870809addf552816bc.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
569 KB
57 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
cdn.adnxs.com — Cisco Umbrella Rank: 1682
ams3-ib.adnxs.com — Cisco Umbrella Rank: 6903
fra1-ib.adnxs.com — Cisco Umbrella Rank: 7940
acdn.adnxs.com — Cisco Umbrella Rank: 609
secure.adnxs.com — Cisco Umbrella Rank: 495
352 KB
56 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
ad.doubleclick.net — Cisco Umbrella Rank: 154
502 KB
37 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
beacon-fra2.rubiconproject.com — Cisco Umbrella Rank: 11698
token.rubiconproject.com — Cisco Umbrella Rank: 458
eus.rubiconproject.com — Cisco Umbrella Rank: 602
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
91 KB
28 gstatic.com
fonts.gstatic.com
3 MB
25 geoedge.be
rumcdn.geoedge.be — Cisco Umbrella Rank: 2295
wrappers.geoedge.be — Cisco Umbrella Rank: 21126
gw.geoedge.be — Cisco Umbrella Rank: 2817
1 MB
20 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 5236
ghb1.adtelligent.com — Cisco Umbrella Rank: 7260
ghb2.adtelligent.com — Cisco Umbrella Rank: 9094
ads54.adtelligent.com — Cisco Umbrella Rank: 85179
sync.adtelligent.com — Cisco Umbrella Rank: 3489
s.adtelligent.com — Cisco Umbrella Rank: 5924
29 KB
18 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 38186
hal900021.redintelligence.net — Cisco Umbrella Rank: 239187
hal900029.redintelligence.net — Cisco Umbrella Rank: 230770
hal900017.redintelligence.net — Cisco Umbrella Rank: 252096
34 KB
17 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502
ads.pubmatic.com — Cisco Umbrella Rank: 534
image6.pubmatic.com — Cisco Umbrella Rank: 823
image2.pubmatic.com — Cisco Umbrella Rank: 924
42 KB
13 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5524
csync.smilewanted.com — Cisco Umbrella Rank: 2822
static.smilewanted.com — Cisco Umbrella Rank: 9244
17 KB
13 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
795 KB
12 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
100 KB
11 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
bidder.criteo.com — Cisco Umbrella Rank: 757
17 KB
9 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
2 KB
9 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1638
cache.betweendigital.com — Cisco Umbrella Rank: 31780
6 KB
8 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1165
x.bidswitch.net — Cisco Umbrella Rank: 351
2 KB
8 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 9542
user-sync.adxpremium.services — Cisco Umbrella Rank: 12287
13 KB
8 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
3 KB
8 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598
aax.amazon-adsystem.com — Cisco Umbrella Rank: 394
73 KB
8 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
225 KB
7 media.net
prebid.media.net — Cisco Umbrella Rank: 1335
hbx.media.net — Cisco Umbrella Rank: 1337
contextual.media.net — Cisco Umbrella Rank: 691
10 KB
7 smartadserver.com
prg-apac.smartadserver.com — Cisco Umbrella Rank: 10357
sync.smartadserver.com — Cisco Umbrella Rank: 1330
3 KB
7 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1523
mp.4dex.io — Cisco Umbrella Rank: 2070
28 KB
7 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1656
google-bidout-d.openx.net — Cisco Umbrella Rank: 1665
us-u.openx.net — Cisco Umbrella Rank: 522
rtb.openx.net — Cisco Umbrella Rank: 695
u.openx.net — Cisco Umbrella Rank: 659
2 KB
6 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
ssum.casalemedia.com — Cisco Umbrella Rank: 1451
3 KB
6 vidoomy.com
vid.vidoomy.com — Cisco Umbrella Rank: 2189
vpaid.vidoomy.com — Cisco Umbrella Rank: 3034
a.vidoomy.com — Cisco Umbrella Rank: 2658
39 KB
6 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 28573
sync.aralego.com — Cisco Umbrella Rank: 3112
1 KB
6 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
1 KB
6 adlooxtracking.com
p.adlooxtracking.com — Cisco Umbrella Rank: 24339
j.adlooxtracking.com — Cisco Umbrella Rank: 13670
data00.adlooxtracking.com — Cisco Umbrella Rank: 11098
31 KB
6 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 863
id5-sync.com — Cisco Umbrella Rank: 440
70 KB
5 bing.com
www.bing.com — Cisco Umbrella Rank: 66
17 KB
5 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1462
sync.teads.tv — Cisco Umbrella Rank: 1403
1 KB
5 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 447
fonts.googleapis.com — Cisco Umbrella Rank: 31
ajax.googleapis.com — Cisco Umbrella Rank: 364
256 KB
4 adpone.com
rtb.adpone.com — Cisco Umbrella Rank: 20655
3 KB
4 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 976
bcp.crwdcntrl.net — Cisco Umbrella Rank: 887
24 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
176 KB
4 github.io
googleads.github.io — Cisco Umbrella Rank: 65115
31 KB
3 bumlam.com
sync.bumlam.com — Cisco Umbrella Rank: 3997
2 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 592
1 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
2 KB
3 33across.com
ssc-cms.33across.com — Cisco Umbrella Rank: 923
lexicon.33across.com — Cisco Umbrella Rank: 1497
257 B
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1601
a.ad.gt — Cisco Umbrella Rank: 1844
4 KB
3 andbeyond.media
rtbpass.andbeyond.media — Cisco Umbrella Rank: 48614
prebid.andbeyond.media — Cisco Umbrella Rank: 30387
190 KB
3 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
74 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
2 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
21 KB
2 tns-counter.ru
www.tns-counter.ru — Cisco Umbrella Rank: 14062
705 B
2 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 5085
741 B
2 aidata.io
x01.aidata.io — Cisco Umbrella Rank: 15037
1 KB
2 a2z.com
prod.tahoe-analytics.publishers.advertising.a2z.com — Cisco Umbrella Rank: 2576
373 B
2 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 2776
399 B
2 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 10155
2 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928
569 B
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 894
104 B
2 hketgroup.com
dw.hketgroup.com — Cisco Umbrella Rank: 183557
39 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6862
562 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
176 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
3 KB
1 sitescout.com
pixel-sync.sitescout.com
187 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 580
310 B
1 360yield.com
ice.360yield.com — Cisco Umbrella Rank: 2116
199 B
1 ck-ie.com
as.ck-ie.com — Cisco Umbrella Rank: 8668
484 B
1 otm-r.com
sync.dmp.otm-r.com — Cisco Umbrella Rank: 24816
69 B
1 adlook.me
ads.adlook.me — Cisco Umbrella Rank: 35501
328 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
140 B
1 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 15951
1 KB
1 adxbid.info
adxbid.info — Cisco Umbrella Rank: 12205
3 KB
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
429 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 3513
278 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
477 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
434 B
1 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 4948
36 KB
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4925
235 B
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1421
45 KB
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1779
10 KB
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1155
17 KB
1 hket.com
viselb01.hket.com — Cisco Umbrella Rank: 183897
673 B
1 apiip.net
rtbdemand.apiip.net — Cisco Umbrella Rank: 28377
438 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1762
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491
3 KB
729 83
Domain Requested by
78 skypost.ulifestyle.com.hk skypost.ulifestyle.com.hk
68 s1.adform.net track.adform.net
s1.adform.net
skypost.ulifestyle.com.hk
43 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
skypost.ulifestyle.com.hk
rumcdn.geoedge.be
pagead2.googlesyndication.com
2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
31 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
skypost.ulifestyle.com.hk
rumcdn.geoedge.be
30 ib.adnxs.com 5 redirects rtbpass.andbeyond.media
acdn.adnxs.com
googleads.g.doubleclick.net
28 fonts.gstatic.com fonts.googleapis.com
skypost.ulifestyle.com.hk
21 tpc.googlesyndication.com 1 redirects skypost.ulifestyle.com.hk
securepubads.g.doubleclick.net
tpc.googlesyndication.com
rumcdn.geoedge.be
16 track.adform.net hal900021.redintelligence.net
s1.adform.net
hal900029.redintelligence.net
hal900017.redintelligence.net
13 ams3-ib.adnxs.com rumcdn.geoedge.be
cdn.adnxs.com
13 rumcdn.geoedge.be skypost.ulifestyle.com.hk
rtbpass.andbeyond.media
rumcdn.geoedge.be
13 www.googletagservices.com skypost.ulifestyle.com.hk
securepubads.g.doubleclick.net
rumcdn.geoedge.be
12 cdnjs.cloudflare.com s1.adform.net
12 eus.rubiconproject.com 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
eus.rubiconproject.com
rtbpass.andbeyond.media
cache.betweendigital.com
11 gw.geoedge.be rumcdn.geoedge.be
11 cm.g.doubleclick.net 9 redirects googleads.g.doubleclick.net
11 token.rubiconproject.com 1 redirects rumcdn.geoedge.be
eus.rubiconproject.com
9 onetag-sys.com rtbpass.andbeyond.media
rumcdn.geoedge.be
cache.betweendigital.com
9 googleads.g.doubleclick.net www.googletagmanager.com
rumcdn.geoedge.be
8 hal900021.redintelligence.net 1 redirects 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
rumcdn.geoedge.be
hal900021.redintelligence.net
8 ap.lijit.com rtbpass.andbeyond.media
2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
csync.smilewanted.com
adxbid.info
8 ads.betweendigital.com rtbpass.andbeyond.media
ads.betweendigital.com
vid.vidoomy.com
8 cdn.jsdelivr.net skypost.ulifestyle.com.hk
securepubads.g.doubleclick.net
rumcdn.geoedge.be
8 resource01-proxy.ulifestyle.com.hk skypost.ulifestyle.com.hk
7 csync.smilewanted.com rtbpass.andbeyond.media
csync.smilewanted.com
7 sync.adtelligent.com rumcdn.geoedge.be
2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
7 ads.pubmatic.com rumcdn.geoedge.be
rtbpass.andbeyond.media
vid.vidoomy.com
csync.smilewanted.com
adxbid.info
7 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com securepubads.g.doubleclick.net
rumcdn.geoedge.be
2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
6 ads54.adtelligent.com rumcdn.geoedge.be
ads54.adtelligent.com
6 prebid.a-mo.net 1 redirects rtbpass.andbeyond.media
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 www.bing.com 2 redirects 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
5 cdn.adnxs.com rumcdn.geoedge.be
5 grid.bidswitch.net rtbpass.andbeyond.media
5 hb.aralego.com rtbpass.andbeyond.media
5 prebid.media.net rtbpass.andbeyond.media
5 rtb.adxpremium.services rtbpass.andbeyond.media
5 bidder.criteo.com rtbpass.andbeyond.media
5 hbopenbid.pubmatic.com rtbpass.andbeyond.media
5 fastlane.rubiconproject.com rtbpass.andbeyond.media
5 mp.4dex.io rtbpass.andbeyond.media
5 prg-apac.smartadserver.com rtbpass.andbeyond.media
5 prebid.smilewanted.com rtbpass.andbeyond.media
4 pixel.rubiconproject.com googleads.g.doubleclick.net
csync.smilewanted.com
adxbid.info
4 acdn.adnxs.com 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
4 image6.pubmatic.com ads.pubmatic.com
googleads.g.doubleclick.net
4 fra1-ib.adnxs.com rumcdn.geoedge.be
cdn.adnxs.com
4 hal9000.redintelligence.net rumcdn.geoedge.be
4 ad.doubleclick.net 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
4 beacon-fra2.rubiconproject.com rumcdn.geoedge.be
4 rtb.adpone.com rtbpass.andbeyond.media
4 aax.amazon-adsystem.com c.amazon-adsystem.com
4 p.adlooxtracking.com skypost.ulifestyle.com.hk
p.adlooxtracking.com
4 gum.criteo.com 2 redirects static.criteo.net
rumcdn.geoedge.be
4 id5-sync.com cdn.id5-sync.com
rtbpass.andbeyond.media
4 www.google.com skypost.ulifestyle.com.hk
tpc.googlesyndication.com
rumcdn.geoedge.be
4 connect.facebook.net skypost.ulifestyle.com.hk
connect.facebook.net
4 googleads.github.io skypost.ulifestyle.com.hk
3 sync.bumlam.com 3 redirects
3 creativecdn.com 2 redirects vid.vidoomy.com
3 user-sync.adxpremium.services adxbid.info
3 x.bidswitch.net ads.betweendigital.com
cache.betweendigital.com
3 hal900017.redintelligence.net rumcdn.geoedge.be
hal900017.redintelligence.net
3 hal900029.redintelligence.net rumcdn.geoedge.be
hal900029.redintelligence.net
3 sync.1rx.io 3 redirects
3 vid.vidoomy.com 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
ads.betweendigital.com
adxbid.info
3 cm.adform.net 2 redirects googleads.g.doubleclick.net
3 a.teads.tv rtbpass.andbeyond.media
3 c.amazon-adsystem.com skypost.ulifestyle.com.hk
c.amazon-adsystem.com
3 static.criteo.net securepubads.g.doubleclick.net
rtbpass.andbeyond.media
static.criteo.net
3 www.facebook.com 1 redirects skypost.ulifestyle.com.hk
connect.facebook.net
2 www.tns-counter.ru 1 redirects
2 an.yandex.ru 1 redirects
2 x01.aidata.io 2 redirects
2 vpaid.vidoomy.com vid.vidoomy.com
2 sync.smartadserver.com 1 redirects csync.smilewanted.com
2 prod.tahoe-analytics.publishers.advertising.a2z.com c.amazon-adsystem.com
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 ajax.googleapis.com hal900029.redintelligence.net
hal900021.redintelligence.net
2 s.adtelligent.com rumcdn.geoedge.be
s.adtelligent.com
2 ads.us.e-planning.net 1 redirects rumcdn.geoedge.be
2 ssc-cms.33across.com rumcdn.geoedge.be
rtbpass.andbeyond.media
2 s.console.adtarget.com.tr rumcdn.geoedge.be
s.console.adtarget.com.tr
2 lb.eu-1-id5-sync.com cdn.id5-sync.com
rtbpass.andbeyond.media
2 ghb1.adtelligent.com rtbpass.andbeyond.media
2 i.clean.gg cadmus.script.ac
2 ghb.adtelligent.com rtbpass.andbeyond.media
2 script.4dex.io rtbpass.andbeyond.media
script.4dex.io
2 id.hadron.ad.gt cdn.hadronid.net
2 prebid.andbeyond.media skypost.ulifestyle.com.hk
2 mug.criteo.com skypost.ulifestyle.com.hk
2 dw.hketgroup.com skypost.ulifestyle.com.hk
dw.hketgroup.com
2 oajs.openx.net 1 redirects skypost.ulifestyle.com.hk
2 bcp.crwdcntrl.net tags.crwdcntrl.net
2 cdn.id5-sync.com securepubads.g.doubleclick.net
skypost.ulifestyle.com.hk
2 tags.crwdcntrl.net securepubads.g.doubleclick.net
skypost.ulifestyle.com.hk
2 www.google.de skypost.ulifestyle.com.hk
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com skypost.ulifestyle.com.hk
www.googletagmanager.com
2 sb.scorecardresearch.com skypost.ulifestyle.com.hk
2 fonts.googleapis.com skypost.ulifestyle.com.hk
1 pixel-sync.sitescout.com
1 ssum.casalemedia.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 b1sync.zemanta.com 1 redirects
1 u.openx.net 1 redirects
1 ice.360yield.com csync.smilewanted.com
1 a.vidoomy.com ads.betweendigital.com
1 rtb.openx.net 1 redirects
1 secure.adnxs.com 1 redirects
1 as.ck-ie.com 1 redirects
1 static.smilewanted.com csync.smilewanted.com
1 cache.betweendigital.com ads.betweendigital.com
1 sync.dmp.otm-r.com ads.betweendigital.com
1 ads.adlook.me 1 redirects
1 eb2.3lift.com adxbid.info
1 sync.aralego.com cdn.aralego.net
1 cdn.aralego.net rtbpass.andbeyond.media
1 adxbid.info rtbpass.andbeyond.media
1 contextual.media.net rtbpass.andbeyond.media
1 match.adsrvr.org rtbpass.andbeyond.media
1 id.a-mx.com rtbpass.andbeyond.media
1 lexicon.33across.com rtbpass.andbeyond.media
1 image2.pubmatic.com googleads.g.doubleclick.net
1 sync.targeting.unrulymedia.com 1 redirects
1 ad.turn.com 1 redirects
1 hbx.media.net 1 redirects
1 adsdk.microsoft.com rumcdn.geoedge.be
1 data00.adlooxtracking.com j.adlooxtracking.com
1 ad.yieldlab.net googleads.g.doubleclick.net
1 j.adlooxtracking.com skypost.ulifestyle.com.hk
1 ghb2.adtelligent.com rtbpass.andbeyond.media
1 a.ad.gt cdn.hadronid.net
1 cadmus.script.ac script.4dex.io
1 cdn.hadronid.net skypost.ulifestyle.com.hk
1 secure.cdn.fastclick.net skypost.ulifestyle.com.hk
1 wrappers.geoedge.be rtbpass.andbeyond.media
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 viselb01.hket.com skypost.ulifestyle.com.hk
1 rtbpass.andbeyond.media skypost.ulifestyle.com.hk
1 rtbdemand.apiip.net skypost.ulifestyle.com.hk
1 59362a77c0aa6d870809addf552816bc.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 google-bidout-d.openx.net oa.openxcdn.net
1 stats.g.doubleclick.net www.google-analytics.com
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 region1.google-analytics.com www.googletagmanager.com
1 imasdk.googleapis.com skypost.ulifestyle.com.hk
1 beauty.ulifestyle.com.hk skypost.ulifestyle.com.hk
729 149
Subject Issuer Validity Valid
*.ulifestyle.com.hk
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-20 -
2024-07-11		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.github.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-21 -
2024-03-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-09-01 -
2023-11-30		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2023-10-08 -
2024-11-05		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-09-25 -
2023-12-24		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.hketgroup.com
Amazon RSA 2048 M02		 2023-02-18 -
2024-03-18		 a year crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
andbeyond.media
Certainly Intermediate R1		 2023-11-20 -
2023-12-20		 a month crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
p.adlooxtracking.com
GTS CA 1D4		 2023-11-13 -
2024-02-11		 3 months crt.sh
*.andbeyond.media
Starfield Secure Certificate Authority - G2		 2023-02-14 -
2024-03-17		 a year crt.sh
*.hket.com
Amazon RSA 2048 M02		 2023-09-06 -
2024-10-05		 a year crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-08-12 -
2024-09-09		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-10-05 -
2024-01-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2023-10-23 -
2024-10-22		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-09-29 -
2023-12-28		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-13 -
2024-02-13		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-08-05		 a year crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-09 -
2024-12-09		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
script.ac
E1		 2023-10-31 -
2024-01-29		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2023-11-14 -
2024-02-12		 3 months crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-10-02 -
2023-12-31		 3 months crt.sh
ghb2.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-10-02 -
2023-12-31		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
adlooxtracking.com
GTS CA 1P5		 2023-09-29 -
2023-12-28		 3 months crt.sh
*.adlooxtracking.com
R3		 2023-10-03 -
2024-01-01		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
redintelligence.net
R3		 2023-10-10 -
2024-01-08		 3 months crt.sh
ads54.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-11-07 -
2024-02-05		 3 months crt.sh
adsdk.microsoft.com
Microsoft Azure TLS Issuing CA 02		 2023-10-11 -
2024-04-08		 6 months crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2023-11-19 -
2024-02-17		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-09-30		 a year crt.sh
ads.us.e-planning.net
R3		 2023-09-21 -
2023-12-20		 3 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-11-20 -
2024-02-18		 3 months crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-09-24 -
2023-12-23		 3 months crt.sh
*.vidoomy.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-06 -
2024-10-06		 a year crt.sh
r.bing.com
Microsoft Azure ECC TLS Issuing CA 05		 2023-10-18 -
2024-06-27		 8 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
prod.tahoe-analytics.publishers.advertising.a2z.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-03-21		 a year crt.sh
lexicon.33across.com
GTS CA 1D4		 2023-10-01 -
2023-12-30		 3 months crt.sh
id.a-mx.com
Sectigo RSA Domain Validation Secure Server CA		 2023-10-12 -
2024-11-10		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
adxbid.info
E1		 2023-10-07 -
2024-01-05		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.dmp.otm-r.com
AlphaSSL CA - SHA256 - G4		 2023-06-19 -
2024-07-20		 a year crt.sh
cache.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-16 -
2024-03-18		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh

This page contains 89 frames:

Primary Page: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Frame ID: C4F2F609803DECA694E8E4AEB74F7A4C
Requests: 314 HTTP requests in this frame

Frame: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0BA2CCFFE836E6C67B4BD60427C7ECF0
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=skypost.ulifestyle.com.hk
Frame ID: F4EEFEFE7B08FAD8703F3B36CD161986
Requests: 2 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: AF284A5A90CC81AACFA76ADB62D0E36B
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTTxwP6usv-bKKEDy-7HdzqH5XwbyL2LQMZwe6d5i4GNmFcNDpdOJGPZL0hDWI2KxyaRhPPb4VSMFmnm35wsn2zqPgH2wFT46G1aSAybEKP96vEDYlaRSeRzPFmaTV-VtuOJ0EQBFVHPplQSO0NeJqenRol4yD9zOHNns1pWrELhTVvZi-yAhNCh48IigzFr4qqle4UCoMauje_qV-EpUbAS-ROFacG9-airYn5nYXOTX2moBqUdjRZahKQaOgpUHu5Tckm_u2xupOqE7LKvICVGLESSzEVTdYdJ5I8ClK5dwllsMnkjk6bfLK_ESePvfo_6UEPuUZiOuyWJuV7jHCRVMvtb773JN-PrzZKA&sai=AMfl-YSNeog1zKJFOc7H4DZo2IcnsiI5nHCF7ox1W5iU9_IgxUVKkEwP0M7fadHGbtkoKabjV58ZNP9dKxCoGNr9x3dPnyxfYsCcrNZ2Ab9oNcY0zJ4Ck0VBnDPOXKBsOqQ&sig=Cg0ArKJSzMRe03aitXT5EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: A3E0A48048F2C06408B3A14F08C5EC5D
Requests: 10 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZyjWWCaATIJ1PEeOm6uB72WSwTJKu4jEqhaAqZoGPMlVaYhlg0Uhkdz8SMlmBDoUzxzDjHX5T9OglfSphrUNbzmr7zypO_oqA7vEYTZtd8J2Yrg_7HnRUFmUoq-HnfDhtBbQALkR-pnGQUGO0R-qaVsgOkJLNmgG8BNGtiX-GS4aN0Edd0moIMuznxODZkQ8e13Gdz6KFKb0MJdLfifSt5gpiKjjNiR5soE6qNPVdbR2TaOw9kiWKzx411MmlZ7fcVwi2DkDPys-UPGT3RrYLJLMhYr4SWx065fjbzHY_yqH9YErOJnHNIKHAaqNQUKukDe0stpFhkB_WjzHZxGJmnb7U6g9LNxAVVsQiOPbnGlWX4lUEV_VGBUYk3pGFzpTiMfPT40Q&sai=AMfl-YTZRDWgzHXFIspuxoHsSv4qmbOy52Xz2NeaSim-kWckWTDcuQ69sn6zjjmgKIV9rrLC8oXeCm6d9-hzzCY1PyDi32AOccnySVog3WbY-VF-aPbqEsQWOnIVPmo2Ncg&sig=Cg0ArKJSzHW2TQ29P1YiEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: F6CD687FD156AF05BEB3549573680324
Requests: 3 HTTP requests in this frame

Frame: https://59362a77c0aa6d870809addf552816bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 92927A6A92407B889F8934B99FC0ED0C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssexKtj2y-bZ3c_gPmBBJaR7D3jZkp4iAFvEwA1Wc2wAYNE-4p5-wWaSKNVaiTudasFKH-rTHh_PH8kliLC-2-raZor0zlnnEneSMWmaKM2IZq2xcuyj4wXoTMu4-EWtc__FHWIVWm0XEbQNfmRp1-kjpK-xDzwqdrWwixclScqfLwQoO8rsELvyw_OowPDsalWUGAAnTR58GaxNf48AaVj0lyVeaQYB6i1zZ6qXn7wQTglgkQxvppUDmmuVqne4TYyPiBIJMuEacUpoPKOrXKIJ0X1QkrVAgS8ZmpkxZ7aPLwTGfxI9j5VcqkotBD7X-P4u0jKMIwcrJrt_1oFSDOC9MB2FuMzotWA1H_aM4sPu6WBbMs&sai=AMfl-YRtyHi0is4uO7w4EuDt6Q_MfRhEjTDZ6H0_2eA97rrvBswqP_syx9K_c_sN5FsFNVChZN9b3tvwIqN2oAd2T76bT4WjvIl-l0owaAnJKsaHPopDEv_r78_lhEjVWGs&sig=Cg0ArKJSzGk6L8Ctyjf1EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 9F117847435B99185A9BAACBD3A3CDE8
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D426305604100813%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df31efd63895b2f8%2526domain%253Dskypost.ulifestyle.com.hk%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fskypost.ulifestyle.com.hk%25252Ff7ed60b65cfc04%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FSkyposthk%252F%26locale%3Dzh_HK%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26width%3D300
Frame ID: 507E7AAB436C57AE34E3CDAC0DE24083
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 622B61C6D21D1E48D31106BD189CD700
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2D4CDDF787FC2489BF0A04B899FEC184
Requests: 2 HTTP requests in this frame

Frame: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DB53D91CE6DFE247483BAB7B94733407
Requests: 9 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/grumi.js
Frame ID: BC25E5A8A92BBC19FFB14AF8DD4EBD27
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDo-4rWBRi2u8P-ATAB&v=APEucNVQdRjMfsItx3ZnIYL8YcuABZePQR6Z2BZJ9_Fs0QDnBukhDx6qyM4h7oOsFacbh8LG_lx1gwmOaxraUqaaNGiVfmZcUbOj39a_1pUfRJEr-bpWeOzY5xjjio1wM1gPgP1LT3j6IfPA2juqFmFaxDY3ZIDvqVXrqHctqFEFjM7ZuHFPATQ
Frame ID: F062A980BB3619C414C87DC60BBD156E
Requests: 3 HTTP requests in this frame

Frame: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 98F07774EC05DAAA44BEBDF780A872B6
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1E5901CB2193E07475742301721E38B9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 88816D885AEEFF9DAE8BBC760DB1E6D6
Requests: 2 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/grumi.js
Frame ID: 5122EB1494619FAC776F39B1E548B7DC
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 35A7B824412F1FCC2524F27C203BB595
Requests: 3 HTTP requests in this frame

Frame: https://adsdk.microsoft.com/native-to-display/sdk.js
Frame ID: 55712EC7029236F7FCF9304B494BA683
Requests: 9 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: E33C8F4AB59EDEEBE822A4104F2B97E8
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 3935A30B798A9141B524275500DE4D25
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: C950DDC2F5A5699A1BC77292BCC53A23
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 626A3C9ED27E003B5CCE76180F7AE241
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: D9E8F04676B35EEDF28598AA564D6E25
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA
Frame ID: FDBBCA1032FD7B3860F0DED46CAC870B
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: A4EA9BEA5F46D283D503411ABF04E643
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11924&pub_id=1929161
Frame ID: 6BE4425A8DCAEB1A27CED8967C48C098
Requests: 3 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync/?aid=755289&gdpr_source=none&refer=https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Frame ID: 28DCA100FD94ED52BFB2E335D454A300
Requests: 1 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync/?aid=651796&gdpr_source=none&refer=https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Frame ID: 1CE79B3E84CF203331E8A69B7D254BD7
Requests: 1 HTTP requests in this frame

Frame: https://hal900021.redintelligence.net/request_content.php?s=95876400007913810115215012517021&a=59e208ba
Frame ID: 0294FB640E12C4BD0902756515A5082E
Requests: 9 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 6A55905F7320DD1E538D023D47BC9DE8
Requests: 3 HTTP requests in this frame

Frame: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7782E7E9B645E86FC165255F8C38CC34
Requests: 9 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/169192/13883523/13883523.js?ADFassetID=13883523&bv=258
Frame ID: 896BC48671D66A67A916AE7BFB0EC2E1
Requests: 18 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/grumi.js
Frame ID: 04ED29C999A87C1D388F117631DCB47E
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDo-4rWBRj5ucP-ATAB&v=APEucNXD4NVE7qER5Khy5levxHJthh7YJPT8Pqp6QUwQ3rIrkNf5e-RNGzeN__GCEeUjg5GIDKRGUKjma04KQK7HsmHsw-tgG77_vVKp8XHbKDhfoqSF8dMAfzr7pNVza8jr_ewk7VYQpE7zz2OHBAklL1pCHxdkSrvCTZNPnRpi87LhySb0NpE
Frame ID: 0D9CBF0D14ED715D64E94F648A90F8D4
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 5385F09EA4714AE59A2F3130068B44FB
Requests: 3 HTTP requests in this frame

Frame: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F0CAFFB3DF7946324165D30DC653315F
Requests: 10 HTTP requests in this frame

Frame: https://hal900029.redintelligence.net/request_content.php?s=62741700009923110115217012517029&a=73ab8b0b
Frame ID: 4B8B5D22628DF850345D615660F030F1
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 9BB8C088F1CCE6464E6321A887C62F6B
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=2725&pub_id=2192392
Frame ID: BB505426756AD166F2E5F7E877262D5A
Requests: 3 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/grumi.js
Frame ID: F66C2ED2BB39152D62D076EEEB88290F
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDo-4rWBRi2u8P-ATAB&v=APEucNVXdWLlheGzqwhNDsKuJmkAbCvqukU_KriF9lH7A_tIBP3rw1uvc5GeZr1RzxwDBT0MPtQnF5B_D8t0JuZndjaYS-6WlXadbAWFdMDn4ADDVJoBDAUoJEFQ8feSMLL4B2OjO_Vfj8hWKEvll7xevrCjdR3Nz8u93C4Pmz3x7HcDUMmwUI4
Frame ID: A823E45220D23F76912A56632123AE15
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: C67F737A6EB73FCE9FA9FD208E74B4DE
Requests: 3 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/169192/13883522/13883522.js?ADFassetID=13883522&bv=258
Frame ID: A009E90690004FBD78A8280E1F5CAD06
Requests: 18 HTTP requests in this frame

Frame: https://hal900021.redintelligence.net/request_content.php?s=28959000007914310115215012517021&a=75cc0569
Frame ID: 9C71989F71D3FD2321F47F63848E75E0
Requests: 12 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: D5503F31048A40DE4490B3449D0781E6
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=2725&pub_id=2192392
Frame ID: A45AEA0F956B104BC53A6FE73ABAF9B7
Requests: 3 HTTP requests in this frame

Frame: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CF2F6EBE14F0936C111AC3E6C2E62026
Requests: 8 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/169192/13883586/13883586.js?ADFassetID=13883586&bv=258
Frame ID: 5405E66960CAC8C48B5619549EDC25F3
Requests: 18 HTTP requests in this frame

Frame: https://rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/grumi.js
Frame ID: CFE2E86EC989456A4AD6D1DD61E18EA9
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDo-4rWBRi2u8P-ATAB&v=APEucNX0t_P925DjrQVSduGBR5nWH2R0nNrqac_ZUGf7VJAYDxuwfw7-DRCRl6LGLlAWuTAGyfV3Raf99d4oMqWni7LMpKMtmId0Aj6Si1fyqh9u7avLskAjsqpYv7-LSuYUEVnL02wncriuEhXwNOsMFWe-K7PiNVw4aKTnuaznDkh8XMwDG8U
Frame ID: 5D0DC8EC229878D24543DBDC86AA36D0
Requests: 5 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=skypost.ulifestyle.com.hk
Frame ID: CC0B128653261FB0CD663BBA892D473F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 7DFEFF7B69B65B07B21A04ADFFEFA561
Requests: 3 HTTP requests in this frame

Frame: https://hal900017.redintelligence.net/request_content.php?s=40274000008132010115215012517017&a=c7ed6972
Frame ID: 42B8BD6BC8AC7FC9A201237AFE02C42D
Requests: 8 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 5AD4F4B2F3CE4163578803EBB9A21748
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=2725&pub_id=2192392
Frame ID: 1D5B6098614B9F45A77FA891AC7EAD81
Requests: 3 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/169192/13883523/13883523.js?ADFassetID=13883523&bv=258
Frame ID: E954F8C2B5B2BE3195C2D3AC906F636F
Requests: 18 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 3C95CB7F4FDCA34899F053D89804DF57
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: D541010A163267122EBB501AC4ADBFBC
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156181
Frame ID: D03A0EB0D92B3461DC16102C0E5CC2EF
Requests: 2 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: 018D95C9FCB0C793E827CB186EC016F2
Requests: 1 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: D73BEC2606138215BA36EA114ADF1C9D
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: 1B446FB5190CB27CCEAABC75F5F4DE5A
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/sspmatch-iframe
Frame ID: 12C95BC938D47DE22D9FEF5F0A21EEA5
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 9BADE4C63BB677AE3DFAD47A4AAC4B78
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Frame ID: 9C5F5B70F54C1115EF3D64CE586AE511
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700709771558
Frame ID: 6502FF3EE6D0DDDC203B4CBDE5CB74B6
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: 60B72A97684A0C403CBFC3796ED26A9F
Requests: 2 HTTP requests in this frame

Frame: https://ads.betweendigital.com/match?bidder_id=261&external_user_id=3ced02bbfa54884d803382ed9c503c87
Frame ID: 29594AF0748236DDE247DE8D4F7DE5AF
Requests: 4 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=bdd746a0-3761-5347-bd5f-654dd801a0c6&CACHEBUSTER=528852
Frame ID: 4ACAA0182260C55FE1B25B34E831F97B
Requests: 5 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 4A8B67B67F9D5A6F7CCF1903BF80EC74
Requests: 1 HTTP requests in this frame

Frame: https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Frame ID: D282EB2FCA9D975A44D18772B4AFEBFA
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/appnexus/7991369511556427666
Frame ID: 59093E8654540526FF7BFBC86643A12D
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Frame ID: 97FF50F816B61EEEC6E3E8B7D2BAEF2B
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=vidoomy&tc=1
Frame ID: 8B225ED330C8D4EB4FC12BC6CC7E15E7
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156498&gdpr=0&gdpr_consent=&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%28PM_UID%29%26vid%3D3ced02bbfa54884d803382ed9c503c87%26dspid%3Dpubmatic
Frame ID: 51993F63992495EC979F0EAF7ED8FE4B
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 4633D57B17BD77D39C61A74743EBB272
Requests: 1 HTTP requests in this frame

Frame: https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
Frame ID: 40764096452424C7DE1CAA2DA1F69653
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/openx/616f06e0-2797-49ff-ba2a-95923d216a5a
Frame ID: 6BFC3022517C73DE37999383960C2028
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: EB66E941CF81137E52284872AC97D2E1
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/1733395365844718848
Frame ID: 3536B3C75BF7C86E8718174ADF81974E
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Frame ID: 19333FF54D4BD58BA5E8D8C0AC7A4638
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/O9PgoLLdutX1EnVaEu_zbQIZvLhh2P0J6W8kHUk7-m8?pi=smilewanted
Frame ID: 64942D3FA782EDB2E7153F726DE012B8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: FBBB471997CD4B9FD8C80C0E97119CD3
Requests: 3 HTTP requests in this frame

Frame: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Frame ID: 349F7EE1C5D72593B9A75DCEC34A5ACF
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Frame ID: A84B77CDC4C14717033C74184E1AEAB4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 327590A814D9E73AE51358A75641AFF0
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156498&gdpr=0&gdpr_consent=&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%28PM_UID%29%26vid%3D3ced02bbfa54884d803382ed9c503c87%26dspid%3Dpubmatic
Frame ID: A5A68017F23E90C7D992A1A3C37D9784
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

香港珊瑚|WWF夥中大拯救珊瑚碎塊成功 復育存活率達97.5% - 晴報 - 時事 - 要聞 - D221026

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • /flickity(?:\.pkgd)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?slick-theme\.css
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

729
Requests

96 %
HTTPS

39 %
IPv6

83
Domains

149
Subdomains

125
IPs

13
Countries

10621 kB
Transfer

24245 kB
Size

73
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 139
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&rid=esp&cc=1
Request Chain 143
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=ulifestyle.com.hk&sn=ChromeSyncframe&so=0&topUrl=skypost.ulifestyle.com.hk&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=ZudaX3xTbmhidE1TdEV0a2x0aFgxVEhqRlovaDJ4WEJyMXRWQ01SZHZxRWpsZm44aDluRTJuaXQzU2ZzVllrTzh4RkFsZTZ5TmNjSUpKaUhDN0xobFY0Zmptd2hLbExrT3p6OUlXdEpwNUFjRlBmOW0rRThEOG5mNGgzUFMxZXliT3BNTmJOUG1iRWlNemJJMUl1N3hZbk9uMkl4QVFHSHpUZk9Xd25HamEwS1owVEs3UjYrSW1SQlVUdDhyU25nVXdqSjV2SWZrTW52TVp3a3NkZ3VRUnFpWHVOc09NMjlyYk1pQ3h2Tkl1Y3NEMG1vV3NMbExrWUFwL0Qwa09ERWo3dmFKYXptZnRVc2JTT0xWMjVkVFlzdWgzRVpYclVxWTR4TWxybGtrMTVRSENUMD18&cppv=2
Request Chain 150
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgODZm-iiqwEQARgBMgjl9qfJdW9uiA HTTP 301
  • https://tpc.googlesyndication.com/simgad/8589677390378230112
Request Chain 181
  • https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=false&app_id=426305604100813&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31efd63895b2f8%26domain%3Dskypost.ulifestyle.com.hk%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fskypost.ulifestyle.com.hk%252Ff7ed60b65cfc04%26relation%3Dparent.parent&container_width=300&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FSkyposthk%2F&locale=zh_HK&sdk=joey&show_facepile=false&small_header=false&width=300 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D426305604100813%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df31efd63895b2f8%2526domain%253Dskypost.ulifestyle.com.hk%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fskypost.ulifestyle.com.hk%25252Ff7ed60b65cfc04%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FSkyposthk%252F%26locale%3Dzh_HK%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26width%3D300
Request Chain 303
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm HTTP 302
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEAdRjtZ6vQedt7_a0w9-NL4&google_cver=1
Request Chain 304
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm HTTP 302
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGBc689LQU2E8YYXkmyHEPI&google_cver=1&adform_v=1
Request Chain 331
  • https://hal900021.redintelligence.net/request.php?zone=6xonarohpn0t&nw=20&renderingType=javascript&namespace=2af7c6bc09&subid=&uid=3475745d5eb3db75&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB75Ri8VeZa3_JLyGnsEPjMy84APk4MuvdO2h_oj5EfYuEAEgur7wFmCVkqqCsAfIAQmpApkrUezPQ7I-qAMByAObBKoEnwJP0EeMSV3Pye0s0WCBu2aZ6DMKxjP0-i1Qbxy6VIaitvDU-QvZ6IbVuBODj8MtH5PAEspUYuq9TXuAnOd6PVmRGQywu7lXguH1qSe9UoDV1TBEwd9aLmqaihSH8qRe4ei2-_Olflm57-24Mag8MuL2zqORyOvhu_q9BaIdZHhlJExx6Ap80ulBIdRyb4DWiG_lHvLLrG41f9sdSYvZ2MMOsxUkDhoTWiYdECxjF7wJbAplrXDm7gWW_-cpdk_uC2Vbf1TGYtBxyqe5kmRQMo7_AB5mghCTiOFsg0VmFPXimk250LgNbMc3OMuLJDL7f0zWVjZFclaawup9ajlWgIQe2vq0F5PxVmdMFYGNt-Au5HP9QK5rWvYxd-W_WCV1A8AEidGXiLwE4AQDiAXi8Jy1TZAGAaAGTYAH39qGogWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhfMgKqAjoCgEBIvf3BOvIIH2JpZGRlci14YXBpOjMwMjU2NDozQ2RodWt5NGZ5S2uACgSYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATlcvJFdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSMgDICaaN34-ukyDIEjhtaW8udZe_xW23-M6P88tdFXwA4SbdxgUNTqk1Pe7mi3R3AX9DGAE%26sig%3DAOD64_0jPztKvKDEzMSrJfHGYPyHscv-Eg%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-CAZ_z7oq0NAuUl24Wb09RSMYd36qxByIR07cunYHFU8AzVGgE6aEljlp3qv8CN-neuygmksV28P_jE-RWuLFkvlDUAvgxKhzzMGZ0AZMrahSjINZfWmxBJFpZ7aDC0GPWOREeEr_mSHKTDz2dfeoCBdPxiNrcmt2VNDB-iHI2Trf3kwEE%26cry%3D1%26dbm_d%3DAKAmf-B_p3GdUfSGFC6e6P7ddQWgQzMQ_H-TvP6yIr8zcqOPkoF5L6g8zJ5M-0pQzVi55okXD5E7lF1a73IA-xJBYgwIuHcuDRuzWOm-nYzp2JT2iJyrdC5Z9f08NvcHSj1fPtBLhsR1dTVSYoCDS6Sdf34V149Ixz8uKfR817qbW8HjNIR5GIZX-l4OPDkqHV1_Qycd5e-cl74Cli9x1PEK6zdfXPWtHS8A-Qs2c1oW_YUHGPW5MbTnstLUhGqb-4n02_3IUHfE9WZUQYwu39NTfq94fkxW54645uELZE-mkpEZ7ai9omf5QhHlEIe7At2vtT_8tU1t9fpftlJiGISjmAFknk6jiMfm-gZ65UWdbinbYW52kG3U32-i_iMU4hikWLLmp9QYlbafRfMcgCvoCCepCTpyEkIJDPPEAV4LbspPKKUV12BPl8J_3WFgQSFNeuIGYuzwssABBojD2X43EVa_lm0HvOeDzQnQp_h3_-q-0I0wclwRGmFtnJLr6yb5mUnZrxJEMxc4ljQaAymMXoH-ryb59WI0fIoN2zgoT-zBYkMHNEk4fGPPQn7fFr8n0qrLrPqVD7xtuHvKzxhNX_2LarIhsg%26adurl%3D&documentReferer=https%3A%2F%2F2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fskypost.ulifestyle.com.hk&random=4448063797848&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900021.redintelligence.net/request.php?zone=6xonarohpn0t&nw=20&renderingType=javascript&namespace=2af7c6bc09&subid=&uid=3475745d5eb3db75&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB75Ri8VeZa3_JLyGnsEPjMy84APk4MuvdO2h_oj5EfYuEAEgur7wFmCVkqqCsAfIAQmpApkrUezPQ7I-qAMByAObBKoEnwJP0EeMSV3Pye0s0WCBu2aZ6DMKxjP0-i1Qbxy6VIaitvDU-QvZ6IbVuBODj8MtH5PAEspUYuq9TXuAnOd6PVmRGQywu7lXguH1qSe9UoDV1TBEwd9aLmqaihSH8qRe4ei2-_Olflm57-24Mag8MuL2zqORyOvhu_q9BaIdZHhlJExx6Ap80ulBIdRyb4DWiG_lHvLLrG41f9sdSYvZ2MMOsxUkDhoTWiYdECxjF7wJbAplrXDm7gWW_-cpdk_uC2Vbf1TGYtBxyqe5kmRQMo7_AB5mghCTiOFsg0VmFPXimk250LgNbMc3OMuLJDL7f0zWVjZFclaawup9ajlWgIQe2vq0F5PxVmdMFYGNt-Au5HP9QK5rWvYxd-W_WCV1A8AEidGXiLwE4AQDiAXi8Jy1TZAGAaAGTYAH39qGogWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhfMgKqAjoCgEBIvf3BOvIIH2JpZGRlci14YXBpOjMwMjU2NDozQ2RodWt5NGZ5S2uACgSYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATlcvJFdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSMgDICaaN34-ukyDIEjhtaW8udZe_xW23-M6P88tdFXwA4SbdxgUNTqk1Pe7mi3R3AX9DGAE%26sig%3DAOD64_0jPztKvKDEzMSrJfHGYPyHscv-Eg%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-CAZ_z7oq0NAuUl24Wb09RSMYd36qxByIR07cunYHFU8AzVGgE6aEljlp3qv8CN-neuygmksV28P_jE-RWuLFkvlDUAvgxKhzzMGZ0AZMrahSjINZfWmxBJFpZ7aDC0GPWOREeEr_mSHKTDz2dfeoCBdPxiNrcmt2VNDB-iHI2Trf3kwEE%26cry%3D1%26dbm_d%3DAKAmf-B_p3GdUfSGFC6e6P7ddQWgQzMQ_H-TvP6yIr8zcqOPkoF5L6g8zJ5M-0pQzVi55okXD5E7lF1a73IA-xJBYgwIuHcuDRuzWOm-nYzp2JT2iJyrdC5Z9f08NvcHSj1fPtBLhsR1dTVSYoCDS6Sdf34V149Ixz8uKfR817qbW8HjNIR5GIZX-l4OPDkqHV1_Qycd5e-cl74Cli9x1PEK6zdfXPWtHS8A-Qs2c1oW_YUHGPW5MbTnstLUhGqb-4n02_3IUHfE9WZUQYwu39NTfq94fkxW54645uELZE-mkpEZ7ai9omf5QhHlEIe7At2vtT_8tU1t9fpftlJiGISjmAFknk6jiMfm-gZ65UWdbinbYW52kG3U32-i_iMU4hikWLLmp9QYlbafRfMcgCvoCCepCTpyEkIJDPPEAV4LbspPKKUV12BPl8J_3WFgQSFNeuIGYuzwssABBojD2X43EVa_lm0HvOeDzQnQp_h3_-q-0I0wclwRGmFtnJLr6yb5mUnZrxJEMxc4ljQaAymMXoH-ryb59WI0fIoN2zgoT-zBYkMHNEk4fGPPQn7fFr8n0qrLrPqVD7xtuHvKzxhNX_2LarIhsg%26adurl%3D&documentReferer=https%3A%2F%2F2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fskypost.ulifestyle.com.hk&random=4448063797848&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 339
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=cae221c9-d02e-4166-a7a0-32a32837e08c&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=a0405d62-d2da-43b6-a8c9-d6bce4521b35&rlink=https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4d096e264a8846d4a053c69796dba83b&SNR=1&GV=2&med=10&rtype=miFeedbackURL&tagId=20781330&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_p2f_cp&aid=8697805339435256301&wp= HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0
Request Chain 344
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Request Chain 347
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent=&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D754412%26extuid%3D%3Cvsid%3E HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA
Request Chain 350
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D751004%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=7991369511556427666
Request Chain 351
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7991369511556427666
Request Chain 352
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1700709772992 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5482957649 HTTP 302
  • https://sync.1rx.io/usersync/turn/9174116025982367635?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-ac98bcf3-e919-4e26-b540-51c6d66e7382-003?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-ac98bcf3-e919-4e26-b540-51c6d66e7382-003 HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-ac98bcf3-e919-4e26-b540-51c6d66e7382-003
Request Chain 353
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7991369511556427666
Request Chain 354
  • https://prebid.a-mo.net/cchain/0?gdpr={GDPR_APPLIES}&gdpr_consent={TCF_CONSENT_STRING}&us_privacy=&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310531%26gdpr%3D0%26gdpr_consent%3D%26gpp%3D%7Bgpp%7D%26gpp_sid%3D%7Bgpp_sid%7D%26extuid%3D HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=310531&gdpr=0&gdpr_consent=&gpp={gpp}&gpp_sid={gpp_sid}&extuid=
Request Chain 356
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=7991369511556427666
Request Chain 467
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKh7XOmaSYAyynqF7a90JTQ&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKh7XOmaSYAyynqF7a90JTQ&google_cver=1&C=1
Request Chain 468
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV7FjXUo5XrhCi9yEsUUZwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKh7XOmaSYAyynqF7a90JTQ&google_cver=1
Request Chain 469
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIGXYpHwiXIcbxOQsUKv_fc&google_cver=1
Request Chain 470
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk5MTM2OTUxMTU1NjQyNzY2Ng%3D%3D
Request Chain 479
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=cae221c9-d02e-4166-a7a0-32a32837e08c&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=a0405d62-d2da-43b6-a8c9-d6bce4521b35&rlink=https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=4d096e264a8846d4a053c69796dba83b&tids=15000&med=10&rtype=mvFeedbackURL&tagId=20781330&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_p2f_cp&aid=8697805339435256301&wp= HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv
Request Chain 512
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFmbb_dfnqjGbHrJDPaEMHk&google_cver=1
Request Chain 513
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjhkMjc1ODQyNjg0ODRiNWIyMTNkMjA4ZWRlNGJjZGIwNmVlY2IzZg
Request Chain 514
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECLl1A-nSt6aXMnAkr1qpbA&google_cver=1
Request Chain 604
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEG8VBioXQ4feh9r3SnQudXg&google_cver=1
Request Chain 606
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEHqfw-MIJycIb31U4vNCMVM&google_cver=1
Request Chain 613
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ulifestyle.com.hk&sn=ChromeSyncframe&so=3&topUrl=skypost.ulifestyle.com.hk&bundle=bXmsI19WJTJGOEVKc1hQZVRxSHRYNEFDWUJQS2hsa1owQmc4ViUyQllaWmhRUUVlU2cxNGs0MU0wUGJkWkNTV3pvS05VaEM0ME13dkkxZVN0YjRJSUQ4WHhEbUZiZFlFVG9aeExYN09SamZRWmJBdlZXdm1sSzFTa1RlUEFXeFBYMVRpVCUyRmwzTXJEOWh5OTUlMkZLTVZCJTJGU0dPcUUyQk1GSks3TlpKTTVSRlI2UHJtUDIlMkJmcTQlM0Q&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=6RE-Pnx2OEpmLzBKWm14Q3Bkam5jMlVoS1ppY1d2SGE3ZmdCNm1Eb0hPZ1NubVROVEUrUWJtZGVTWUNuUzB3cVJWekw3WStuOVNZcHp1Y2lxV3Yxb2s0ZE53NEhqY1dDcE5UMStzL0xVUnVsczJ6NjR2SFZlY294V1N3RytkM0VPRTB6OVZqbjN6WXdNUkxXU0lnNkJhOFF5aFNGQXRjNFpENlhnUTlpMkJ1UnhqUDg5UlZpaGcrZmhVVE1qeWN3eUhydTA1SE1ucEE3cllOL0pHM3lvTEtsYy91TGhVWjhYZlNWeHVjSzNDZWFvd0I2bjZvWWVXQVQySEtJVUIwWEJqTVRqQU9mdnNHY0ZkY2VTOEE5ZmNBTTRZUm1qNGhEU1Z6c09hUy9pWFBFNnBldz18&cppv=2
Request Chain 694
  • https://ads.adlook.me/csync?pid=btw&uid=bdd746a0-3761-5347-bd5f-654dd801a0c6&url=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D128%26external_user_id%3D%7BuserId%7D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=128&external_user_id=c35ec95f65804c109a2a3f1f973fb0fb
Request Chain 699
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=ef5c97d7a18e92db0aeb60901392f0ca092c2cab518510a5a60df3835cbf0ade
Request Chain 701
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Request Chain 703
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/7991369511556427666
Request Chain 705
  • https://creativecdn.com/cm-notify?pi=vidoomy HTTP 302
  • https://creativecdn.com/cm-notify?pi=vidoomy&tc=1
Request Chain 707
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3D3ced02bbfa54884d803382ed9c503c87%26dspid%3Dopenx HTTP 302
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=fdfb4bb9-ae6d-4488-97d3-926bc2c600a5&vid=3ced02bbfa54884d803382ed9c503c87&dspid=openx
Request Chain 710
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/openx/616f06e0-2797-49ff-ba2a-95923d216a5a
Request Chain 713
  • https://sync.bumlam.com/?src=aid0 HTTP 302
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARiRi_uqBqIBEJkVCNSJrxHuu7EAJZDIJDc* HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=991508d4-89af-11ee-bbb1-002590c82437 HTTP 302
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=991508d4-89af-11ee-bbb1-002590c82437&bounce=1 HTTP 302
  • https://sync.bumlam.com/?src=aid1&uid=Xn3G7KlJ3ZG9S%2FKtwA%2B3iA& HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/991508d4-89af-11ee-bbb1-002590c82437 HTTP 302
  • https://an.yandex.ru/mapuid/adsniperis/991508d4-89af-11ee-bbb1-002590c82437?redir-setuniq=1
Request Chain 714
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/1733395365844718848
Request Chain 715
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Request Chain 716
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/O9PgoLLdutX1EnVaEu_zbQIZvLhh2P0J6W8kHUk7-m8?pi=smilewanted
Request Chain 717
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Request Chain 720
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZV7FjXUo5XrhCi9yEsUUZwAA%265125
Request Chain 722
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/528852 HTTP 302
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/528852
Request Chain 729
  • https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID HTTP 303
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=1733395365844718848

729 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request %E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
skypost.ulifestyle.com.hk/article/3384147/ 		178 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
b0472a3f1e3690d27e55c538fcbb9aad5a347bf67964db23bf26affcffd0c035
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains max-age=0 ; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Language
de-DE
Content-Type
text/html;charset=UTF-8
Date
Thu, 23 Nov 2023 03:22:47 GMT
Keep-Alive
timeout=5, max=100
Strict-Transport-Security
max-age=0; includeSubDomains max-age=0 ; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Frame-Options
SAMEORIGIN
vendor.css
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/vendor/ 		148 KB
27 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/vendor/vendor.css?23.11.2023
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
3579b5f61efadbc1ef7cee42628caac5ad2e314a6e2c2ff67bd89c4bf97be93d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:48 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:26 GMT
ETag
"24e45-60567d5bd7e80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
27139
Expires
Sat, 23 Dec 2023 03:22:48 GMT
animate.css
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/animate.css?23.11.2023
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
88482abc9062de636b1f0345a30a113baa960c95ecad5ccd68dcdd24d3e61578
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:48 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:15 GMT
ETag
"4223-60567d515a5c0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2600
Expires
Sat, 23 Dec 2023 03:22:48 GMT
skypost-global.css
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/ 		59 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/skypost-global.css?23.11.2023
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
8934b8eaad0f0c45e00dc686a235a2bbab2ef3a5f608432fdfe162c3615a7f36
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:48 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:16 GMT
ETag
"ecc6-60567d524e800-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
10455
Expires
Sat, 23 Dec 2023 03:22:48 GMT
skypost-index.css
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/skypost-index.css?23.11.2023
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
8c7a896dc17a31632c176055c8c12292ea2f7734f12c216e10c46c4e22306ed6
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:48 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:16 GMT
ETag
"2dc0-60567d524e800-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2521
Expires
Sat, 23 Dec 2023 03:22:48 GMT
slick.css
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/vendor/slick/css/ 		1 KB
1008 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/vendor/slick/css/slick.css?23.11.2023
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
0fa1b03ec2913e314e77600cd518cb679b567dd36e7d0fb943293ce784115329
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:48 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:57:03 GMT
ETag
"5b7-60567d7f211c0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
575
Expires
Sat, 23 Dec 2023 03:22:48 GMT
flickity.css
skypost.ulifestyle.com.hk/store/prod/iskypost/res/external/flickity/v2.0.2/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/external/flickity/v2.0.2/css/flickity.css
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
fb71b2536fbce123e9c15210c23cc0770bb48c42ac882c179a58af406fc96b49
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:48 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:59:32 GMT
ETag
"9db-60567e0d3a100-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
782
Expires
Sat, 23 Dec 2023 03:22:48 GMT
style.css
skypost.ulifestyle.com.hk/store/prod/iskypost/res/css/ 		39 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/css/style.css
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
591cdb9ff82d46b2c77dd3c4a260bc38b0e03d2303f86f3ac7805c3efe958109
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:48 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:59:22 GMT
ETag
"9afd-60567e03b0a80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
7566
Expires
Sat, 23 Dec 2023 03:22:48 GMT
toastr.min.css
skypost.ulifestyle.com.hk/store/prod/iskypost/res/css/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/css/toastr.min.css
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
bdec07be87624bf832e58245e2271d99614d6e7aa53ca93be3a5dc1dc31a30e8
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:48 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:59:22 GMT
ETag
"1795-60567e03b0a80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2765
Expires
Sat, 23 Dec 2023 03:22:48 GMT
member-profile-v1.css
skypost.ulifestyle.com.hk/store/prod/iskypost/res/css/ 		1 KB
956 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/css/member-profile-v1.css
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
dc2daaaf4aedb4c54424c6dc28ef35ca8d13287d8803e9a85f82fc94b2eaa5e3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:48 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:59:22 GMT
ETag
"4d5-60567e03b0a80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
524
Expires
Sat, 23 Dec 2023 03:22:48 GMT
jquery-1.12.4.min.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/external/jquery/v1.12.4/js/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/external/jquery/v1.12.4/js/jquery-1.12.4.min.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:48 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:59:33 GMT
ETag
"17b90-60567e0e2e340-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
33769
Expires
Sat, 23 Dec 2023 03:22:48 GMT
expandsearch.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/js/ 		1 KB
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/js/expandsearch.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
07890ffc57807cc06abe9b7de4172a47c4a80dbdeb02eecab7f84011d0771a21
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:49 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 16:00:16 GMT
ETag
"48c-60567e3730400-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
425
Expires
Sat, 23 Dec 2023 03:22:49 GMT
flickity.pkgd.min.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/external/flickity/v2.0.2/js/ 		53 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/external/flickity/v2.0.2/js/flickity.pkgd.min.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
bf703d837e57eb052a5c46857c403b146016c528668431a67ac6a43e9239ba56
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:49 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:59:32 GMT
ETag
"d32b-60567e0d3a100-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
13607
Expires
Sat, 23 Dec 2023 03:22:49 GMT
isp-previous-news.css
skypost.ulifestyle.com.hk/store/prod/iskypost/res/css/ 		2 KB
771 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/css/isp-previous-news.css
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
30eabcc9d1eed3e9c7e8da61b10e876fc049dc80193c1071e7edcfd0cb2b780b
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:48 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:59:22 GMT
ETag
"73c-60567e03b0a80-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
339
Expires
Sat, 23 Dec 2023 03:22:48 GMT
ga4.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/detail/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/detail/ga4.js?23.11.2023
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
778226065a9d1a1143cdf6ca00554eab008d3868996bb06f5900371146b715db
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:49 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Wed, 11 Oct 2023 03:54:30 GMT
ETag
"3626-60768c7c78980-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
3128
Expires
Sat, 23 Dec 2023 03:22:49 GMT
js.cookie.min.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/detail/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/detail/js.cookie.min.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
70e166b1b965e929f57322d0f3f852976912ddb24f95d3216d3aa377d81e2f6c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:49 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:50 GMT
ETag
"7eb-60567d72bb480-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
1109
Expires
Sat, 23 Dec 2023 03:22:49 GMT
bootstrap.css
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/detail/ 		395 KB
28 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/detail/bootstrap.css
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
8d1edcfc7cc1f7bdc817b465496ba9fc6b9a17888a6714c7bc0a2843465aae35
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:48 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:27 GMT
ETag
"62b5c-60567d5ccc0c0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
28291
Expires
Sat, 23 Dec 2023 03:22:48 GMT
skypost-article.css
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/skypost-article.css
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
b16d509bb6b3deef1c00b6248347968aa2e30b77cbaf9393c151684c9fa86010
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:48 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:16 GMT
ETag
"505e-60567d524e800-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4464
Expires
Sat, 23 Dec 2023 03:22:48 GMT
font-awesome.min.css
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/detail/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/detail/font-awesome.min.css
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
74b4cec3d2eb241fefcbf81f477e5580fbbbedfebe07b4d54262f11e5f39d782
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:48 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:28 GMT
ETag
"798a-60567d5dc0300-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
7059
Expires
Sat, 23 Dec 2023 03:22:48 GMT
slick-theme.css
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/detail/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/detail/slick-theme.css
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
741f40e06eb266d4d32e3090335553cb5e35d39665585657e754d0697a62ce09
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:48 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:28 GMT
ETag
"d16-60567d5dc0300-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
882
Expires
Sat, 23 Dec 2023 03:22:48 GMT
modernizr.custom.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/detail/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/detail/modernizr.custom.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
592b1627edb42210d91ebe730f62069cb082f04dd25c4a63da955ac597b8c432
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:49 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:50 GMT
ETag
"2130-60567d72bb480-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3792
Expires
Sat, 23 Dec 2023 03:22:49 GMT
owl.carousel.min.css
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/detail/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/detail/owl.carousel.min.css
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:48 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:28 GMT
ETag
"b78-60567d5dc0300-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
912
Expires
Sat, 23 Dec 2023 03:22:48 GMT
owl.theme.default.min.css
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/detail/ 		936 B
868 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/detail/owl.theme.default.min.css
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
296b3d8e9fa36733999a69d6e630bc6361ea23dada8c98a0e48d34ba7f7d0ed2
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:48 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:28 GMT
ETag
"3a8-60567d5dc0300-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
436
Expires
Sat, 23 Dec 2023 03:22:48 GMT
owl.carousel.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/detail/ 		83 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/detail/owl.carousel.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
84f62a9eaeb4e885739c5c33d4b5b479880f4b11bd3bfc322194fd80af4dbd64
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:49 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:50 GMT
ETag
"14d78-60567d72bb480-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
18511
Expires
Sat, 23 Dec 2023 03:22:49 GMT
photoswipe.css
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/photoswipe/ 		13 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/photoswipe/photoswipe.css
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
ac396b2da65963f1c8d7b064cdc5760e0dd023e2120eff8494d099523a434550
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:48 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:29 GMT
ETag
"353b-60567d5eb4540-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3193
Expires
Sat, 23 Dec 2023 03:22:48 GMT
jquery1.11.3.min.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/photoswipe/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/photoswipe/jquery1.11.3.min.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
4e7e1c16e351e7bfc80cddef9f98e99113ddb0d1e201be00d53955fe62f0e523
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:49 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:51 GMT
ETag
"176fd-60567d73af6c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
33313
Expires
Sat, 23 Dec 2023 03:22:49 GMT
dfp-adzone.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/js/ 		57 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/js/dfp-adzone.js?23.11.2023
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
ec31ec6e18cb5dd6174da8e4ae3c0f46f01afdcaa41c4f18f0eb585079a67c92
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:49 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 16:00:16 GMT
ETag
"e462-60567e3730400-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
5739
Expires
Sat, 23 Dec 2023 03:22:49 GMT
skypost-logo.svg
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/skypost-logo.svg
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
31e290b06113d4b8c9b95fe634c5081ab12b98f9af10a964c123ad27d016b404
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:49 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Last-Modified
Fri, 15 Sep 2023 15:56:24 GMT
ETag
"1746-60567d59efa00"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
5958
ul-logo.svg
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/ul-logo.svg
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
ea1298e995f4c8c2b97929c800db9461b4a6b7136812c94806d0b3db16c61735
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:49 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Last-Modified
Fri, 15 Sep 2023 15:56:24 GMT
ETag
"18c5-60567d59efa00"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
6341
btn-fb-login.png
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/btn-fb-login.png
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
b3846c3ea537df021d93646abd748e8e887baebe99cd85f8b487d85e0bbcda0a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:49 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Last-Modified
Fri, 15 Sep 2023 15:56:20 GMT
ETag
"c21-60567d561f100"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
3105
Expires
Sat, 23 Dec 2023 03:22:49 GMT
close-01.svg
beauty.ulifestyle.com.hk/assets/img/ 		748 B
710 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beauty.ulifestyle.com.hk/assets/img/close-01.svg
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.151 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
d0a54f0a71b126db19c931486888bb2a09c639a6ddd4b9d7d4fd027cc058152a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:49 GMT
Content-Encoding
gzip
Last-Modified
Tue, 30 Jul 2019 17:49:19 GMT
Vary
Accept-Encoding
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
433
1027OG-M07_1024.jpg
resource01-proxy.ulifestyle.com.hk/res/v3/image/content/3380000/3384147/ 		269 KB
270 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resource01-proxy.ulifestyle.com.hk/res/v3/image/content/3380000/3384147/1027OG-M07_1024.jpg
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-75.fra56.r.cloudfront.net
Software
/
Resource Hash
6f69db702fbdeba145dd2c840f15e8d9faa96cbdb154ca40d52272d7b42cb4e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:49 GMT
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified
Wed, 26 Oct 2022 08:15:46 GMT
x-amz-cf-pop
FRA56-C1
etag
"432e5-5ebeba1af1080"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
275173
x-amz-cf-id
wy34O7tH8TjlpGumvRW_4ZQYH43UMzQYcg3Ce0oRi3WBDCfshXuBjw==
expires
Sat, 23 Dec 2023 03:22:49 GMT
01_1024.jpg
resource01-proxy.ulifestyle.com.hk/res/v3/image/manual-list/highlight/425000/428852/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resource01-proxy.ulifestyle.com.hk/res/v3/image/manual-list/highlight/425000/428852/01_1024.jpg
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-75.fra56.r.cloudfront.net
Software
/
Resource Hash
33db671a3f0a17f4336ad2a1e76e25b7384f15e376f3e95839b3f4b26bfb4f94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:49 GMT
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified
Thu, 16 Nov 2023 09:19:36 GMT
x-amz-cf-pop
FRA56-C1
etag
"16e54-60a4184b6fa00"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
93780
x-amz-cf-id
AstrISYHeaL2hmi-CXL0RM9qHKy5TWrLd5keFhx0xeYJXq_CZPgZvQ==
expires
Sat, 23 Dec 2023 03:22:49 GMT
webbanner_1024.jpg
resource01-proxy.ulifestyle.com.hk/res/v3/image/manual-list/highlight/425000/428852/ 		123 KB
123 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resource01-proxy.ulifestyle.com.hk/res/v3/image/manual-list/highlight/425000/428852/webbanner_1024.jpg
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-75.fra56.r.cloudfront.net
Software
/
Resource Hash
bb7c1f4e79ae1ad744f90254c0809a21f7f1af7f1c1513a72ce4b03bcb22236d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:49 GMT
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 05:19:41 GMT
x-amz-cf-pop
FRA56-C1
etag
"1eadf-60a01d12e9540"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
125663
x-amz-cf-id
d8j77j_31YUhVqD7MECMG5Iaws6Hz2cHORAiRNFZRcq7JQbqDXVGrg==
expires
Sat, 23 Dec 2023 03:22:49 GMT
btn-applestore.png
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/btn-applestore.png
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
f16e2534268cb1b33c00c914327a4d429ae66fd71cacddb1ad198221cc5a6440
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Last-Modified
Fri, 15 Sep 2023 15:56:19 GMT
ETag
"7f0-60567d552aec0"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
2032
Expires
Sat, 23 Dec 2023 03:22:50 GMT
btn-googleplay.png
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/btn-googleplay.png
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
e74b5d34704bcfe22e395df1e49182a98672e93828b1a420f72381b887f5f610
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Last-Modified
Fri, 15 Sep 2023 15:56:20 GMT
ETag
"b04-60567d561f100"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=89
Content-Length
2820
Expires
Sat, 23 Dec 2023 03:22:50 GMT
vendor.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/vendor/ 		122 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/vendor/vendor.js?v=23.11.2023
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
3da787ac4910d66de14aa1da8a7b7acc0cf386b7a3dea3a27af958672cd689c9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:49 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:26 GMT
ETag
"1e7cc-60567d5bd7e80-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
33346
Expires
Sat, 23 Dec 2023 03:22:49 GMT
global.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/global.js?v=23.11.2023
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
6e6de1ef238a3329acb31016abc8dfbdab5b085ef3516884ca7555e4e67f9bfd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:49 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:25 GMT
ETag
"c6a-60567d5ae3c40-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
1454
Expires
Sat, 23 Dec 2023 03:22:49 GMT
slick.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/vendor/slick/js/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/vendor/slick/js/slick.js?v=23.11.2023
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
08036b12f5e6064f2ec22561fb51e498309d0b3101422707dd12bb8ff17c23b3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:49 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:57:04 GMT
ETag
"a6f3-60567d8015400-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
10307
Expires
Sat, 23 Dec 2023 03:22:49 GMT
landing.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/landing.js?v=23.11.2023
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
8961af6e5dda83ddd1bfa5c376582c69501bea006aa200df07651d9cf352a2c6
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:49 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:25 GMT
ETag
"5e3-60567d5ae3c40-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
611
Expires
Sat, 23 Dec 2023 03:22:49 GMT
lazysizes.min.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/external/lazysizes/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/external/lazysizes/js/lazysizes.min.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
e0b721b3033feded8115fcffaecc8ba00e76acd075d840a41c44099447d98628
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:49 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:59:25 GMT
ETag
"1922-60567e068d140-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
3062
Expires
Sat, 23 Dec 2023 03:22:49 GMT
clipboard.min.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/js/clipboard.min.js?23.11.2023
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
6fa07a907599fc242e3a606054fd52050005caa4609e55e6c1f2a7a8d30e39ba
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:49 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 16:00:15 GMT
ETag
"27a6-60567e363c1c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
3211
Expires
Sat, 23 Dec 2023 03:22:49 GMT
toastr.min.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/js/toastr.min.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
d8ae2cda39264b831ea5c4440e1df3be6944b2aeaf54fbfc41b6696e3624f0cf
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 16:00:18 GMT
ETag
"1336-60567e3918880-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
1890
Expires
Sat, 23 Dec 2023 03:22:50 GMT
skypost-common.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/js/skypost-common.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
6f7d9ab7e42461cab5d8406139bd8353e20887a1a4ac00425ee5bc9ac2c2b35d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 16:00:18 GMT
ETag
"16ac-60567e3918880-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
1623
Expires
Sat, 23 Dec 2023 03:22:50 GMT
photoswipe.css
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/detail/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/detail/photoswipe.css
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
230f83090079e9718f73d7a9e7e3da305a1adea0d51ec771eab6dcee48e6beb9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:28 GMT
ETag
"ffd-60567d5dc0300-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
1298
Expires
Sat, 23 Dec 2023 03:22:50 GMT
default-skin.css
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/detail/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/detail/default-skin.css
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
cfe5c19542eb1b014038f9579ef0b190098bd0a7f7398d670230ae8e3a3508d0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:27 GMT
ETag
"2db2-60567d5ccc0c0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
3006
Expires
Sat, 23 Dec 2023 03:22:50 GMT
photoswipe.min.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/photoswipe/ 		88 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/photoswipe/photoswipe.min.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
4415c20c8d063d287564718a849a6a844cb1b47ab029adf0c45d4ee33f9ff6b2
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:52 GMT
ETag
"15e47-60567d74a3900-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
20549
Expires
Sat, 23 Dec 2023 03:22:50 GMT
jquery.waypoints.min.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/detail/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/detail/jquery.waypoints.min.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:50 GMT
ETag
"2344-60567d72bb480-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
2753
Expires
Sat, 23 Dec 2023 03:22:50 GMT
sticky.min.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/detail/ 		1 KB
1023 B 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/detail/sticky.min.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
14c52b4f1daa1aa3a92d960a311d4518da07e80b7b1a443d3f1a55c0968c99a0
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:51 GMT
ETag
"4db-60567d73af6c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
577
Expires
Sat, 23 Dec 2023 03:22:50 GMT
inview.min.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/detail/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/detail/inview.min.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
b1fa3db14d5339f07b2876a6728e1ef8e90fff70b25e8681f7162f20dce25027
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:50 GMT
ETag
"6bb-60567d72bb480-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
688
Expires
Sat, 23 Dec 2023 03:22:50 GMT
scrolling-nav.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/detail/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/detail/scrolling-nav.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
c3cf14a803d7fdc8803ae641ea1b53695020ada8223bcd512e60db52e118f88c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:51 GMT
ETag
"15b5-60567d73af6c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
1399
Expires
Sat, 23 Dec 2023 03:22:50 GMT
popper.min.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/vendor/popper/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/vendor/popper/popper.min.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
0e66f2b77c627e68cbb02aba29dab4ce4b2fa721284a4c651207d06b143bbef7
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:53 GMT
ETag
"48f5-60567d7597b40-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
6738
Expires
Sat, 23 Dec 2023 03:22:50 GMT
bootstrap.min.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/vendor/bootstrap/ 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/vendor/bootstrap/bootstrap.min.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
65f969e065de909cb9642a0a669a156ffc1f14b2c5405f50b21ae4b3b3dc9e02
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:52 GMT
ETag
"b993-60567d74a3900-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
12708
Expires
Sat, 23 Dec 2023 03:22:50 GMT
custom-js.v2.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/detail/ 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/detail/custom-js.v2.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
46644aaad8843319dedfa3158c5aec8b184fc8b9d617c198d5cd6160df96b014
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:49 GMT
ETag
"328c-60567d71c7240-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=92
Content-Length
2669
Expires
Sat, 23 Dec 2023 03:22:50 GMT
fontfaceobserver.standalone.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/detail/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/detail/fontfaceobserver.standalone.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
cd8f0f9aae01baf9559b5da01df40a472f7650065c58da90cc14b6f4f71d96a9
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:49 GMT
ETag
"10c9-60567d71c7240-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
1646
Expires
Sat, 23 Dec 2023 03:22:50 GMT
infinite-scroll.pkgd.min.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/js/ 		31 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/js/infinite-scroll.pkgd.min.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
33b330a25abb736e839db1436956557f8df2513a3a2ed53cafb266b439c72c31
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 16:00:16 GMT
ETag
"7d26-60567e3730400-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
7656
Expires
Sat, 23 Dec 2023 03:22:50 GMT
loader-wheel.css
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/detail/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/detail/loader-wheel.css
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
cccc31c44e52e0936cdc1fb8b7d0848f577730b6e364623f50e6f37c3dea517c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:28 GMT
ETag
"805-60567d5dc0300-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
657
Expires
Sat, 23 Dec 2023 03:22:50 GMT
videojs.ima.min.css
cdn.jsdelivr.net/combine/npm/video.js@7/dist/video-js.min.css,npm/videojs-ima@1/dist/ 		43 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/combine/npm/video.js@7/dist/video-js.min.css,npm/videojs-ima@1/dist/videojs.ima.min.css
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29713a046e7f0e61220813ddd475ede4aaaf8545dea6d6fc7324baa2e5f5630a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
23302
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230061-FRA
server
cloudflare
etag
W/"aba5-DpZPpr9mRvt7Jccv93qQUvnrFLw"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c4%2FKP7eRGc2TzTsGIxwzrxfD48U6M77HJ0MpiBbvBp0R6uhhTJ7p0lGfXN1rC7TGeYvwB8ERtIeN4cR4Y6quATx0V6KhnyjzGaUSTAkEF92wgYeQlwKlY1cpzwRXd79voDkr96vVxk5Is109PCs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82a64a3d3d584d38-FRA
zh-TW.min.js
cdn.jsdelivr.net/combine/npm/video.js@7/dist/video.min.js,npm/video.js@7/dist/lang/ 		579 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/combine/npm/video.js@7/dist/video.min.js,npm/video.js@7/dist/lang/zh-TW.min.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6b1060a3c5b759851db2f01e2adf23dd572f4b9e163f9db8c1c9f8e606aa6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
19180
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230038-FRA
server
cloudflare
etag
W/"90de0-xhqWLrjaDCZptSwchiXmeSDjR/Q"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tOm0fSuKb%2Fkou4msHBMPvQWSXi9rIVrEEowh3TCpKJpq6g9JUtF536Yuv4xElFur7Zckj%2Bz0oBKohGVmOfARe36IBQxqvv%2BVTMI8vr1oUsWB3CsxXYJWbRAO11FTgGZGUxU2xdcTTHctY8fvZIc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82a64a3d3d594d38-FRA
videojs.ads.css
googleads.github.io/videojs-ima/node_modules/videojs-contrib-ads/dist/ 		975 B
729 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://googleads.github.io/videojs-ima/node_modules/videojs-contrib-ads/dist/videojs.ads.css
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-fastly-request-id
7ea752b434d65a108e2ab4a2c54ec4c072484dea
date
Thu, 23 Nov 2023 03:22:49 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
4
age
532
x-cache
HIT
x-proxy-cache
HIT
content-length
321
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 08 Jun 2022 15:35:36 GMT
server
GitHub.com
x-github-request-id
9350:3684:B3752A:B64E90:655C0CB8
x-timer
S1700709770.804662,VS0,VE1
etag
W/"62a0c1c8-3cf"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Tue, 21 Nov 2023 01:57:18 GMT
videojs.ima.css
googleads.github.io/videojs-ima/dist/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://googleads.github.io/videojs-ima/dist/videojs.ima.css
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-fastly-request-id
11edcda0839221723e2d1351ca30e6970744fe55
date
Thu, 23 Nov 2023 03:22:49 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
2
age
49
x-cache
HIT
x-proxy-cache
MISS
content-length
1300
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 08 Jun 2022 15:35:36 GMT
server
GitHub.com
x-github-request-id
5D90:C002:B45167:B72A2B:655C0CB8
x-timer
S1700709770.813548,VS0,VE0
etag
W/"62a0c1c8-eda"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
expires
Tue, 21 Nov 2023 01:59:44 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		365 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128094
x-xss-protection
0
expires
Thu, 23 Nov 2023 03:22:49 GMT
videojs.ads.min.js
googleads.github.io/videojs-ima/node_modules/videojs-contrib-ads/dist/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.github.io/videojs-ima/node_modules/videojs-contrib-ads/dist/videojs.ads.min.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
8083a510108bfa2848c613baf8f1823af26a8dab1bb0907b8b0a06aebac5f226

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-fastly-request-id
cd7a880065e8c6335e46d7578d0afe443dd74981
date
Thu, 23 Nov 2023 03:22:49 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
1
age
62
x-cache
HIT
x-proxy-cache
HIT
content-length
7749
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 08 Jun 2022 15:35:36 GMT
server
GitHub.com
x-github-request-id
D152:7B63:B75CE7:BA3561:655C0CB4
x-timer
S1700709770.813535,VS0,VE1
etag
W/"62a0c1c8-6e7b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
expires
Tue, 21 Nov 2023 01:56:42 GMT
videojs.ima.js
googleads.github.io/videojs-ima/dist/ 		108 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.github.io/videojs-ima/dist/videojs.ima.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
d8dc9ff3be784339ada63c195eeb154457467685b060cb84175ec0e097f17232

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-fastly-request-id
f896a3e593bbc54d7057edeeabf3714376ca997b
date
Thu, 23 Nov 2023 03:22:49 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
1
age
53
x-cache
HIT
x-proxy-cache
MISS
content-length
21700
x-served-by
cache-fra-eddf8230021-FRA
last-modified
Wed, 08 Jun 2022 15:35:36 GMT
server
GitHub.com
x-github-request-id
463E:C888:B79708:BA5C1E:655C0CB8
x-timer
S1700709770.813632,VS0,VE1
etag
W/"62a0c1c8-1b074"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=600
permissions-policy
interest-cohort=()
accept-ranges
bytes
x-origin-cache
HIT
expires
Tue, 21 Nov 2023 01:59:45 GMT
matomo-media-analytics.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/external/matomo/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/external/matomo/js/matomo-media-analytics.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
80c3268005aa7ea79445da7db8c7d532073d8b20864d376bedf41fce04c5bbdd
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:59:25 GMT
ETag
"2d58-60567e068d140-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
2942
Expires
Sat, 23 Dec 2023 03:22:50 GMT
detail-custom.js
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/detail/ 		66 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/detail/detail-custom.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
b5a046ab6554193a0a28f5358b21f0d9fab74dad235399b4c0438e2120d32438
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:49 GMT
ETag
"1075b-60567d71c7240-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=91
Content-Length
14080
Expires
Sat, 23 Dec 2023 03:22:50 GMT
detail-custom.css
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/detail/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/detail/detail-custom.css
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
e68247c8b25bfdb37ff78838c59a4debe84e279e27e1c98b2fdbe76a98b2eeda
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Content-Encoding
gzip
Last-Modified
Fri, 15 Sep 2023 15:56:28 GMT
ETag
"999-60567d5dc0300-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
968
Expires
Sat, 23 Dec 2023 03:22:50 GMT
css
fonts.googleapis.com/ 		120 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/vendor/vendor.css?23.11.2023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9fdb69e7e1ea61be2e37d528e724f3756f79446902b89f4e8db5fff26e48d032
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 Nov 2023 03:22:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 02:38:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Nov 2023 03:22:48 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-76.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 09:28:32 GMT
content-encoding
gzip
via
1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P5
age
64458
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
nQLP_Kt8DM-JqKjbBXZLLiUeK5h6s4TzWL5DMxW9mXqdD2dirWrA1Q==
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 23 Nov 2023 03:22:49 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
2KeLZuC0VWUdGDG2EDKA8uouv5epmHZpH/+AtjbAj4wtkQDW2GVVS+FZ3fcwrzzkYFiTJHEEN0NlssJ0JwJo1Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
sdk.js
connect.facebook.net/zh_HK/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_HK/sdk.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
265088dac706e7d3a7200e6c83b6714dfaf3f445eb35db0977f16dc3ca4beab2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Nov 2023 03:22:49 GMT
content-md5
qVB01V7CAc+up1RJcMnKKg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
reporting-endpoints
x-fb-debug
vbBi8zmn11Ql2VMaOTqfcg3NLo+gMUjken0pPQ3jJHdEe+j9/o5aa9M+/yM06O0d9GPgzalVLIo4ofMOQSq1XQ==
x-fb-content-md5
477474f188cb602a5059a676fd10a685
cross-origin-opener-policy
same-origin-allow-popups
etag
"6973fbf1495f0c0aaa5522a4516a8fa3"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Thu, 23 Nov 2023 03:35:32 GMT
css
fonts.googleapis.com/ 		120 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/detail/bootstrap.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9fdb69e7e1ea61be2e37d528e724f3756f79446902b89f4e8db5fff26e48d032
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 23 Nov 2023 03:22:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 03:22:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 23 Nov 2023 03:22:49 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76CyzC1Etw.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76CyzC1Etw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f48f869351e83d4560d4feb1ec75cbf662184a580ea4c8b5d2987e49f4f8df42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 00:56:57 GMT
x-content-type-options
nosniff
age
440752
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13284
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:24:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 00:56:57 GMT
gpt.js
www.googletagservices.com/tag/js/ 		101 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/js/dfp-adzone.js?23.11.2023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3186217ff9c790be8a33ae12258d890a2c0bd71ce9dd4cff81011a09fbb97c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31761
x-xss-protection
0
server
cafe
etag
202 / 19684 / 31079657 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 03:22:50 GMT
gtm.js
www.googletagmanager.com/ 		305 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KGZHX8
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
79b754061ea6d9ed7d152a9a3831040697bcb5d3e070dc3d807c01a948376105
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100948
x-xss-protection
0
last-modified
Thu, 23 Nov 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 23 Nov 2023 03:22:50 GMT
ul-logo.svg
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/ul-logo.svg
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
ea1298e995f4c8c2b97929c800db9461b4a6b7136812c94806d0b3db16c61735
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Last-Modified
Fri, 15 Sep 2023 15:56:24 GMT
ETag
"18c5-60567d59efa00"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
6341
skypost-logo.svg
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/skypost-logo.svg
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
31e290b06113d4b8c9b95fe634c5081ab12b98f9af10a964c123ad27d016b404
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Last-Modified
Fri, 15 Sep 2023 15:56:24 GMT
ETag
"1746-60567d59efa00"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
5958
ul-menu-indicator.png
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/ul-menu-indicator.png
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/skypost-global.css?23.11.2023
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
02c59db0731b0bc5227b6f889af4785ed5fbd85dce45c8436a1b084917926b4e
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/skypost-global.css?23.11.2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:49 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Last-Modified
Fri, 15 Sep 2023 15:56:25 GMT
ETag
"b4f-60567d5ae3c40"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
2895
Expires
Sat, 23 Dec 2023 03:22:49 GMT
user-btn.svg
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/ 		638 B
951 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/user-btn.svg
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/skypost-global.css?23.11.2023
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
c5a6bde4e360dfba28ef07c5c0eb4472d77732aab25df5f27a4cccedd5afbbd3
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/skypost-global.css?23.11.2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:49 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Last-Modified
Fri, 15 Sep 2023 15:56:25 GMT
ETag
"27e-60567d5ae3c40"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
638
search-btn.svg
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/ 		824 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/search-btn.svg
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/skypost-global.css?23.11.2023
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
2b6b53229fd9528d67b19f000808a41a7531aeb6f4e1f3da7b15e98e3926ad2d
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/skypost-global.css?23.11.2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:49 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Last-Modified
Fri, 15 Sep 2023 15:56:23 GMT
ETag
"338-60567d58fb7c0"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
824
tag-01.svg
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/ 		730 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/tag-01.svg
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/skypost-global.css?23.11.2023
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
f9465a31e6f0419ff8a04bf1047a3c4e32f1fa28a6f3739155613d013a3aa362
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Referer
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/skypost-global.css?23.11.2023
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Last-Modified
Fri, 15 Sep 2023 15:56:24 GMT
ETag
"2da-60567d59efa00"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=90
Content-Length
730
share-02.svg
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/ 		662 B
975 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/share-02.svg
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/skypost-global.css?23.11.2023
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
b1ae991c28fca9bd42a593edfe73f33389cc97355e39dbf2c714138f08e0a65c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/skypost-global.css?23.11.2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Last-Modified
Fri, 15 Sep 2023 15:56:23 GMT
ETag
"296-60567d58fb7c0"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
662
share-03.svg
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/share-03.svg
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/skypost-global.css?23.11.2023
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
405d9f2df1b22f4f56eca675991ff612eebe09f1814636c8087b272dabad04e2
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/skypost-global.css?23.11.2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Last-Modified
Fri, 15 Sep 2023 15:56:23 GMT
ETag
"5cd-60567d58fb7c0"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
1485
share-07.svg
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/share-07.svg
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/skypost-global.css?23.11.2023
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
c35f3652c78bac5f88f72e52b9b5555f0758152c2517da0904eadf8c0b880a84
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/skypost-global.css?23.11.2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:49 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Last-Modified
Fri, 15 Sep 2023 15:56:24 GMT
ETag
"28c8-60567d59efa00"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
10440
share-04.svg
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/img/share-04.svg
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/skypost-global.css?23.11.2023
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
f0889f69a457b96d82e906ee9a3626961e347163b00e1fbd59b544e9aa07cc65
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/skypost-global.css?23.11.2023
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Last-Modified
Fri, 15 Sep 2023 15:56:23 GMT
ETag
"469-60567d58fb7c0"
Content-Type
image/svg+xml
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=93
Content-Length
1129
NotoSansTC-Medium.woff2
fonts.gstatic.com/ea/notosanstc/v1/ 		2 MB
2 MB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Medium.woff2
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/vendor/vendor.css?23.11.2023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a6bb08a5e63caa34a8b3e515b8d9c54006aa42674b139d945b55d83850ca87b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 18:22:48 GMT
x-content-type-options
nosniff
age
464401
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1893252
x-xss-protection
0
last-modified
Mon, 26 Oct 2015 23:53:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 18:22:48 GMT
fontawesome-webfont.woff2
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/font-awesome-4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/detail/font-awesome.min.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

Referer
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/detail/font-awesome.min.css
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:49 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Last-Modified
Fri, 15 Sep 2023 15:56:56 GMT
ETag
"12d68-60567d7874200"
Content-Type
font/woff2
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
77160
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.119.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.119.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0e0b37dbd0c68559d6f6f2895422cc9efdeb440f489cb66564637adc5178b31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:39:37 GMT
x-content-type-options
nosniff
age
470592
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19296
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:24:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 16:39:37 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.118.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.118.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a1760175c4829fcfa5c9961a397a8414bb3e0f06588f9b6e2514c2f46c8fc849
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 20:09:41 GMT
x-content-type-options
nosniff
age
457988
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32184
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:21:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 20:09:41 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.114.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.114.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdfd4928ea6d4ac57cfef13e5190cca59317d6afc36d4d43db908106a51a5f2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 23:35:54 GMT
x-content-type-options
nosniff
age
445615
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38152
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:44:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 23:35:54 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.117.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.117.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aeb1decdb629f8f24ae2e1d8143a5a18bfc58eb703d0d3092fa42b8553ebe89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 03:18:04 GMT
x-content-type-options
nosniff
age
432285
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35520
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:24:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 03:18:04 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.116.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.116.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f8d8c225b88ae3d0c58f0e0f099e2c1beb1a9938f4045466cdd0255cf5b92fec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 17:55:58 GMT
x-content-type-options
nosniff
age
379611
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38232
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:21:15 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 17:55:58 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.115.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.115.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b64b0ee7f30a386bf838a308feb90a73327fd94c6260788280b5a03a056cdf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:39:37 GMT
x-content-type-options
nosniff
age
470592
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39204
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 19:33:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 16:39:37 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.112.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		39 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.112.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58a190b59bc5893fa1f777d2908275417cfb88b820fd3ca445e39daef5c75ec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 22:46:41 GMT
x-content-type-options
nosniff
age
448568
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39436
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:39:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 22:46:41 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.108.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.108.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4c5deb0904f253c7bd6b52af0d31a8e7c6238937164d87f008026d79c416be6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 21:54:39 GMT
x-content-type-options
nosniff
age
106090
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37624
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 19:33:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Nov 2024 21:54:39 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.107.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.107.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
179b15acd8ca0536aa7e1ae6f4ce41fbb98e38c422de982b5667a7ab74b1c677
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:01:37 GMT
x-content-type-options
nosniff
age
566472
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38592
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:50:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 14:01:37 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.104.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.104.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
175fbcebe8029e8cf3317e975e780e0f3c87636872b9cb7f1b8088eda78e0be1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:30:28 GMT
x-content-type-options
nosniff
age
528741
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35832
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:45:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 00:30:28 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.102.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.102.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74a4bbcf759335d2abbfcff4d9d7c950b5dff849d914b902d65daae2f0ecda5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:45:10 GMT
x-content-type-options
nosniff
age
527859
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33792
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:39:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 00:45:10 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.113.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.113.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f414e3c1d1c10accc9c96990cc048fd4099cf51f40b83ca5309156272d0b8c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 02:46:52 GMT
x-content-type-options
nosniff
age
434157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38744
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:39:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 02:46:52 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.110.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		40 KB
40 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.110.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89afdc7fe233e76817f80a51e7535910ab2e26207c03c926445fe0d9e6eb1132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 07:30:40 GMT
x-content-type-options
nosniff
age
417129
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41260
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:25:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 07:30:40 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.109.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.109.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3cd3e231c218db08c50e1985e14dde445be53587951bd3b03b4b3428aefe955e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 21:05:36 GMT
x-content-type-options
nosniff
age
22633
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38624
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:27:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Nov 2024 21:05:36 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.105.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.105.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
002d2171a43d4e05579e2db6040c5d7d6d274fa2bb94f802ff861ad59418f6e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 05:44:54 GMT
x-content-type-options
nosniff
age
423475
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35884
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:45:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 05:44:54 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.25.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.25.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0902b81e94b6897f5fb84ac00b890253e072a6ae2c88ddd4cc64c229d8e794b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 10:25:35 GMT
x-content-type-options
nosniff
age
61034
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23100
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:57:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Nov 2024 10:25:35 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.106.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		37 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.106.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcd730937eeac76804b3b4781e93a1fd5a286b7a8fd264e31a6689b44ffac9b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:02:42 GMT
x-content-type-options
nosniff
age
472807
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38212
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:31:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 16:02:42 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.89.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		6 KB
6 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.89.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8a09c943e2d1e2d0af21727f888631df112989530c4238d98bc48122335ebc2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 00:53:31 GMT
x-content-type-options
nosniff
age
440958
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5948
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:44:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 00:53:31 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.111.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.111.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
029799b41b6f65997ee2bd3b29e68457bff53c5c2fc1ee4026441e79522953eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 01:35:26 GMT
x-content-type-options
nosniff
age
438443
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46032
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:21:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 01:35:26 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.100.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.100.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23e6ff9c64368e7bf2923ce774ba68129d7533523280a225a4c41d33ef7cbf6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 12:26:48 GMT
x-content-type-options
nosniff
age
140161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33676
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:29:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Nov 2024 12:26:48 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.7.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7041b1fd49fbbf4c98023ebc17d4cfa3111def4311b3b060f916de12ef2ba6b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 05:02:44 GMT
x-content-type-options
nosniff
age
512405
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7824
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:24:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 05:02:44 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.51.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.51.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
17c893ad6bb1638d92c2c1ce6880e1cca66643833e6e0181d757e408bb02369d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 13:59:01 GMT
x-content-type-options
nosniff
age
393828
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23300
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:24:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 13:59:01 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.101.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.101.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2106ee53574ad968420d53c9f003456544987d87c7cf42d310d6c86c4dc6f72d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 11:38:43 GMT
x-content-type-options
nosniff
age
402246
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32308
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 19:33:16 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Nov 2024 11:38:43 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.43.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.43.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12d807fa508444da8401a9e0889821ae894e35bccfea991748db1fde0f6935ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 05:05:29 GMT
x-content-type-options
nosniff
age
512240
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21552
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:57:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 05:05:29 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.66.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.66.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37275e1fc5b5794b30a813f92291a5ab070b71df748575bc21655c847f9de9e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 11:02:01 GMT
x-content-type-options
nosniff
age
145248
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26164
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:57:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Nov 2024 11:02:01 GMT
-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.103.woff2
fonts.gstatic.com/s/notosanstc/v35/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosanstc/v35/-nFuOG829Oofr2wohFbTp9ifNAn722rq0MXz76Cy_C8mrWSt1KeqzFVoizG-KdWhyhvKuGOf8EUcrq3YKp7nxxk.103.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans+TC&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82a2ad7bb2666262cf73fefc2aaeb775065c6c19ac308ca028583b5298a57618
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 11:37:18 GMT
x-content-type-options
nosniff
age
488731
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37016
x-xss-protection
0
last-modified
Tue, 15 Aug 2023 18:39:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 11:37:18 GMT
b
sb.scorecardresearch.com/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=17810411&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1700709770064&ns_c=UTF-8&c7=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&c8=%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A%EF%BD%9CWWF%E5%A4%A5%E4%B8%AD%E5%A4%A7%E6%8B%AF%E6%95%91%E7%8F%8A%E7%91%9A%E7%A2%8E%E5%A1%8A%E6%88%90%E5%8A%9F%20%E5%BE%A9%E8%82%B2%E5%AD%98%E6%B4%BB%E7%8E%87%E9%81%9497.5%25%20-%20%E6%99%B4%E5%A0%B1%20-%20%E6%99%82%E4%BA%8B%20-%20%E8%A6%81%E8%81%9E%20-%20D221026&c9=
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.60.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-60-76.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:50 GMT
via
1.1 62e2e45895008240d70f26081269c850.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA60-P5
x-amz-cf-id
vFDwP2Lf417OYqthSp6mBH7-TqsGHrL4eKmmu8Td5LPBymYcd66w3Q==
x-cache
Miss from cloudfront
sdk.js
connect.facebook.net/zh_HK/ 		297 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_HK/sdk.js?hash=3317b735c7f0a6779b8bd7a23135d36c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6e2a76138f083849e39f8d2d1c6d881bcc895298cace4f2f11c8d7b2a02ca27e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Origin
https://skypost.ulifestyle.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Nov 2023 03:22:50 GMT
content-md5
Ng0F8GBGthZo3E2Shjx8XA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87043
reporting-endpoints
x-fb-debug
z1hQU/nXcNOLpMwROYH0Ayz9qbrKb9HAQGNpY0y8FSA2WR0+JSBiuSkpfVIH6PZ/2pu4YzjHaQapL5dBC9QMAw==
x-fb-content-md5
2c683efb173ae9c96532446b60c8aaaa
cross-origin-opener-policy
same-origin-allow-popups
etag
"49ff1779e12ec366183bbb3257dbcbbc"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Fri, 22 Nov 2024 03:15:33 GMT
565689500262854
connect.facebook.net/signals/config/ 		133 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/565689500262854?v=2.9.138&r=stable&domain=skypost.ulifestyle.com.hk
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c120371acb29bac61a92ec2ab37fbd4aaa61e80b3772e598a0b69d5920f1141f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 23 Nov 2023 03:22:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
eT0p0UGU8A92bBFsPvMBly21cfOwQkYyFWLE2oih2Fwxywj1/B4kC0Kx/XGgN0ttdTX6OdEVJHEVnAd/bCxwHA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		429 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 11:22:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
57606
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 21 Nov 2024 11:22:44 GMT
js
www.googletagmanager.com/gtag/ 		217 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-S71J3438QJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGZHX8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6cf78fe6a8c78cc6924428dabd506a14966dcfc57a2ebcb7524edf93119f081f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78971
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Nov 2023 03:22:50 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/787758091/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/787758091/?random=1700709770162&cv=11&fst=1700709770162&bg=ffffff&guid=ON&async=1&gtm=45He3b81v71748663&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&label=Skypost%20Google%20Ad%20tag&hn=www.googleadservices.com&frm=0&tiba=%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A%EF%BD%9CWWF%E5%A4%A5%E4%B8%AD%E5%A4%A7%E6%8B%AF%E6%95%91%E7%8F%8A%E7%91%9A%E7%A2%8E%E5%A1%8A%E6%88%90%E5%8A%9F%20%E5%BE%A9%E8%82%B2%E5%AD%98%E6%B4%BB%E7%8E%87%E9%81%9497.5%25%20-%20%E6%99%B4%E5%A0%B1%20-%20%E6%99%82&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGZHX8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d5d43209904eaf07e008f99cb33f081d9d77e06718e8b4ebeac92c7dbce93de4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1462
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGZHX8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 23 Nov 2023 01:49:38 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
5592
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Thu, 23 Nov 2023 03:49:38 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=565689500262854&ev=PageView&dl=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&rl=&if=false&ts=1700709770244&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1700709770243.1749936114&ler=empty&it=1700709770109&coo=false&rqm=GET
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 23 Nov 2023 03:22:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
region1.google-analytics.com/g/ 		0
261 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-S71J3438QJ&gtm=45je3b81v9167724431z871748663&_p=1700709769774&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=95362296.1700709770&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700709770&sct=1&seg=0&dl=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A&dt=%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A%EF%BD%9CWWF%E5%A4%A5%E4%B8%AD%E5%A4%A7%E6%8B%AF%E6%95%91%E7%8F%8A%E7%91%9A%E7%A2%8E%E5%A1%8A%E6%88%90%E5%8A%9F%20%E5%BE%A9%E8%82%B2%E5%AD%98%E6%B4%BB%E7%8E%87%E9%81%9497.5%25%20-%20%E6%99%B4%E5%A0%B1%20-%20%E6%99%82%E4%BA%8B%20-%20%E8%A6%81%E8%81%9E%20-%20D221026&en=page_view&_fv=1&_nsi=1&_ss=1&ep.service=article&ep.content_id=3384147&ep.content_type=article&ep.category=NA&ep.video_program=NA&ep.author=NA&ep.tag_list=%E7%92%B0%E4%BF%9D%E6%8E%AA%E6%96%BD%2C%E8%87%AA%E7%84%B6%E4%BF%9D%E8%82%B2%2C%E6%B5%B7%E6%B4%8B%E5%9E%83%E5%9C%BE%2C%E9%A6%99%E6%B8%AF%E4%B8%AD%E6%96%87%E5%A4%A7%E5%AD%B8%2C%E7%8F%8A%E7%91%9A&ep.publish_date=2022-10-26&ep.channel=skypost&ep.primary_main_cate=%E6%99%82%E4%BA%8B&ep.primary_sub_cate=%E8%A6%81%E8%81%9E&ep.page_url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&ep.page_name=%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A%EF%BD%9CWWF%E5%A4%A5%E4%B8%AD%E5%A4%A7%E6%8B%AF%E6%95%91%E7%8F%8A%E7%91%9A%E7%A2%8E%E5%A1%8A%E6%88%90%E5%8A%9F%20%E5%BE%A9%E8%82%B2%E5%AD%98%E6%B4%BB%E7%8E%87%E9%81%9497.5%25&tfd=3347
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-S71J3438QJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/787758091/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/787758091/?random=1700709770162&cv=11&fst=1700708400000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v71748663&u_w=1600&u_h=1200&url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&label=Skypost%20Google%20Ad%20tag&frm=0&tiba=%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A%EF%BD%9CWWF%E5%A4%A5%E4%B8%AD%E5%A4%A7%E6%8B%AF%E6%95%91%E7%8F%8A%E7%91%9A%E7%A2%8E%E5%A1%8A%E6%88%90%E5%8A%9F%20%E5%BE%A9%E8%82%B2%E5%AD%98%E6%B4%BB%E7%8E%87%E9%81%9497.5%25%20-%20%E6%99%B4%E5%A0%B1%20-%20%E6%99%82&fmt=3&is_vtc=1&cid=CAQSGwDICaaNVDlEebc_zCJ9V8u4w5OrG_Bn07vTLQ&random=552087670&rmt_tld=0&ipr=y
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:50 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/787758091/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/787758091/?random=1700709770162&cv=11&fst=1700708400000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v71748663&u_w=1600&u_h=1200&url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&label=Skypost%20Google%20Ad%20tag&frm=0&tiba=%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A%EF%BD%9CWWF%E5%A4%A5%E4%B8%AD%E5%A4%A7%E6%8B%AF%E6%95%91%E7%8F%8A%E7%91%9A%E7%A2%8E%E5%A1%8A%E6%88%90%E5%8A%9F%20%E5%BE%A9%E8%82%B2%E5%AD%98%E6%B4%BB%E7%8E%87%E9%81%9497.5%25%20-%20%E6%99%B4%E5%A0%B1%20-%20%E6%99%82&fmt=3&is_vtc=1&cid=CAQSGwDICaaNVDlEebc_zCJ9V8u4w5OrG_Bn07vTLQ&random=552087670&rmt_tld=1&ipr=y
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:50 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1231077867&t=pageview&_s=1&dl=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&ul=en-us&de=UTF-8&dt=%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A%EF%BD%9CWWF%E5%A4%A5%E4%B8%AD%E5%A4%A7%E6%8B%AF%E6%95%91%E7%8F%8A%E7%91%9A%E7%A2%8E%E5%A1%8A%E6%88%90%E5%8A%9F%20%E5%BE%A9%E8%82%B2%E5%AD%98%E6%B4%BB%E7%8E%87%E9%81%9497.5%25%20-%20%E6%99%B4%E5%A0%B1%20-%20%E6%99%82%E4%BA%8B%20-%20%E8%A6%81%E8%81%9E%20-%20D221026&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACACI~&jid=1238752370&gjid=1375630498&cid=95362296.1700709770&tid=UA-45611067-1&_gid=1034550624.1700709770&_r=1&_slc=1&gtm=45He3b81n71KGZHX8v71748663&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=209930705
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:50 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-a9a7"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:22:50 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 07:38:20 GMT
content-encoding
gzip
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
71071
x-amz-server-side-encryption
AES256
etag
W/"e073e71ed7a44e6f9cdd72904fda5940"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
2cs2PpqLZP2IFypMKyaqkT4qcjTjy2Yn8xJks3qZ0fMp1uzzKujb2g==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:2400:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date
Wed, 22 Nov 2023 10:03:28 GMT
Via
1.1 d13436be9e793d00b0273db3f7904816.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P2
Age
62363
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
Connection
keep-alive
Content-Length
2776
Last-Modified
Thu, 19 Oct 2023 06:40:11 GMT
Server
AmazonS3
ETag
"a3a9a9ee8e72db69d54e805f0586c651"
Content-Type
text/javascript
Accept-Ranges
bytes
X-Amz-Cf-Id
NRQ9Vn5OqIkhwg_A2pjTHGyEbR-LQ7_lnKaf9zjAeM-z1icG5IQ57w==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 21:28:48 GMT
content-encoding
gzip
age
626042
x-guploader-uploadid
ABPtcPorK7SdOx9D0-XbxZI-ucFoefeNDDoBI41rnJAKBKLzpPyd_Ilsabixqvym6_79HuCGK2OQIo2s49jtCyg8m0eHLqvG-9Ou
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 14 Nov 2024 21:28:48 GMT
esp.js
cdn.id5-sync.com/api/1.0/ 		156 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22a1257891d7523261ed7426751d43a5dfeb83e2211aed3b71f085b5a45149ed
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:50 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 22 Nov 2023 08:19:05 GMT
server
cloudflare
x-amz-request-id
07BJQWB9195172HN
age
3017
etag
W/"6d1031a5affe091aafc4dbcf111418ee"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
82a64a40bd892c3e-FRA
x-amz-id-2
S3yxUZWKnY20mFwJCF1xptQa5WDIOXl44+dnD+Z+x2RxOPfs4WBqnV/DU2cvl9kDpuBhjJqzsMU=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
821 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2263
x-jsd-version
master
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230065-FRA
x-jsd-version-type
branch
server
cloudflare
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rsxMfe3jv3Z%2F9aKJ1jQgNRTkeFcRA8p5cIJoSQ3ZqD%2BmRTnUaMDkBDo3oxuUPz3NioSxyLZGGifQSNdqe2%2FG4moiyQ1j5r4exyZWDoCtHwG9rbvZeHnleKFtTcUCobYfW6fsPEK1VOKNArXgxhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82a64a40af864d38-FRA
ads
securepubads.g.doubleclick.net/gampad/ 		806 B
961 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3272521849198029&correlator=3093738799834703&eid=31079668%2C31079673%2C31079657%2C44807410%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=183518426%2CSkyPost_WebRP5_Detail_Fixed01&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x160%7C970x90%7C728x90&ifi=1&didk=3879672765&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1700709770322&lmt=1700709770&adxs=200&adys=10&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&vis=1&psz=1200x0&msz=1200x0&fws=4&ohw=1600&ga_vid=95362296.1700709770&ga_sid=1700709770&ga_hid=1231077867&ga_fc=true&dlt=1700709768198&idt=2089&prev_scp=article_id%3D3384147%26section_id%3D503001001%26title%3D%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A%25EF%25BD%259CWWF%25E5%25A4%25A5%25E4%25B8%25AD%25E5%25A4%25A7%25E6%258B%25AF%25E6%2595%2591%25E7%258F%258A%25E7%2591%259A%25E7%25A2%258E%25E5%25A1%258A%25E6%2588%2590%25E5%258A%259F%2520%25E5%25BE%25A9%25E8%2582%25B2%25E5%25AD%2598%25E6%25B4%25BB%25E7%258E%2587%25E9%2581%259497.5%2525%26section%3D%25E6%2599%2582%25E4%25BA%258B%2C%25E8%25A6%2581%25E8%2581%259E%26environment%3Dprod%26formal_tag%3D%25E7%2592%25B0%25E4%25BF%259D%2C%25E7%2592%25B0%25E4%25BF%259D%25E6%258E%25AA%25E6%2596%25BD%2C%25E7%2592%25B0%25E4%25BF%259D%2C%25E7%2592%25B0%25E4%25BF%259D%25E6%258E%25AA%25E6%2596%25BD%2C%25E8%2587%25AA%25E7%2584%25B6%25E4%25BF%259D%25E8%2582%25B2%2C%25E7%2592%25B0%25E4%25BF%259D%2C%25E6%25B1%25A1%25E6%259F%2593%2C%25E6%25B5%25B7%25E6%25B4%258B%25E5%259E%2583%25E5%259C%25BE%2C%25E5%25AF%25A6%25E9%25AB%2594%25E8%25A9%259E%2C%25E5%25AD%25B8%25E6%25A0%25A1%2C%25E9%25A6%2599%25E6%25B8%25AF%25E4%25B8%25AD%25E6%2596%2587%25E5%25A4%25A7%25E5%25AD%25B8%2C%25E5%25AF%25A6%25E9%25AB%2594%25E8%25A9%259E%2C%25E5%258B%2595%25E7%2589%25A9%25E5%2593%2581%25E7%25A8%25AE%2C%25E7%258F%258A%25E7%2591%259A%26keyword%3D%25E7%258F%258A%25E7%2591%259A%2C%25E6%25B5%25B7%25E6%25B4%258B%2CWWF%2C%25E4%25B8%25AD%25E5%25A4%25A7%2C%25E7%2594%259F%25E7%2589%25A9%2C%25E5%2585%25AC%25E5%259C%2592%2C%25E7%25A2%258E%25E5%25A1%258A%2C%25E5%25B8%2582%25E6%25B0%2591%2C%25E4%25B8%25AD%25E5%25BF%2583%2C%25E7%2595%25B6%25E5%25B1%2580%2C%25E8%2587%25AA%25E7%2584%25B6%2C%25E7%25A7%2591%25E5%25AD%25B8%2C%25E5%25AD%25B8%25E9%2599%25A2%2C%25E9%25A6%2599%25E6%25B8%25AF%2C%25E5%2585%25AC%25E6%25B0%2591%2C%25E8%25A8%2588%25E5%258A%2583%2C%25E7%25A7%2591%25E5%25AD%25B8%25E5%25AE%25B6%2C%25E6%2583%2585%25E6%25B3%2581%2C%25E6%25B4%25BB%25E5%258B%2595%2C%25E6%25B5%25B7%25E4%25B8%258B%25E7%2581%25A3%2C%25E6%25B5%25B7%25E5%25B2%25B8%2C%25E5%25AE%25A3%25E5%2582%25B3%2C%25E6%25B0%2591%25E9%2596%2593%2C%25E5%2588%2586%25E6%259C%2583%2C%25E6%25B5%25B7%25E4%25B8%258B%25E7%2581%25A3%25E6%25B5%25B7%25E5%25B2%25B8%2C%25E5%25B4%2594%25E4%25BD%25A9%25E6%2580%25A1%2C%25E5%259C%25B0%25E9%25BB%259E%2C%25E7%2594%259F%25E6%2585%258B%2C%25E4%25BF%259D%25E8%2582%25B2%25E5%258D%2580%2C%25E5%259C%2598%25E9%259A%258A&adks=2271718335&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be23569a73bc0e573dee6b6357ba6a92fd8e2d72196a8e2f6af6075018d6f352
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:50 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
435
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3272521849198029&correlator=3093738799834703&eid=31079668%2C31079673%2C31079657%2C44807410%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=183518426%2CSkyPost_WebRP5_Refresh&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&didk=9890282&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1700709770331&lmt=1700709770&adxs=200&adys=20&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&vis=1&psz=1200x0&msz=1200x0&fws=4&ohw=1600&ga_vid=95362296.1700709770&ga_sid=1700709770&ga_hid=1231077867&ga_fc=true&dlt=1700709768198&idt=2089&prev_scp=article_id%3D3384147%26section%3D%25E6%2599%2582%25E4%25BA%258B%2C%25E8%25A6%2581%25E8%2581%259E&adks=706072362&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1ade89ad9704a077e9296a84bb7b84528d0872c4d291f7352fbf7dd87b34c604
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12339
x-xss-protection
0
google-lineitem-id
5822052620
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138321115792
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		41 KB
17 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3272521849198029&correlator=3093738799834703&eid=31079668%2C31079673%2C31079657%2C44807410%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=183518426%2CSkyPost_WebRP5_Detail_Special&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=3&didk=2535676808&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1700709770334&lmt=1700709770&adxs=0&adys=180&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&vis=1&psz=1600x1&msz=1x-1&fws=4&ohw=1600&ga_vid=95362296.1700709770&ga_sid=1700709770&ga_hid=1231077867&ga_fc=true&dlt=1700709768198&idt=2089&prev_scp=article_id%3D3384147%26section_id%3D503001001%26title%3D%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A%25EF%25BD%259CWWF%25E5%25A4%25A5%25E4%25B8%25AD%25E5%25A4%25A7%25E6%258B%25AF%25E6%2595%2591%25E7%258F%258A%25E7%2591%259A%25E7%25A2%258E%25E5%25A1%258A%25E6%2588%2590%25E5%258A%259F%2520%25E5%25BE%25A9%25E8%2582%25B2%25E5%25AD%2598%25E6%25B4%25BB%25E7%258E%2587%25E9%2581%259497.5%2525%26section%3D%25E6%2599%2582%25E4%25BA%258B%2C%25E8%25A6%2581%25E8%2581%259E%26environment%3Dprod%26formal_tag%3D%25E7%2592%25B0%25E4%25BF%259D%2C%25E7%2592%25B0%25E4%25BF%259D%25E6%258E%25AA%25E6%2596%25BD%2C%25E7%2592%25B0%25E4%25BF%259D%2C%25E7%2592%25B0%25E4%25BF%259D%25E6%258E%25AA%25E6%2596%25BD%2C%25E8%2587%25AA%25E7%2584%25B6%25E4%25BF%259D%25E8%2582%25B2%2C%25E7%2592%25B0%25E4%25BF%259D%2C%25E6%25B1%25A1%25E6%259F%2593%2C%25E6%25B5%25B7%25E6%25B4%258B%25E5%259E%2583%25E5%259C%25BE%2C%25E5%25AF%25A6%25E9%25AB%2594%25E8%25A9%259E%2C%25E5%25AD%25B8%25E6%25A0%25A1%2C%25E9%25A6%2599%25E6%25B8%25AF%25E4%25B8%25AD%25E6%2596%2587%25E5%25A4%25A7%25E5%25AD%25B8%2C%25E5%25AF%25A6%25E9%25AB%2594%25E8%25A9%259E%2C%25E5%258B%2595%25E7%2589%25A9%25E5%2593%2581%25E7%25A8%25AE%2C%25E7%258F%258A%25E7%2591%259A%26keyword%3D%25E7%258F%258A%25E7%2591%259A%2C%25E6%25B5%25B7%25E6%25B4%258B%2CWWF%2C%25E4%25B8%25AD%25E5%25A4%25A7%2C%25E7%2594%259F%25E7%2589%25A9%2C%25E5%2585%25AC%25E5%259C%2592%2C%25E7%25A2%258E%25E5%25A1%258A%2C%25E5%25B8%2582%25E6%25B0%2591%2C%25E4%25B8%25AD%25E5%25BF%2583%2C%25E7%2595%25B6%25E5%25B1%2580%2C%25E8%2587%25AA%25E7%2584%25B6%2C%25E7%25A7%2591%25E5%25AD%25B8%2C%25E5%25AD%25B8%25E9%2599%25A2%2C%25E9%25A6%2599%25E6%25B8%25AF%2C%25E5%2585%25AC%25E6%25B0%2591%2C%25E8%25A8%2588%25E5%258A%2583%2C%25E7%25A7%2591%25E5%25AD%25B8%25E5%25AE%25B6%2C%25E6%2583%2585%25E6%25B3%2581%2C%25E6%25B4%25BB%25E5%258B%2595%2C%25E6%25B5%25B7%25E4%25B8%258B%25E7%2581%25A3%2C%25E6%25B5%25B7%25E5%25B2%25B8%2C%25E5%25AE%25A3%25E5%2582%25B3%2C%25E6%25B0%2591%25E9%2596%2593%2C%25E5%2588%2586%25E6%259C%2583%2C%25E6%25B5%25B7%25E4%25B8%258B%25E7%2581%25A3%25E6%25B5%25B7%25E5%25B2%25B8%2C%25E5%25B4%2594%25E4%25BD%25A9%25E6%2580%25A1%2C%25E5%259C%25B0%25E9%25BB%259E%2C%25E7%2594%259F%25E6%2585%258B%2C%25E4%25BF%259D%25E8%2582%25B2%25E5%258D%2580%2C%25E5%259C%2598%25E9%259A%258A&adks=3230286368&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63d8d638dec00fe4f552b8cbcf287532c1fbd482b59b5471e268fdc7054612ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16766
x-xss-protection
0
google-lineitem-id
6414237547
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138454712464
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		654 B
612 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3272521849198029&correlator=3093738799834703&eid=31079668%2C31079673%2C31079657%2C44807410%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=183518426%2CSkyPost_WebRP5_Details_LightboxTop&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C320x50%7C300x100&ifi=4&didk=2028571597&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1700709770336&lmt=1700709770&adxs=0&adys=1900&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&vis=1&psz=1600x0&msz=1600x0&fws=4&ohw=1600&ga_vid=95362296.1700709770&ga_sid=1700709770&ga_hid=1231077867&ga_fc=true&dlt=1700709768198&idt=2089&prev_scp=article_id%3D3384147%26section_id%3D503001001%26title%3D%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A%25EF%25BD%259CWWF%25E5%25A4%25A5%25E4%25B8%25AD%25E5%25A4%25A7%25E6%258B%25AF%25E6%2595%2591%25E7%258F%258A%25E7%2591%259A%25E7%25A2%258E%25E5%25A1%258A%25E6%2588%2590%25E5%258A%259F%2520%25E5%25BE%25A9%25E8%2582%25B2%25E5%25AD%2598%25E6%25B4%25BB%25E7%258E%2587%25E9%2581%259497.5%2525%26section%3D%25E6%2599%2582%25E4%25BA%258B%2C%25E8%25A6%2581%25E8%2581%259E%26environment%3Dprod%26formal_tag%3D%25E7%2592%25B0%25E4%25BF%259D%2C%25E7%2592%25B0%25E4%25BF%259D%25E6%258E%25AA%25E6%2596%25BD%2C%25E7%2592%25B0%25E4%25BF%259D%2C%25E7%2592%25B0%25E4%25BF%259D%25E6%258E%25AA%25E6%2596%25BD%2C%25E8%2587%25AA%25E7%2584%25B6%25E4%25BF%259D%25E8%2582%25B2%2C%25E7%2592%25B0%25E4%25BF%259D%2C%25E6%25B1%25A1%25E6%259F%2593%2C%25E6%25B5%25B7%25E6%25B4%258B%25E5%259E%2583%25E5%259C%25BE%2C%25E5%25AF%25A6%25E9%25AB%2594%25E8%25A9%259E%2C%25E5%25AD%25B8%25E6%25A0%25A1%2C%25E9%25A6%2599%25E6%25B8%25AF%25E4%25B8%25AD%25E6%2596%2587%25E5%25A4%25A7%25E5%25AD%25B8%2C%25E5%25AF%25A6%25E9%25AB%2594%25E8%25A9%259E%2C%25E5%258B%2595%25E7%2589%25A9%25E5%2593%2581%25E7%25A8%25AE%2C%25E7%258F%258A%25E7%2591%259A%26keyword%3D%25E7%258F%258A%25E7%2591%259A%2C%25E6%25B5%25B7%25E6%25B4%258B%2CWWF%2C%25E4%25B8%25AD%25E5%25A4%25A7%2C%25E7%2594%259F%25E7%2589%25A9%2C%25E5%2585%25AC%25E5%259C%2592%2C%25E7%25A2%258E%25E5%25A1%258A%2C%25E5%25B8%2582%25E6%25B0%2591%2C%25E4%25B8%25AD%25E5%25BF%2583%2C%25E7%2595%25B6%25E5%25B1%2580%2C%25E8%2587%25AA%25E7%2584%25B6%2C%25E7%25A7%2591%25E5%25AD%25B8%2C%25E5%25AD%25B8%25E9%2599%25A2%2C%25E9%25A6%2599%25E6%25B8%25AF%2C%25E5%2585%25AC%25E6%25B0%2591%2C%25E8%25A8%2588%25E5%258A%2583%2C%25E7%25A7%2591%25E5%25AD%25B8%25E5%25AE%25B6%2C%25E6%2583%2585%25E6%25B3%2581%2C%25E6%25B4%25BB%25E5%258B%2595%2C%25E6%25B5%25B7%25E4%25B8%258B%25E7%2581%25A3%2C%25E6%25B5%25B7%25E5%25B2%25B8%2C%25E5%25AE%25A3%25E5%2582%25B3%2C%25E6%25B0%2591%25E9%2596%2593%2C%25E5%2588%2586%25E6%259C%2583%2C%25E6%25B5%25B7%25E4%25B8%258B%25E7%2581%25A3%25E6%25B5%25B7%25E5%25B2%25B8%2C%25E5%25B4%2594%25E4%25BD%25A9%25E6%2580%25A1%2C%25E5%259C%25B0%25E9%25BB%259E%2C%25E7%2594%259F%25E6%2585%258B%2C%25E4%25BF%259D%25E8%2582%25B2%25E5%258D%2580%2C%25E5%259C%2598%25E9%259A%258A&adks=2547349904&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e90c2ee0d7e40dc5a12e34504a594435ccdb539a6db516339b051ed442f8a667
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
307
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0BA2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 03:22:50 GMT
expires
Fri, 22 Nov 2024 03:22:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
stats.g.doubleclick.net/j/ 		4 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-45611067-1&cid=95362296.1700709770&jid=1238752370&gjid=1375630498&_gid=1034550624.1700709770&_u=YADAAEAAAAAAACACI~&z=1888834001
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Thu, 23 Nov 2023 03:22:50 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.81.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-81-28.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
fe1c6ec36843f2bc07356bfe20b6206fe0b30bad494da069987ae174aeb0864d

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:50 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache
x-server
10.45.24.172
access-control-allow-credentials
true
content-length
60
expires
0
increment
id5-sync.com/api/esp/ 		0
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
date
Thu, 23 Nov 2023 03:22:49 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
syncframe
gum.criteo.com/ Frame F4EE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=skypost.ulifestyle.com.hk
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 03:22:49 GMT
server
Kestrel
server-processing-duration-in-ticks
317473
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&rid=esp&cc=1
85 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&rid=esp&cc=1
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
75d1bad12957d3102a1f45e6f6c8e77d9c38f5b89cc3decbed2255b2e062ee09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:50 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-N3tnrgkKRVSW+W2YD5ec2S2O5hs"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Thu, 23 Nov 2023 03:22:50 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://skypost.ulifestyle.com.hk
location
/esp?url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-45611067-1&cid=95362296.1700709770&jid=1238752370&_u=YADAAEAAAAAAACACI~&z=572593414
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-45611067-1&cid=95362296.1700709770&jid=1238752370&_u=YADAAEAAAAAAACACI~&z=572593414
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
matomo.js
dw.hketgroup.com/analysis01/ 		100 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dw.hketgroup.com/analysis01/matomo.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.163.169.164 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-163-169-164.ap-east-1.compute.amazonaws.com
Software
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/7.4.33 /
Resource Hash
88389fd24957a4486254f999972cfaa9721c31699bfa7e3003582572146c72bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 05:07:03 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/7.4.33
etag
"190b5-5efeaf0be1b47-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
sid
mug.criteo.com/ Frame F4EE
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=ulifestyle.com.hk&sn=ChromeSyncframe&so=0&topUrl=skypost.ulifestyle.com.hk&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=ZudaX3xTbmhidE1TdEV0a2x0aFgxVEhqRlovaDJ4WEJyMXRWQ01SZHZxRWpsZm44aDluRTJuaXQzU2ZzVllrTzh4RkFsZTZ5TmNjSUpKaUhDN0xobFY0Zmptd2hLbExrT3p6OUlXdEpwNUFjRlBmOW0rRThEOG5mNGgzUF...
457 B
672 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=ZudaX3xTbmhidE1TdEV0a2x0aFgxVEhqRlovaDJ4WEJyMXRWQ01SZHZxRWpsZm44aDluRTJuaXQzU2ZzVllrTzh4RkFsZTZ5TmNjSUpKaUhDN0xobFY0Zmptd2hLbExrT3p6OUlXdEpwNUFjRlBmOW0rRThEOG5mNGgzUFMxZXliT3BNTmJOUG1iRWlNemJJMUl1N3hZbk9uMkl4QVFHSHpUZk9Xd25HamEwS1owVEs3UjYrSW1SQlVUdDhyU25nVXdqSjV2SWZrTW52TVp3a3NkZ3VRUnFpWHVOc09NMjlyYk1pQ3h2Tkl1Y3NEMG1vV3NMbExrWUFwL0Qwa09ERWo3dmFKYXptZnRVc2JTT0xWMjVkVFlzdWgzRVpYclVxWTR4TWxybGtrMTVRSENUMD18&cppv=2
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f0da4334e68369f50115c56d60be133870c6c1ada928aca7d16d28bfd3e20e54
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:49 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
7157330
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:49 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=ZudaX3xTbmhidE1TdEV0a2x0aFgxVEhqRlovaDJ4WEJyMXRWQ01SZHZxRWpsZm44aDluRTJuaXQzU2ZzVllrTzh4RkFsZTZ5TmNjSUpKaUhDN0xobFY0Zmptd2hLbExrT3p6OUlXdEpwNUFjRlBmOW0rRThEOG5mNGgzUFMxZXliT3BNTmJOUG1iRWlNemJJMUl1N3hZbk9uMkl4QVFHSHpUZk9Xd25HamEwS1owVEs3UjYrSW1SQlVUdDhyU25nVXdqSjV2SWZrTW52TVp3a3NkZ3VRUnFpWHVOc09NMjlyYk1pQ3h2Tkl1Y3NEMG1vV3NMbExrWUFwL0Qwa09ERWo3dmFKYXptZnRVc2JTT0xWMjVkVFlzdWgzRVpYclVxWTR4TWxybGtrMTVRSENUMD18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
300956
content-length
0
expires
0
pd
google-bidout-d.openx.net/w/1.0/ Frame AF28 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Thu, 23 Nov 2023 03:22:50 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
view
securepubads.g.doubleclick.net/pcs/ Frame A3E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTTxwP6usv-bKKEDy-7HdzqH5XwbyL2LQMZwe6d5i4GNmFcNDpdOJGPZL0hDWI2KxyaRhPPb4VSMFmnm35wsn2zqPgH2wFT46G1aSAybEKP96vEDYlaRSeRzPFmaTV-VtuOJ0EQBFVHPplQSO0NeJqenRol4yD9zOHNns1pWrELhTVvZi-yAhNCh48IigzFr4qqle4UCoMauje_qV-EpUbAS-ROFacG9-airYn5nYXOTX2moBqUdjRZahKQaOgpUHu5Tckm_u2xupOqE7LKvICVGLESSzEVTdYdJ5I8ClK5dwllsMnkjk6bfLK_ESePvfo_6UEPuUZiOuyWJuV7jHCRVMvtb773JN-PrzZKA&sai=AMfl-YSNeog1zKJFOc7H4DZo2IcnsiI5nHCF7ox1W5iU9_IgxUVKkEwP0M7fadHGbtkoKabjV58ZNP9dKxCoGNr9x3dPnyxfYsCcrNZ2Ab9oNcY0zJ4Ck0VBnDPOXKBsOqQ&sig=Cg0ArKJSzMRe03aitXT5EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame A3E0 		99 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
836a4c4652ed7b5e462cb50d7b9c45e727f3a0d3e488866ca5ee1c075f07f36e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:50 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30706
x-xss-protection
0
server
cafe
etag
449 / 19684 / 31079695 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 03:22:50 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A3E0 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 03:22:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F6CD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZyjWWCaATIJ1PEeOm6uB72WSwTJKu4jEqhaAqZoGPMlVaYhlg0Uhkdz8SMlmBDoUzxzDjHX5T9OglfSphrUNbzmr7zypO_oqA7vEYTZtd8J2Yrg_7HnRUFmUoq-HnfDhtBbQALkR-pnGQUGO0R-qaVsgOkJLNmgG8BNGtiX-GS4aN0Edd0moIMuznxODZkQ8e13Gdz6KFKb0MJdLfifSt5gpiKjjNiR5soE6qNPVdbR2TaOw9kiWKzx411MmlZ7fcVwi2DkDPys-UPGT3RrYLJLMhYr4SWx065fjbzHY_yqH9YErOJnHNIKHAaqNQUKukDe0stpFhkB_WjzHZxGJmnb7U6g9LNxAVVsQiOPbnGlWX4lUEV_VGBUYk3pGFzpTiMfPT40Q&sai=AMfl-YTZRDWgzHXFIspuxoHsSv4qmbOy52Xz2NeaSim-kWckWTDcuQ69sn6zjjmgKIV9rrLC8oXeCm6d9-hzzCY1PyDi32AOccnySVog3WbY-VF-aPbqEsQWOnIVPmo2Ncg&sig=Cg0ArKJSzHW2TQ29P1YiEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F6CD 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 03:22:50 GMT
8589677390378230112
tpc.googlesyndication.com/simgad/
Redirect Chain
  • https://tpc.googlesyndication.com/pagead/imgad?id=CICAgODZm-iiqwEQARgBMgjl9qfJdW9uiA
  • https://tpc.googlesyndication.com/simgad/8589677390378230112
150 KB
150 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8589677390378230112
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ee8ec3167fd87372533a7cc8a396d5c5044c5244b03e29d6f83c9a86a581bac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:31:58 GMT
x-content-type-options
nosniff
age
532252
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153621
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 07:23:41 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 15 Nov 2024 23:31:58 GMT

Redirect headers

date
Wed, 22 Nov 2023 17:38:26 GMT
x-content-type-options
nosniff
server
cafe
age
35064
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/8589677390378230112
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 22 Dec 2023 17:38:26 GMT
truncated
/ 		169 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
323dc26f8ee0afc0d832dbf81b96ac54e90a27a9a1b957ad0b7720f48e16a0b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A3E0 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f730486c300f81a8d7ed7ae6f664f0eaddba52e7ea6da8752e0e990d336b1b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/ Frame A3E0 		431 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb7ae0f257f7da390f8c60998add4e543e1a56d4d5a22a1a494365b4fb8b5315
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:10:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
25956
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137994
x-xss-protection
0
server
cafe
etag
6213585212225905441
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 21 Nov 2024 20:10:14 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F6CD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv36j_WhqR6IpmXmx8VnRSgbJX9N3PGYI9xMY_bt2Ajq1gnt1Naf140Nzf5Dl-KEFnwE7I84sZ1ME8gwZcaXgMQmg98hMDH3tXeUOjg5c4I-LFCO1P9JcWh3aC4e4ETKfG9fjkQwxvUA_PruJXKXeNXMuloLGVRe6hQ8CCplsYRscdcdySC0hfOYkvKuWQT_dHZUK6gjjkJbHUPy848ncCVjJuNUTnMZrvlcAOUOULIpsYDSQj_-sgOjpgmIbNOLO4W5M9oJ5Sr3l4Cy0L1Z9s-IA9RSJF6yyoXzcSO_Q0991uPHbJPubEqdzp221V8hzkCx6-1RYXM-7J96hiv9nA9syh8CEi1c0CsXb16m1vAUnVARjuqAW6JDuU&sai=AMfl-YSQ-hzHYxfoWiXn7l5T5xb98_Av-fWFe9CIreEMunmkGqWP9RqaOcZVqri5T147SyqkV-0W-P_D9neAlHEGg6xn5Ibz1RpUgglFftjzyhWnhE-qjyTExbZEZ-KNbLw&sig=Cg0ArKJSzLDU4p5XdEyhEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 23 Nov 2023 03:22:50 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame A3E0 		552 KB
43 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1951133771090687&correlator=1299661576927397&eid=31079671%2C31079233%2C31079239%2C31079695%2C31079525&output=ldjh&gdfp_req=1&vrg=202311140101&ptt=17&impl=fif&iu_parts=21927187246%2C549946_ulifestyle.com.hk_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&didk=607409652&sfv=1-0-40&sc=1&cookie=ID%3Db12f086cbd9c9a5b%3AT%3D1700709770%3ART%3D1700709770%3AS%3DALNI_Ma5LJ4EXppmv8vKN5bgXngCFSVJ_A&gpic=UID%3D00000cd89a1582dd%3AT%3D1700709770%3ART%3D1700709770%3AS%3DALNI_MZxhI6hlmJQ6TORaDTzuiPp8xUJsw&abxe=1&dt=1700709770916&lmt=1700709770&adxs=200&adys=43&biw=1600&bih=1200&isw=1&ish=1&scr_x=0&scr_y=0&btvi=0&ucis=u3xwd28qgjw&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&ref=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&top=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&vis=1&psz=0x0&msz=1x0&fws=256&ohw=0&ea=0&ga_vid=95362296.1700709770&ga_sid=1700709771&ga_hid=1761287496&ga_fc=true&dlt=1700709770735&idt=160&adks=2141471053&frm=23
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3eba1618e517859a3a40090fc5d76616f90ccdd2202f90b446ce9cea11a2ee8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:50 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43518
x-xss-protection
0
google-lineitem-id
5848930999
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138373742613
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
59362a77c0aa6d870809addf552816bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9292 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://59362a77c0aa6d870809addf552816bc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 03:22:50 GMT
expires
Fri, 22 Nov 2024 03:22:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 9F11 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssexKtj2y-bZ3c_gPmBBJaR7D3jZkp4iAFvEwA1Wc2wAYNE-4p5-wWaSKNVaiTudasFKH-rTHh_PH8kliLC-2-raZor0zlnnEneSMWmaKM2IZq2xcuyj4wXoTMu4-EWtc__FHWIVWm0XEbQNfmRp1-kjpK-xDzwqdrWwixclScqfLwQoO8rsELvyw_OowPDsalWUGAAnTR58GaxNf48AaVj0lyVeaQYB6i1zZ6qXn7wQTglgkQxvppUDmmuVqne4TYyPiBIJMuEacUpoPKOrXKIJ0X1QkrVAgS8ZmpkxZ7aPLwTGfxI9j5VcqkotBD7X-P4u0jKMIwcrJrt_1oFSDOC9MB2FuMzotWA1H_aM4sPu6WBbMs&sai=AMfl-YRtyHi0is4uO7w4EuDt6Q_MfRhEjTDZ6H0_2eA97rrvBswqP_syx9K_c_sN5FsFNVChZN9b3tvwIqN2oAd2T76bT4WjvIl-l0owaAnJKsaHPopDEv_r78_lhEjVWGs&sig=Cg0ArKJSzGk6L8Ctyjf1EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
check
rtbdemand.apiip.net/api/ 		243 B
438 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtbdemand.apiip.net/api/check?accessKey=7ef45bac-167a-4aa8-8c99-bc8a28f80bc5&fields=countryCode,regionCode,regionName,city,timeZone,countryName
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
134364b437a1aefa3b7d7a4ef36b295bedf271a1bca2a87524913e733256ec07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"f3-JBAMuuQbMEnsQdoChfrBxwLf29g"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cf-ray
82a64a457c9d03e0-FRA
alt-svc
h3=":443"; ma=86400
prebid-custom.js
rtbpass.andbeyond.media/ 		610 KB
189 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbpass.andbeyond.media/prebid-custom.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.195.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82e3d92275a73b7d10f1b1db5a8d1b372f9bef00af3116b07c64b355fbba6779

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
br
via
1.1 varnish
x-amz-request-id
WYY1Y74QFKAQVVSP
age
21
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
193175
x-amz-id-2
BMoQqLlhNRaPzefgaB97dLG+LwtwF9tP9Bd76orn2neNGrB0vs3+dFZVvNNeZ+c0Nb10bgtW418=
x-served-by
cache-fra-eddf8230056-FRA
last-modified
Tue, 14 Nov 2023 03:58:21 GMT
server
AmazonS3
x-timer
S1700709771.114066,VS0,VE1
etag
"cefe618333ba0d9574a2870431dd1593"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=86400
accept-ranges
bytes
x-cache-hits
1
apstag.js
c.amazon-adsystem.com/aax2/ 		267 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 02:39:23 GMT
content-encoding
gzip
via
1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront), 1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
last-modified
Mon, 13 Nov 2023 20:18:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-P6
age
2609
x-amz-server-side-encryption
AES256
etag
W/"2d08dd94de483579c1dc3f3783c06f6e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
hOA05793rpbu_rqDLiAnd1U0cHtwj999_VF6D6DWi-_Q764jXyw60Q==
a.js
p.adlooxtracking.com/gpt/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/gpt/a.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 02:44:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
server
nginx
age
2312
etag
W/"81c857a6c52da1ca7444f198bd33b2ea"
last-modified
Tue, 22 Nov 2022 17:41:01 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3703
impstats.php
prebid.andbeyond.media/ 		69 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.andbeyond.media/impstats.php?aff=550854&type=pv
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.215.0.207 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-215-0-207.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.56 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
8a97d1c31cbf9d25cbe029b6fdbf4b5da90076692e05cdfd9fe4c40d1325e69a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Nov 2023 03:22:52 GMT
Server
Apache/2.4.56 (Amazon Linux) OpenSSL/3.0.8
Connection
keep-alive
Content-Length
69
Content-Type
text/html; charset=UTF-8
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9F11 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 03:22:51 GMT
getStandardThemePageTitle
skypost.ulifestyle.com.hk/ 		2 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/getStandardThemePageTitle
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/photoswipe/jquery1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains, max-age=0 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains, max-age=0 ; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=90
X-XSS-Protection
1; mode=block
Expires
0
getStandardThemePageTitle2
skypost.ulifestyle.com.hk/ 		2 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/getStandardThemePageTitle2
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/photoswipe/jquery1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains, max-age=0 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains, max-age=0 ; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=89
X-XSS-Protection
1; mode=block
Expires
0
getStandardThemePageTitle3
skypost.ulifestyle.com.hk/ 		2 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/getStandardThemePageTitle3
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/photoswipe/jquery1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains, max-age=0 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains, max-age=0 ; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=89
X-XSS-Protection
1; mode=block
Expires
0
getStandardThemePageTitle4
skypost.ulifestyle.com.hk/ 		2 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/getStandardThemePageTitle4
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/photoswipe/jquery1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains, max-age=0 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 03:22:50 GMT
Strict-Transport-Security
max-age=0; includeSubDomains, max-age=0 ; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=88
X-XSS-Protection
1; mode=block
Expires
0
getStandardThemePageTitle5
skypost.ulifestyle.com.hk/ 		2 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/getStandardThemePageTitle5
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/photoswipe/jquery1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains, max-age=0 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 03:22:51 GMT
Strict-Transport-Security
max-age=0; includeSubDomains, max-age=0 ; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=88
X-XSS-Protection
1; mode=block
Expires
0
getStandardThemePageTitle6
skypost.ulifestyle.com.hk/ 		2 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/getStandardThemePageTitle6
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/photoswipe/jquery1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains, max-age=0 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 03:22:51 GMT
Strict-Transport-Security
max-age=0; includeSubDomains, max-age=0 ; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=89
X-XSS-Protection
1; mode=block
Expires
0
getStandardThemePageTitle7
skypost.ulifestyle.com.hk/ 		2 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/getStandardThemePageTitle7
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/photoswipe/jquery1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains, max-age=0 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 03:22:51 GMT
Strict-Transport-Security
max-age=0; includeSubDomains, max-age=0 ; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=89
X-XSS-Protection
1; mode=block
Expires
0
getStandardThemePageTitle8
skypost.ulifestyle.com.hk/ 		2 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/getStandardThemePageTitle8
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/photoswipe/jquery1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains, max-age=0 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 03:22:51 GMT
Strict-Transport-Security
max-age=0; includeSubDomains, max-age=0 ; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=88
X-XSS-Protection
1; mode=block
Expires
0
getStandardThemePageTitle9
skypost.ulifestyle.com.hk/ 		2 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/getStandardThemePageTitle9
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/photoswipe/jquery1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains, max-age=0 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 03:22:51 GMT
Strict-Transport-Security
max-age=0; includeSubDomains, max-age=0 ; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=88
X-XSS-Protection
1; mode=block
Expires
0
getStandardThemePageTitle10
skypost.ulifestyle.com.hk/ 		2 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://skypost.ulifestyle.com.hk/getStandardThemePageTitle10
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/photoswipe/jquery1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains, max-age=0 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 03:22:51 GMT
Strict-Transport-Security
max-age=0; includeSubDomains, max-age=0 ; includeSubDomains
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Transfer-Encoding
chunked
Content-Type
application/json;charset=UTF-8
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=87
X-XSS-Protection
1; mode=block
Expires
0
WhatsA_600_600_600_600_600.jpeg
resource01-proxy.ulifestyle.com.hk/res/v3/image/content/3380000/3384147/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resource01-proxy.ulifestyle.com.hk/res/v3/image/content/3380000/3384147/WhatsA_600_600_600_600_600.jpeg
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-75.fra56.r.cloudfront.net
Software
/
Resource Hash
6d81b675349fb20e513851f5676ea7c44cdfc98a193d636323f32aba90e00201

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified
Wed, 26 Oct 2022 06:49:17 GMT
x-amz-cf-pop
FRA56-C1
etag
"697a-5ebea6c653540"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
27002
x-amz-cf-id
0wsAl5ozLWY2N-ijCpRINlQe8WpjLqsap4_fqZntLbS7lgT1-6ghrA==
expires
Sat, 23 Dec 2023 03:22:51 GMT
1cc7813c-9376-4e23-ae9c-53f945b2b0bb_600.jpg
resource01-proxy.ulifestyle.com.hk/res/v3/image/content/3380000/3384147/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resource01-proxy.ulifestyle.com.hk/res/v3/image/content/3380000/3384147/1cc7813c-9376-4e23-ae9c-53f945b2b0bb_600.jpg
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-75.fra56.r.cloudfront.net
Software
/
Resource Hash
e68caa042eb189685ee212820ee248d9b243e81a988c152ffed9771a81bea357

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:50 GMT
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified
Wed, 26 Oct 2022 06:49:18 GMT
x-amz-cf-pop
FRA56-C1
etag
"f8f9-5ebea6c747780"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
63737
x-amz-cf-id
mUFn-eePyczzElIPPRoS2OnGMp5jnhf8tYSGRKI6qDg_fhky3_2pig==
expires
Sat, 23 Dec 2023 03:22:50 GMT
a2655cf7-d320-4c92-b5f3-594c9e8e0bd6_600.jpg
resource01-proxy.ulifestyle.com.hk/res/v3/image/content/3380000/3384147/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resource01-proxy.ulifestyle.com.hk/res/v3/image/content/3380000/3384147/a2655cf7-d320-4c92-b5f3-594c9e8e0bd6_600.jpg
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-75.fra56.r.cloudfront.net
Software
/
Resource Hash
b1daecc7b0b9751a330e055cf22a23bb1d6889b303324c4a35ca0f688dcc1170

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified
Wed, 26 Oct 2022 06:49:17 GMT
x-amz-cf-pop
FRA56-C1
etag
"9c53-5ebea6c653540"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
40019
x-amz-cf-id
Pz3WuMmwLwJmYR3x7YFqIIt5fauA-sVmm0E-4h6X4zmw10I1U23_0A==
expires
Sat, 23 Dec 2023 03:22:51 GMT
943f5033-1d2d-417f-bb9b-c60dec27e964_600.jpg
resource01-proxy.ulifestyle.com.hk/res/v3/image/content/3380000/3384147/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resource01-proxy.ulifestyle.com.hk/res/v3/image/content/3380000/3384147/943f5033-1d2d-417f-bb9b-c60dec27e964_600.jpg
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-75.fra56.r.cloudfront.net
Software
/
Resource Hash
8a5ffa7018399654da2edd4b433c80a3b97d086deac04e285e6da64a6eb2ef50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified
Wed, 26 Oct 2022 06:49:17 GMT
x-amz-cf-pop
FRA56-C1
etag
"d6d4-5ebea6c653540"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
54996
x-amz-cf-id
3KMTU-kx97YN6UnPbU4MhD55VldqewvnQ-3AkS_QJDtkEr7rtci7Xg==
expires
Sat, 23 Dec 2023 03:22:51 GMT
photoAlbum.png
skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/photoswipe/ 		191 B
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/css/photoswipe/photoAlbum.png
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.166 Kowloon, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
465ea8540e3d971cbde4003ae2bd35407799dfb45d756e58cb5ea199b76554eb
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:51 GMT
Strict-Transport-Security
max-age=0; includeSubDomains
Last-Modified
Fri, 15 Sep 2023 15:56:29 GMT
ETag
"bf-60567d5eb4540"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=87
Content-Length
191
Expires
Sat, 23 Dec 2023 03:22:51 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		402 B
189 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3272521849198029&correlator=3093738799834703&eid=31079668%2C31079673%2C31079657%2C44807410%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=183518426%2CSkyPost_WebRP5_Detail_Fixed02&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250&ifi=5&didk=3879677447&sfv=1-0-40&sc=1&cookie=ID%3Db12f086cbd9c9a5b%3AT%3D1700709770%3ART%3D1700709770%3AS%3DALNI_Ma5LJ4EXppmv8vKN5bgXngCFSVJ_A&gpic=UID%3D00000cd89a1582dd%3AT%3D1700709770%3ART%3D1700709770%3AS%3DALNI_MZxhI6hlmJQ6TORaDTzuiPp8xUJsw&abxe=1&dt=1700709771127&lmt=1700709771&adxs=1088&adys=943&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsmf81YrQ3OfDiZCuhmPyq53q1c87ct7lOah_ALl-af-SdJUY82syZySrBeyko-YyfPkfMVTWl-lg522iIJJHGOD4xQY%2CAOrYGsnQJW3wF4SiLTWVeRDpHSMiLyato5DgiRT1stqcZYypHTcISmFSjCMIPPKtTG7BaXLMCziJrFlx2Pl-upo&ga_vid=95362296.1700709770&ga_sid=1700709770&ga_hid=1231077867&ga_fc=true&dlt=1700709768198&idt=2089&prev_scp=article_id%3D3384147%26section_id%3D503001001%26title%3D%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A%25EF%25BD%259CWWF%25E5%25A4%25A5%25E4%25B8%25AD%25E5%25A4%25A7%25E6%258B%25AF%25E6%2595%2591%25E7%258F%258A%25E7%2591%259A%25E7%25A2%258E%25E5%25A1%258A%25E6%2588%2590%25E5%258A%259F%2520%25E5%25BE%25A9%25E8%2582%25B2%25E5%25AD%2598%25E6%25B4%25BB%25E7%258E%2587%25E9%2581%259497.5%2525%26section%3D%25E6%2599%2582%25E4%25BA%258B%2C%25E8%25A6%2581%25E8%2581%259E%26environment%3Dprod%26formal_tag%3D%25E7%2592%25B0%25E4%25BF%259D%2C%25E7%2592%25B0%25E4%25BF%259D%25E6%258E%25AA%25E6%2596%25BD%2C%25E7%2592%25B0%25E4%25BF%259D%2C%25E7%2592%25B0%25E4%25BF%259D%25E6%258E%25AA%25E6%2596%25BD%2C%25E8%2587%25AA%25E7%2584%25B6%25E4%25BF%259D%25E8%2582%25B2%2C%25E7%2592%25B0%25E4%25BF%259D%2C%25E6%25B1%25A1%25E6%259F%2593%2C%25E6%25B5%25B7%25E6%25B4%258B%25E5%259E%2583%25E5%259C%25BE%2C%25E5%25AF%25A6%25E9%25AB%2594%25E8%25A9%259E%2C%25E5%25AD%25B8%25E6%25A0%25A1%2C%25E9%25A6%2599%25E6%25B8%25AF%25E4%25B8%25AD%25E6%2596%2587%25E5%25A4%25A7%25E5%25AD%25B8%2C%25E5%25AF%25A6%25E9%25AB%2594%25E8%25A9%259E%2C%25E5%258B%2595%25E7%2589%25A9%25E5%2593%2581%25E7%25A8%25AE%2C%25E7%258F%258A%25E7%2591%259A%26keyword%3D%25E7%258F%258A%25E7%2591%259A%2C%25E6%25B5%25B7%25E6%25B4%258B%2CWWF%2C%25E4%25B8%25AD%25E5%25A4%25A7%2C%25E7%2594%259F%25E7%2589%25A9%2C%25E5%2585%25AC%25E5%259C%2592%2C%25E7%25A2%258E%25E5%25A1%258A%2C%25E5%25B8%2582%25E6%25B0%2591%2C%25E4%25B8%25AD%25E5%25BF%2583%2C%25E7%2595%25B6%25E5%25B1%2580%2C%25E8%2587%25AA%25E7%2584%25B6%2C%25E7%25A7%2591%25E5%25AD%25B8%2C%25E5%25AD%25B8%25E9%2599%25A2%2C%25E9%25A6%2599%25E6%25B8%25AF%2C%25E5%2585%25AC%25E6%25B0%2591%2C%25E8%25A8%2588%25E5%258A%2583%2C%25E7%25A7%2591%25E5%25AD%25B8%25E5%25AE%25B6%2C%25E6%2583%2585%25E6%25B3%2581%2C%25E6%25B4%25BB%25E5%258B%2595%2C%25E6%25B5%25B7%25E4%25B8%258B%25E7%2581%25A3%2C%25E6%25B5%25B7%25E5%25B2%25B8%2C%25E5%25AE%25A3%25E5%2582%25B3%2C%25E6%25B0%2591%25E9%2596%2593%2C%25E5%2588%2586%25E6%259C%2583%2C%25E6%25B5%25B7%25E4%25B8%258B%25E7%2581%25A3%25E6%25B5%25B7%25E5%25B2%25B8%2C%25E5%25B4%2594%25E4%25BD%25A9%25E6%2580%25A1%2C%25E5%259C%25B0%25E9%25BB%259E%2C%25E7%2594%259F%25E6%2585%258B%2C%25E4%25BF%259D%25E8%2582%25B2%25E5%258D%2580%2C%25E5%259C%2598%25E9%259A%258A&adks=2615130759&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
567a4b8851b5e75837cffcc8761e804b601aca1f655bbe88394ca9e4e00e1562
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
159
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		402 B
188 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3272521849198029&correlator=3093738799834703&eid=31079668%2C31079673%2C31079657%2C44807410%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=183518426%2CSkyPost_WebRP5_Detail_Fixed03&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x160%7C970x90%7C728x90&ifi=6&didk=3879686734&sfv=1-0-40&sc=1&cookie=ID%3Db12f086cbd9c9a5b%3AT%3D1700709770%3ART%3D1700709770%3AS%3DALNI_Ma5LJ4EXppmv8vKN5bgXngCFSVJ_A&gpic=UID%3D00000cd89a1582dd%3AT%3D1700709770%3ART%3D1700709770%3AS%3DALNI_MZxhI6hlmJQ6TORaDTzuiPp8xUJsw&abxe=1&dt=1700709771131&lmt=1700709771&adxs=200&adys=2319&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&vis=1&psz=1200x0&msz=1200x0&fws=4&ohw=1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGsmf81YrQ3OfDiZCuhmPyq53q1c87ct7lOah_ALl-af-SdJUY82syZySrBeyko-YyfPkfMVTWl-lg522iIJJHGOD4xQY%2CAOrYGsnQJW3wF4SiLTWVeRDpHSMiLyato5DgiRT1stqcZYypHTcISmFSjCMIPPKtTG7BaXLMCziJrFlx2Pl-upo&ga_vid=95362296.1700709770&ga_sid=1700709770&ga_hid=1231077867&ga_fc=true&dlt=1700709768198&idt=2089&prev_scp=article_id%3D3384147%26section_id%3D503001001%26title%3D%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A%25EF%25BD%259CWWF%25E5%25A4%25A5%25E4%25B8%25AD%25E5%25A4%25A7%25E6%258B%25AF%25E6%2595%2591%25E7%258F%258A%25E7%2591%259A%25E7%25A2%258E%25E5%25A1%258A%25E6%2588%2590%25E5%258A%259F%2520%25E5%25BE%25A9%25E8%2582%25B2%25E5%25AD%2598%25E6%25B4%25BB%25E7%258E%2587%25E9%2581%259497.5%2525%26section%3D%25E6%2599%2582%25E4%25BA%258B%2C%25E8%25A6%2581%25E8%2581%259E%26environment%3Dprod%26formal_tag%3D%25E7%2592%25B0%25E4%25BF%259D%2C%25E7%2592%25B0%25E4%25BF%259D%25E6%258E%25AA%25E6%2596%25BD%2C%25E7%2592%25B0%25E4%25BF%259D%2C%25E7%2592%25B0%25E4%25BF%259D%25E6%258E%25AA%25E6%2596%25BD%2C%25E8%2587%25AA%25E7%2584%25B6%25E4%25BF%259D%25E8%2582%25B2%2C%25E7%2592%25B0%25E4%25BF%259D%2C%25E6%25B1%25A1%25E6%259F%2593%2C%25E6%25B5%25B7%25E6%25B4%258B%25E5%259E%2583%25E5%259C%25BE%2C%25E5%25AF%25A6%25E9%25AB%2594%25E8%25A9%259E%2C%25E5%25AD%25B8%25E6%25A0%25A1%2C%25E9%25A6%2599%25E6%25B8%25AF%25E4%25B8%25AD%25E6%2596%2587%25E5%25A4%25A7%25E5%25AD%25B8%2C%25E5%25AF%25A6%25E9%25AB%2594%25E8%25A9%259E%2C%25E5%258B%2595%25E7%2589%25A9%25E5%2593%2581%25E7%25A8%25AE%2C%25E7%258F%258A%25E7%2591%259A%26keyword%3D%25E7%258F%258A%25E7%2591%259A%2C%25E6%25B5%25B7%25E6%25B4%258B%2CWWF%2C%25E4%25B8%25AD%25E5%25A4%25A7%2C%25E7%2594%259F%25E7%2589%25A9%2C%25E5%2585%25AC%25E5%259C%2592%2C%25E7%25A2%258E%25E5%25A1%258A%2C%25E5%25B8%2582%25E6%25B0%2591%2C%25E4%25B8%25AD%25E5%25BF%2583%2C%25E7%2595%25B6%25E5%25B1%2580%2C%25E8%2587%25AA%25E7%2584%25B6%2C%25E7%25A7%2591%25E5%25AD%25B8%2C%25E5%25AD%25B8%25E9%2599%25A2%2C%25E9%25A6%2599%25E6%25B8%25AF%2C%25E5%2585%25AC%25E6%25B0%2591%2C%25E8%25A8%2588%25E5%258A%2583%2C%25E7%25A7%2591%25E5%25AD%25B8%25E5%25AE%25B6%2C%25E6%2583%2585%25E6%25B3%2581%2C%25E6%25B4%25BB%25E5%258B%2595%2C%25E6%25B5%25B7%25E4%25B8%258B%25E7%2581%25A3%2C%25E6%25B5%25B7%25E5%25B2%25B8%2C%25E5%25AE%25A3%25E5%2582%25B3%2C%25E6%25B0%2591%25E9%2596%2593%2C%25E5%2588%2586%25E6%259C%2583%2C%25E6%25B5%25B7%25E4%25B8%258B%25E7%2581%25A3%25E6%25B5%25B7%25E5%25B2%25B8%2C%25E5%25B4%2594%25E4%25BD%25A9%25E6%2580%25A1%2C%25E5%259C%25B0%25E9%25BB%259E%2C%25E7%2594%259F%25E6%2585%258B%2C%25E4%25BF%259D%25E8%2582%25B2%25E5%258D%2580%2C%25E5%259C%2598%25E9%259A%258A&adks=1347792127&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a796397d457dfba0f0ba74e2ea9c974dcf4afcc5dc6833236fe5a806d3e35bd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
158
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/login/ Frame 507E
Redirect Chain
  • https://www.facebook.com/v8.0/plugins/page.php?adapt_container_width=false&app_id=426305604100813&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df31...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D426305604100813%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D426305604100813%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df31efd63895b2f8%2526domain%253Dskypost.ulifestyle.com.hk%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fskypost.ulifestyle.com.hk%25252Ff7ed60b65cfc04%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FSkyposthk%252F%26locale%3Dzh_HK%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26width%3D300
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/sdk.js?hash=3317b735c7f0a6779b8bd7a23135d36c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 23 Nov 2023 03:22:51 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints
default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
/ODt/Mo3ep0YxHD1xi5/iz11VOYmHGuKlNx5OBv50pLj5iUPMoveVVkXqOaNmFmlpThVKPnOXPpRchFvXeG7Eg==
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 03:22:51 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v12.0
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D426305604100813%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df31efd63895b2f8%2526domain%253Dskypost.ulifestyle.com.hk%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fskypost.ulifestyle.com.hk%25252Ff7ed60b65cfc04%2526relation%253Dparent.parent%26container_width%3D300%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FSkyposthk%252F%26locale%3Dzh_HK%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26width%3D300
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
pragma
no-cache
reporting-endpoints
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-fb-debug
TJJXqfqW44mNRJmgVKaBcMkZULHEqPogQtrdGCl3j/7YW5eLJNsjrJXr9AvAzyRwgMKPZjoFHtsZVEWcRO8jjw==
x-xss-protection
0
id.do
viselb01.hket.com/ajax/get/ 		46 B
673 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://viselb01.hket.com/ajax/get/id.do
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/store/prod/iskypost/res/assets/js/photoswipe/jquery1.11.3.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-106.fra56.r.cloudfront.net
Software
/
Resource Hash
0964abb17f49c813923e9a3f0f18523d79d83a8ea3e1e29f07b3c3e2d5fc8ffa

Request headers

Accept
*/*
Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
via
1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
origin
https://skypost.ulifestyle.com.hk
x-amz-cf-pop
FRA56-P5
x-amzn-requestid
5a726795-4bfe-45e8-8263-2976041d6834
x-amzn-trace-id
Root=1-655ec58b-3d4c1e4245726807654d48d0;Sampled=0;lineage=488119f8:0
access-control-allow-methods
OPTIONS,POST,GET
content-type
text/html
access-control-allow-origin
https://skypost.ulifestyle.com.hk
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-amz-apigw-id
O1PN4EVIHUYELjw=
content-length
46
x-amz-cf-id
z916GKD2DsDmkXypvpErqC1BgCBfZMQ5XbLYYH6SW46ADsPZmVhssg==
access-control-allow-headers
*
view
securepubads.g.doubleclick.net/pcs/ Frame 9F11 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4Uso9xmHV1KE2YhLj-uKJw-S2OoVd-_jPP1LoeAdm74BAsBFpzuT9niL2W2IgP2gP9hO1limWCi22sT9iwJqvtDBXVvNKHsbmLi_-zd98SpaKNSu4gC3om1ovH92DUb-U-VVdWsKdU1IO8HOde_D9cR2j0rgR6B7kA8vyiLaZyCcsSWeff52ky8UOhOpetvYweA-TahCkreWPVLhmq3_soMQIxM8X954BwiD7HTix7udDBuO1QQdbQHBiQJeO2khfUrTh_7Hlfasc6JmekOBlvraXvNuzV3jxrTAQWWbfsUUiASyMnqS-JAw_KXkR1dTMMaMLiMSEICGhEOCHn9qFkhEev6frNgUD2e7ZF-RAw1_T6HSk_Q&sai=AMfl-YQaZmTDZDgRBcWsF-piAMmDKVMOLWbnxslKpGLpWpGPd2D49RIfADJCMthUO-fqSb55DBvWnMV9f-rm1lXbAjMzKKY0L3FCjKV6kh5MjowPhDoxKi2UmYeXbgFQh4A&sig=Cg0ArKJSzJvmJQCDRHiHEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 23 Nov 2023 03:22:51 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame A3E0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssXUFfFAerFGk64qR55ZHYR3D3tPYrBvwI8RthWISJKDupTx2vgenVWbfLb4vFmPlUv_0HbI6kshD9ONfeTnyDlmnlmfJwpYBwn2IXB9rFiVftCKEra-MclYQvxW1v_iNmlnern_2flBNyFQX-KayBONsdN9hvuFfVrNZ-aG5kS4g_AuBptiJsiCvuDg0Zt0RXk2nIwXVIRmV85FCCoIL9LNIMZ9gtZnrZupEHRb5ensoXF7wfrX-6mZdI1u4EKFVFitTRhl_oF-uxVinoZIsbzJ5JrYY4kBDRE85N_wzFsznosZwFju7Jt5bMTTrYyL9qFmj5ud3nfp3wUT_jeznxQAu_DpxJ5-wHBT3GC8mF2&sai=AMfl-YRyx8ENbXv15ZydoSnyudt_KsOK9XJCNSfh0lhEmWqNL2YFVY1Qod61bPCGMaSfaVDbVzv8x3RPiy-pd0YWnFRE2U7FEibrnum67JX7V7Coirg4BFSoePJBhY3HCT0&sig=Cg0ArKJSzLKB2dvk8OO5EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 23 Nov 2023 03:22:51 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A3E0 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311140101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
84547a6105692fea5837b1651f6b179964ffe8343bebcc25361b0a6fa2e8e74a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12447
x-xss-protection
0
grumi-ip.js
rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi-ip.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ccf7b12ecc8e9e8ffdde253ba24560e0b8742463ad4868c7659fc90968ffcb3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
x-amz-version-id
l7ea6iGto_siO4fa78g9aEIvCOgaNgnk
content-encoding
br
last-modified
Sat, 30 Sep 2023 14:56:13 GMT
server
AmazonS3
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"4c4f4bf824d2aa120a5e0b665b4c9828"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
public, max-age=14400, stale-while-revalidate=14400, immutable
x-amz-cf-id
CCoJwiKZDgoJkQ1Qx2JTfL3BqVWSFdEoQ9T6LbXEeoLwnLam8tT3jA==
cd6cddc5-4dca-4d77-9a65-8b894400e772
config.aps.amazon-adsystem.com/configs/ 		537 B
811 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-128.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
313d7bad01577d169a368d471264cd2228b145a183fba42679f41e1d2b2a9f27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 02:23:02 GMT
via
1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
3589
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
BD1Ye72RUAK7f0qN2O5HGzK2Vl2eB4VZzEin-m7obppy486Sf3tYFQ==
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fskypost.ulifestyle.com.hk&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c86d792f85479bc941b4eb8e817e461f88e5b57097f65c48529b509857bda2ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 00:38:03 GMT
via
1.1 3a4987afa567e120a2fa0d82969d4c0a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
age
9888
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2196
x-amz-cf-id
CV5TtlcY_d168fh-cIOAugOsQGNkaVm8MqqPml385bXx7E7Ot9gJ_A==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.1.25 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-1-25.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
date
Wed, 22 Nov 2023 06:24:26 GMT
x-amz-cf-pop
FRA56-P6
age
75506
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
YBMF_HJv-YCFlSZq0O9UaOcwtIIeQe247qzS3LTRxHWyPqSr-6kfPg==
wrapper.html
wrappers.geoedge.be/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:2e00:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

x-amz-version-id
gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
date
Wed, 22 Nov 2023 05:59:19 GMT
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 12:46:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
77012
etag
"4a6c546fe449447f2a620613c0655458"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
3121
x-amz-cf-id
-An8bJwSX8lF0J6RF_gWU96Oi2HnU0rX4DhzpRRzmkmBcZeVLf50ng==
grumi.js
rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/ 		218 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/grumi.js
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
871ca577af93c4d834f8b2994a59ba092b267b5b5a1ed3f62598be4c010dee1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:20 GMT
x-amz-version-id
PPUsbnOFOz0w173jUyxKcyjfOa4niqGt
content-encoding
br
last-modified
Thu, 23 Nov 2023 02:55:43 GMT
server
AmazonS3
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"13ed0fce3b06b930a61ca71902ee1d79"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
32
x-amz-cf-id
WkmktymaZZ36Cuxfii3c876dNCqvZhSNa2XblprRFalFa7jh328-Yg==
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.78.67 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-78-67.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Thu, 23 Nov 2023 03:37:51 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-104.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 06:08:51 GMT
content-encoding
gzip
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified
Wed, 06 Sep 2023 15:56:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
76441
x-amz-server-side-encryption
AES256
etag
W/"6e8b1f94eaf615b7d0953ad4e8d8bb85"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
LWWJYcYxVYx3MdRnyb_ow2lmxpz9W8VPoeaK7hbFByIq0n9CzdMp9g==
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&ref=&_it=amazon&partner_id=632
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:34ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907JHMEEKQ08DSV2
age
2182
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
82a64a46aab79b5e-FRA
x-amz-id-2
oJpPJCbEID7z1zM9kIxlsqSbq8xeH5HC5gS4xpeHur3SW4yHO8BbtAlQwktjkw9El2h2R0B/Pt0=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		155 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dde6cbe139a1b61c30c174967db2c281b294f7818c5709a4585e5a893227bf5a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 22 Nov 2023 08:19:05 GMT
server
cloudflare
x-amz-request-id
RGCG975APC3X73FS
age
2955
etag
W/"7e3d98894def0807c1c46e98e575ca88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
82a64a468a292c3e-FRA
x-amz-id-2
IX4VO78y36u0zsHk+gPY3mMWg3xRIkMFH51pMbpCXa2+1Gw4IDJuR8eELOzTxE8LEHSwvvxfjI7LP/6lYSkaqQ==
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A3E0 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311140101/pubads_impl.js?cb=31079695
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 03:22:51 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
340 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.81.28 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-81-28.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
d5e9cf649cab38d3eb06bb8d698d63b7ba5f21ce4522ad15aacc1e4c00cc62ca

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:51 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache
x-server
10.45.7.50
access-control-allow-credentials
true
content-length
60
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 622B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
39172
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 16:29:59 GMT
expires
Thu, 21 Nov 2024 16:29:59 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2D4C 		829 B
561 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
171b8a155daf4a0a555e47444a8fa64d018040a3af097fb9dd9e23b7d591cc2b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lDmjRVh4xnW_N6RwYKPu7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-lDmjRVh4xnW_N6RwYKPu7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 03:22:51 GMT
expires
Thu, 23 Nov 2023 03:22:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
hadron.json
id.hadron.ad.gt/v1/ 		102 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=632&sync=0&domain=skypost.ulifestyle.com.hk&url=https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&ref=&_it=amazon&partner_id=632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3d01e3942c44e6e1ac35484c39053cf5b434f8b0c4f4d2a9cd88181ee742a93

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
82a64a47ae631ca3-FRA
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=632&sync=0&domain=skypost.ulifestyle.com.hk&url=https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://skypost.ulifestyle.com.hk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
82a64a470e141ca3-FRA
content-length
0
content-type
application/json
date
Thu, 23 Nov 2023 03:22:51 GMT
debug
OPTIONS block
expires
Fri, 22 Nov 2024 03:22:51 GMT
server
cloudflare
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 622B 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 23:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
100883
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Nov 2024 23:21:28 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2D4C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311140101&jk=1951133771090687&rc=
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&pid=ERiORgkuqC9LQ&cb=0&ws=1600x1200&v=23.1108.2350&t=3500&slots=%5B%7B%22sd%22%3A%22andbeyond9701%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F21751243814%2C183518426%2F212365-970-90-1%22%7D%5D&schain=1.0%2C1!andbeyond.media%2C11406%2C1%2C%2C%2C&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
7ADWBHZ5R6S4P219TE6X
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
zuS_8pbACclWmCXiFtLiEZmX_fFZ0qYD_fx7n_I5HdYNSKP13ERFPQ==
localstore.js
script.4dex.io/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:51 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Mon, 06 Nov 2023 14:13:09 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
766567
ETag
W/"e90435520cec1363a82b67d8298d79a8"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x7JTTlLMVmz45i2Hq3Zn7%2BjPxPplY0sKMr3%2FDOsZV7mDHmfF1kPJf6j6zRvb9WWUmH%2F7Zt4vjB7G1UN8%2FLBRPnwGKuIeVn584Pmx4O51iLmVlqKcBEFse5eXiuPZ9mNiyf5AX6xJbEXl3L8p"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
82a64a47cbc14d38-FRA
/
prebid.smilewanted.com/ 		0
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
82a64a47e9dd65b0-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
c
prebid.a-mo.net/a/ 		0
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
date
Thu, 23 Nov 2023 03:22:51 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
12
server
envoy
vary
origin, Accept-Encoding
/
ghb.adtelligent.com/v2/auction/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
ee1eeb344d406067fa6041e23d522bd188eb3c24229006b4cda83797ff7fceb7

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 03:22:51 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://skypost.ulifestyle.com.hk
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1242
v1
prg-apac.smartadserver.com/prebid/ 		171 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		60 B
480 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 23 Nov 2023 03:22:51 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 4 inventory rules not found for mediatype: banner and adUnitCode: andbeyond9701
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
82a64a47ffa7363e-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		378 B
920 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=407386&zone_id=2284406&size_id=2&alt_size_ids=1%2C55&rp_schain=1.0,1!andbeyond.media,11406,1,,,&eid_pubcid.org=44601fed-0484-4e06-81c4-7b85af44d44d%5E1&rf=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&tg_i.domain=skypost.ulifestyle.com.hk&tg_i.page=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&tk_flint=rtbpbjs_lite_v7.54.5&x_source.tid=20cf735e-2f44-469e-9797-2ee40b8217de&l_pb_bid_id=1233edb6f43c76d&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&x_imp.ext.tid=20cf735e-2f44-469e-9797-2ee40b8217de&rp_maxbids=1&slots=1&rand=0.4501976006874786
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b1311b082b4aea926da094ddd2685db21e91124f0aa059967253f716067393b9

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:51 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
378
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
date
Thu, 23 Nov 2023 03:22:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3824ff763de92e188d1ed35a8dacb6ff87177a7fc4c5aeb1beb873ad697c51a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
gzip
an-x-request-uuid
5c4922a5-dc13-43d4-97ac-52166a70dc1b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7e209423d67d7aca5b1cdfb262ae43ba4ed5c044a3cad2c578a7ef03915eef28
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
gzip
an-x-request-uuid
a2d79594-af06-42a8-8a88-90b5db768326
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
897 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
cdb
bidder.criteo.com/ 		0
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=75288699235&lsavail=1&bundle=bXmsI19WJTJGOEVKc1hQZVRxSHRYNEFDWUJQS2hsa1owQmc4ViUyQllaWmhRUUVlU2cxNGs0MU0wUGJkWkNTV3pvS05VaEM0ME13dkkxZVN0YjRJSUQ4WHhEbUZiZFlFVG9aeExYN09SamZRWmJBdlZXdm1sSzFTa1RlUEFXeFBYMVRpVCUyRmwzTXJEOWh5OTUlMkZLTVZCJTJGU0dPcUUyQk1GSks3TlpKTTVSRlI2UHJtUDIlMkJmcTQlM0Q
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
date
Thu, 23 Nov 2023 03:22:51 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid
ap.lijit.com/rtb/ 		24 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.5
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
7efc28fcaef9caed6747a43bb0c2ffdb48645c989190f443b37330fff85dd08f

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 03:22:51 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://skypost.ulifestyle.com.hk
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
8d446f31f0d0cf042915c362bb6104ce3dad68c2c6b2d229afb609e9bb52ac23

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 03:22:51 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://skypost.ulifestyle.com.hk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1836
Expires
0
prebid
prebid.media.net/rtb/ 		338 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUO7Q43N
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
ae6e1907b40fb8c0202e2d1cc00c53c3eaa391577691a86858e81cba2360a5ec

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:51 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Nov 2023 03:22:51 GMT
header
hb.aralego.com/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-D23E2BEE44B68B320DD32DD8D7BAA677&tdid=&schain=&eids=&pubcid=44601fed-0484-4e06-81c4-7b85af44d44d&u=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&host=skypost.ulifestyle.com.hk&ucfUid=25d79635-eb14-494a-b0f1-d2c0b49dffa2&w=970&h=90
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://skypost.ulifestyle.com.hk
Date
Thu, 23 Nov 2023 03:22:51 GMT
Access-Control-Allow-Credentials
true
Connection
close
prebid-request
onetag-sys.com/ 		15 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
hbjson
grid.bidswitch.net/ 		24 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.246.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-246-226.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ed98a9fd70610c22cdd4a6da17ff6dfb02c695950cba255336333ae5d8973825

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 03:22:51 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
bid-request
rtb.adpone.com/ 		783 B
928 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adpone.com/bid-request?pid=12272312193086
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4355bd391f06e884efb380a5897adb6927b0cd84dc1096719f5c553b0ddcb88b

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EGunnCVZzicXdV3VfinThQLwh5KeWq3lj5CmGeWgqTC9%2B35kooH1gBi2xWNQUVi6XbHj9RLhhq32Jir2Si%2FcD5RKxJTFWyjlXPIh2DM%2FnzT2ubWyXjTRk4bmN9mSHc61HKOYpZh7P3MpKzHh"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
access-control-allow-credentials
true
cf-ray
82a64a481de571a9-FRA
prebid
ib.adnxs.com/ut/v3/ 		23 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
36d67cab17e2369e83e4b4fa172034fe367c8ce161938c54117d0049292997b8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
gzip
an-x-request-uuid
75e9c6b1-bbff-465e-a0e4-97f8bd9fc99a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
script.js
cadmus.script.ac/dahhc4ozyvjm6/ 		129 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1691 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85a704d0c88181ee8e32180ece55d67ae133ec87ac25949203e9fc9421628c9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
gzip
last-modified
Wed, 22 Nov 2023 15:55:43 GMT
server
cloudflare
age
0
etag
W/"b29d559e9fda45b87d0aa3bb1aaab1c6b348d37f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
82a64a484c873636-FRA
adagio.js
script.4dex.io/ 		77 KB
24 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61496aa1a9c3d26cfc292b41fc451a597a47468117c1fb258226a57296390433

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:51 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
1121729
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Mon, 06 Nov 2023 14:13:08 GMT
Server
cloudflare
ETag
W/"ccc354615ffb5b4afd96268bab4a6502"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TqFXCD%2BIASWq4wtNJCac28MEZe2LLs77y2xffF0VT%2Fd7zCGckaO39HihI1SKo3fbntJK9FR4031qJEUDBVvkSO0ra9tQK17zF0tGSZmFK7%2FOh1OobCNCyQjE5qhCtbF5y3dBxawk4bIanz0G"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
82a64a482c781c20-FRA
generate_204
tpc.googlesyndication.com/ Frame 622B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?CL7_Gw
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
632
a.ad.gt/api/v1/u/matches/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/632?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&ref=&_it=amazon&partner_id=632
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:545 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2603db612734d1b3e45ac63a591710f57a02fe3319bd3ca88d318fb2de9beca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 23 Nov 2023 03:20:51 GMT
server
cloudflare
age
120
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
82a64a48784b9b74-FRA
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://skypost.ulifestyle.com.hk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Thu, 23 Nov 2023 03:22:51 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dahhc4ozyvjm6/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
grumi.js
rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/ 		596 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f7a97ee90e3bf0d416db4ef3985282a52d6b13b41d8b0d89a22f4baef188198

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
x-amz-version-id
0JQDHGo3POVU8V3JnG0OKnZc_UxWgL_n
content-encoding
br
last-modified
Thu, 23 Nov 2023 02:55:37 GMT
server
AmazonS3
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"9c5082ded7990ce8b1325b69f7892c1a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id
JP3BWe0TsS9MnRPD0IWsN1veVs2xzScs2W6kyHeIbBUChYdyKbD7GQ==
1027OG-M07_1024.jpg
resource01-proxy.ulifestyle.com.hk/res/v3/image/content/3380000/3384147/ 		269 KB
269 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://resource01-proxy.ulifestyle.com.hk/res/v3/image/content/3380000/3384147/1027OG-M07_1024.jpg
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-75.fra56.r.cloudfront.net
Software
/
Resource Hash
6f69db702fbdeba145dd2c840f15e8d9faa96cbdb154ca40d52272d7b42cb4e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:49 GMT
via
1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
last-modified
Wed, 26 Oct 2022 08:15:46 GMT
x-amz-cf-pop
FRA56-C1
age
1
etag
"432e5-5ebeba1af1080"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
275173
x-amz-cf-id
rtf2RTbKhohlV8H5LKihKVorFeAeUBouh1Z67ltjMsYST-Vk7oVOuQ==
expires
Sat, 23 Dec 2023 03:22:49 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&pid=ERiORgkuqC9LQ&cb=1&ws=1600x1200&v=23.1108.2350&t=3500&slots=%5B%7B%22sd%22%3A%22andbeyond3001%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21751243814%2C183518426%2F212365-300-250-1%22%7D%5D&schain=1.0%2C1!andbeyond.media%2C11406%2C1%2C%2C%2C&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
ACPFEJ60K0FDZE7KZ7N1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Xgb6bel38kfYHlqE2JO-wRRBNyz3MlmdNvXWHe4J_OmhnpAeY1iIng==
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
82a64a494a8165b0-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
c
prebid.a-mo.net/a/ 		0
232 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
date
Thu, 23 Nov 2023 03:22:50 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
12
server
envoy
vary
origin, Accept-Encoding
bid-request
a.teads.tv/hb/ 		16 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 23 Nov 2023 03:22:51 GMT
/
ghb1.adtelligent.com/v2/auction/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
d75ac38662a824dec53df44ffdc6ff0449331959e68161e1145a3d6c0f544ce2

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 03:22:51 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://skypost.ulifestyle.com.hk
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1254
v1
prg-apac.smartadserver.com/prebid/ 		171 B
572 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		60 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 23 Nov 2023 03:22:51 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: andbeyond3001
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
82a64a494872363e-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		378 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=407386&zone_id=2284398&size_id=15&alt_size_ids=13%2C13%2C14&rp_schain=1.0,1!andbeyond.media,11406,1,,,&eid_pubcid.org=44601fed-0484-4e06-81c4-7b85af44d44d%5E1&rf=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&tg_i.domain=skypost.ulifestyle.com.hk&tg_i.page=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&tk_flint=rtbpbjs_lite_v7.54.5&x_source.tid=cd24a1f6-d206-49ed-a145-59bf298653b6&l_pb_bid_id=600395cbdd5ca7f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&x_imp.ext.tid=cd24a1f6-d206-49ed-a145-59bf298653b6&rp_maxbids=1&slots=1&rand=0.6735536710184336
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
2c1627bb9a605508d14cf51ebecee8952541cf1449a9d3f1b36caac1a16af641

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:51 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
378
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
date
Thu, 23 Nov 2023 03:22:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
542f3942e813d1ceb95e66669082a2242e16f5bb79d3cbaf7d9225c8dbeb69c4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
gzip
an-x-request-uuid
84296efa-db7c-4512-8651-b384757c5ea0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
920a235b5d9a35945fd350f7e15b099376bfe989b25b8fd994d6a21800332c49
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
gzip
an-x-request-uuid
f19f2402-83a3-4d4b-8883-1684c2b83b2e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
898 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
cdb
bidder.criteo.com/ 		0
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=46597046725&lsavail=1&bundle=bXmsI19WJTJGOEVKc1hQZVRxSHRYNEFDWUJQS2hsa1owQmc4ViUyQllaWmhRUUVlU2cxNGs0MU0wUGJkWkNTV3pvS05VaEM0ME13dkkxZVN0YjRJSUQ4WHhEbUZiZFlFVG9aeExYN09SamZRWmJBdlZXdm1sSzFTa1RlUEFXeFBYMVRpVCUyRmwzTXJEOWh5OTUlMkZLTVZCJTJGU0dPcUUyQk1GSks3TlpKTTVSRlI2UHJtUDIlMkJmcTQlM0Q
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
date
Thu, 23 Nov 2023 03:22:51 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid
ap.lijit.com/rtb/ 		24 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.5
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
c41dda83d3d2bb2daf3ef795cb9de8f40a77314351a45fee41b9426762511fe9

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 03:22:51 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://skypost.ulifestyle.com.hk
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
814e5ac4790a94009e57962b967630e797288b10c22a99b5007152922c62bada

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 03:22:51 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://skypost.ulifestyle.com.hk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1836
Expires
0
prebid
prebid.media.net/rtb/ 		338 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUO7Q43N
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
f986725e5e85fbc6951ae5313acb970aca6a369dcf031d38d0d7a93cb9c73b97

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:51 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Nov 2023 03:22:51 GMT
header
hb.aralego.com/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-8A2EA6EA749DB4B8CB23D92A3726E94D&tdid=&schain=&eids=&pubcid=44601fed-0484-4e06-81c4-7b85af44d44d&u=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&host=skypost.ulifestyle.com.hk&ucfUid=25d79635-eb14-494a-b0f1-d2c0b49dffa2&w=300&h=250
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://skypost.ulifestyle.com.hk
Date
Thu, 23 Nov 2023 03:22:51 GMT
Access-Control-Allow-Credentials
true
Connection
close
prebid-request
onetag-sys.com/ 		15 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
hbjson
grid.bidswitch.net/ 		24 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.246.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-246-226.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
991b917b4aba06237bd7131dfbb029798c98fd4241cf366a91914f911a669075

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 03:22:51 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
bid-request
rtb.adpone.com/ 		816 B
738 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adpone.com/bid-request?pid=122723121915259
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63c910a82d2153ab1072197d4d1ec4803534509f18601b7eaf96cd363736ca9c

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=25wBo7eRl%2B6o8qakX2AHqT1Jkoiq5OPQKWDX7vSe%2BT4fxHbfIEJHdLd2gK1i4FI32PWdXoRiBCxUDP3JIeIS%2FY6EDo%2BPFLSHH8slSZaqm8eb5QezoYAio7zryS5DlIE6vhCet4RoOULko8pf"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
access-control-allow-credentials
true
cf-ray
82a64a495e8f71a9-FRA
prebid
ib.adnxs.com/ut/v3/ 		145 B
971 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
bbe846e8f5d97eea93082f92a464b92e784a9184cbd9c968b3b6632778068d4b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:51 GMT
an-x-request-uuid
be25f17e-f2a2-447b-9cf5-a07da7940802
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
145
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
matomo.php
dw.hketgroup.com/analysis01/ 		0
174 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://dw.hketgroup.com/analysis01/matomo.php?action_name=%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A%EF%BD%9CWWF%E5%A4%A5%E4%B8%AD%E5%A4%A7%E6%8B%AF%E6%95%91%E7%8F%8A%E7%91%9A%E7%A2%8E%E5%A1%8A%E6%88%90%E5%8A%9F%20%E5%BE%A9%E8%82%B2%E5%AD%98%E6%B4%BB%E7%8E%87%E9%81%9497.5%25%20-%20%E6%99%B4%E5%A0%B1%20-%20%E6%99%82%E4%BA%8B%20-%20%E8%A6%81%E8%81%9E%20-%20D221026&idsite=3&rec=1&r=973125&h=4&m=22&s=51&url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A&_id=6a8dea4e2c47d8ed&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&dimension1=&pv_id=Kfpq8D&pf_net=591&pf_srv=678&pf_tfr=192&pf_dm1=2904&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: dw.hketgroup.com
URL: https://dw.hketgroup.com/analysis01/matomo.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.163.169.164 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-163-169-164.ap-east-1.compute.amazonaws.com
Software
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/7.4.33 / PHP/7.4.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
date
Thu, 23 Nov 2023 03:22:52 GMT
access-control-allow-credentials
true
server
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/7.4.33
x-powered-by
PHP/7.4.33
q
p.adlooxtracking.com/ 		112 B
90 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/q?v=gpt-92559af&c=532&t=1193&p=248&pn=%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&s=%2F183518426%2FSkyPost_WebRP5_Detail_Special%09div-gpt-ad-1520909829098-4&s=%2F183518426%2FSkyPost_WebRP5_Detail_Fixed01%09div-gpt-ad-1520909829098-1-1&s=%2F183518426%2FSkyPost_WebRP5_Detail_Fixed02%09div-gpt-ad-1520909829098-2-1&s=%2F183518426%2FSkyPost_WebRP5_Detail_Fixed03%09div-gpt-ad-1520909829098-3-1&s=%2F183518426%2FSkyPost_WebRP5_Details_LightboxTop%09lightboxdfp&s=%2F183518426%2FSkyPost_WebRP5_Detail_LightboxFlip%09gallerydfp&s=%2F183518426%2FSkyPost_WebRP5_Refresh%09webRPRefresh&s=%2F21751243814%2C183518426%2F222913-970-90-1%09andbeyond9701&s=%2F21751243814%2C183518426%2F222913-300-250-1%09andbeyond3001
Requested by
Host: p.adlooxtracking.com
URL: https://p.adlooxtracking.com/gpt/a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
404be4aca6eccc834ab17055a0b98cf1bcfedc54cdb385cf021793641f5afe59
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-adloox-pubint-version
20231123013001
date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-real-ip
178.162.209.133
x-adloox-pubint-commit
80ca8d3
via
1.1 google
x-adloox-pubint-commit-db
5ee398e7e-dirty
server-timing
conn;dur=0.005, ua;dur=0.022, segment_pipeline;dur=0.237, segment_ip;dur=0.006, segment_iab-valid;dur=0.012, segment_iab-spider;dur=0.875, segment_bs;dur=0.005, segment;dur=1.297
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx
vary
Accept-Encoding, origin, user-agent
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
access-control-expose-headers
x-adloox-pubint-commit, x-adloox-pubint-commit-db, x-adloox-pubint-version
cache-control
private, must-revalidate, max-age=3600, stale-while-revalidate=86400, stale-if-error=86400
access-control-max-age
600
timing-allow-origin
*
access-control-allow-headers
x-cloud-trace-context
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3272521849198029&correlator=3120156837476110&eid=31079668%2C31079673%2C31079657%2C44807410%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=21751243814%3A183518426%2C222913-970-90-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C728x90&fluid=height&ifi=7&didk=4118590880&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dd99d1b6563fc9bfc%3AT%3D1700709770%3ART%3D1700709770%3AS%3DALNI_MYDU_TML-Ek6t8eK8e6Boe8HJL4LQ&gpic=UID%3D00000cd89979a03b%3AT%3D1700709770%3ART%3D1700709770%3AS%3DALNI_MaarDuukHbRQr1v6TQrHobzRdUQBg&abxe=1&dt=1700709771997&lmt=1700709771&adxs=200&adys=2505&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&vis=1&psz=1200x0&msz=1200x0&fws=4&ohw=1600&ga_vid=95362296.1700709770&ga_sid=1700709770&ga_hid=1231077867&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY0MjO0b8xSABSAghkEhkKCnB1YmNpZC5vcmcY-MjO0b8xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGM_IztG_MUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lSalJ1TjB3M05URlRTbUZ0YVZweFYwbzNjbmd4VVQwOUluMD0YtcvO0b8xSAASGQoKdWlkYXBpLmNvbRjQyM7RvzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNjJztG_MUgAUgIIag..&dlt=1700709768198&idt=2089&prev_scp=adunit%3Ddiv-gpt-ad-1520909829098-3-1%26prebidtrue%3D0%26hb_width%3D970%26hb_height%3D90%26active%3D1%26andbeyondhijack%3D0%26andbeyondunfilled%3D1%26visible%3D0%26refresh1%3D1%26activevisible%3D1%26refreshtype%3Dnone%26amznbid%3D2%26amznp%3D2%26adl_dis%3D-1%26hb_format_adtelligen%3Damp%26hb_size_adtelligent%3D728x90%26hb_pb_adtelligent%3D0.06%26hb_adid_adtelligent%3D89ef46f2b35e563%26hb_bidder_adtelligen%3Dadtelligent%26hb_format_projectago%3Damp%26hb_size_projectagora%3D728x90%26hb_pb_projectagora%3D0.18%26hb_adid_projectagora%3D4533cb514c47469%26hb_bidder_projectago%3Dprojectagora%26hb_format_abmxandr%3Damp%26hb_size_abmxandr%3D728x90%26hb_pb_abmxandr%3D0.04%26hb_adid_abmxandr%3D43f4841df549c2b%26hb_bidder_abmxandr%3Dabmxandr%26hb_format_oftmedia%3Damp%26hb_size_oftmedia%3D728x90%26hb_pb_oftmedia%3D0.03%26hb_adid_oftmedia%3D41159fa331a147b%26hb_bidder_oftmedia%3Doftmedia%26hb_format_adpone%3Dbanner%26hb_size_adpone%3D0x0%26hb_pb_adpone%3D0.05%26hb_adid_adpone%3D4008666a9ff0d3f%26hb_bidder_adpone%3Dadpone%26hb_size%3D728x90%26hb_format%3Damp%26hb_pb%3D0.18%26rtb_pb%3D0.18%26hb_adid%3D4533cb514c47469%26hb_bidder%3Dprojectagora&cust_params=adl_ip%3Dadloox-dc%26adl_ok%3D1&adks=1043724034&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b09771fabe52bf60b39f7d8fca97f19fac900951bfffdaad1e7ace151fa82482
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12993
x-xss-protection
0
google-lineitem-id
5017564534
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138265691417
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
prebid.smilewanted.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
82a64a4bbb8a65b0-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
c
prebid.a-mo.net/a/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
date
Thu, 23 Nov 2023 03:22:51 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
8
server
envoy
vary
origin, Accept-Encoding
bid-request
a.teads.tv/hb/ 		16 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:52 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 23 Nov 2023 03:22:52 GMT
/
ghb2.adtelligent.com/v2/auction/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb2.adtelligent.com/v2/auction/
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
ebba50e2ef23dabbf49374fef663c02de4428fd7d2b5fc16f99c5f6f71669135

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 03:22:51 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://skypost.ulifestyle.com.hk
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1258
v1
prg-apac.smartadserver.com/prebid/ 		171 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:51 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		60 B
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 23 Nov 2023 03:22:52 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: andbeyond30015
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
82a64a4bca16363e-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		378 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=407386&zone_id=2284398&size_id=15&alt_size_ids=13%2C13%2C14&rp_schain=1.0,1!andbeyond.media,11406,1,,,&eid_pubcid.org=44601fed-0484-4e06-81c4-7b85af44d44d%5E1&rf=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&tg_i.domain=skypost.ulifestyle.com.hk&tg_i.page=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&tk_flint=rtbpbjs_lite_v7.54.5&x_source.tid=7efdb616-e4bf-4fde-ad77-f7b7a6ad957c&l_pb_bid_id=110eb9476b09232&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&x_imp.ext.tid=7efdb616-e4bf-4fde-ad77-f7b7a6ad957c&rp_maxbids=1&slots=1&rand=0.14409219752241054
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
b5a81c61d16220db2e7a15044715f1a2b9aad4cb449ce6c7d0674d93dafe3eb6

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:52 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
378
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7bd3b7fa97bb7735ef19c9a9ba9f8a64dc3f580f79ea69151e970c79f6945924
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:52 GMT
content-encoding
gzip
an-x-request-uuid
8ccf4ad6-bef5-498c-aa8b-cb61f64bff7a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
date
Thu, 23 Nov 2023 03:22:51 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
6cedae426a644c22aecb56ceada2f2abfbe8252d105bde348f9821b0c9b3aeda
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:52 GMT
content-encoding
gzip
an-x-request-uuid
cc9d132b-eaad-41ef-99a8-17b48d6e8b1e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
eb15de27a65d5dc8f363dd918e3fec8e621f50d84686fb2900d3c438808b92f8
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:52 GMT
content-encoding
gzip
an-x-request-uuid
1996f367-7a08-4383-9973-6028ec16c017
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
cdb
bidder.criteo.com/ 		0
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=36510594458&lsavail=1&bundle=bXmsI19WJTJGOEVKc1hQZVRxSHRYNEFDWUJQS2hsa1owQmc4ViUyQllaWmhRUUVlU2cxNGs0MU0wUGJkWkNTV3pvS05VaEM0ME13dkkxZVN0YjRJSUQ4WHhEbUZiZFlFVG9aeExYN09SamZRWmJBdlZXdm1sSzFTa1RlUEFXeFBYMVRpVCUyRmwzTXJEOWh5OTUlMkZLTVZCJTJGU0dPcUUyQk1GSks3TlpKTTVSRlI2UHJtUDIlMkJmcTQlM0Q
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
date
Thu, 23 Nov 2023 03:22:52 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid
ap.lijit.com/rtb/ 		25 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.5
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
4c9b3c6e66b9aa9863afbd80737217835fe23954441a6e19cd68b8949ff1f4b0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 03:22:52 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://skypost.ulifestyle.com.hk
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
b889f2c4db3c69233af59e1f97936cd0b6e8c8f93cc4da72d7dbd2eca6d1f5af

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 03:22:52 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://skypost.ulifestyle.com.hk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1836
Expires
0
prebid
prebid.media.net/rtb/ 		338 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUO7Q43N
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
86e11bf83948069ce4d328ca366e2fc8314d093d1029cc50706ada08439e3e16

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:51 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Nov 2023 03:22:52 GMT
header
hb.aralego.com/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-8A2EA6EA749DB4B8CB23D92A3726E94D&tdid=&schain=&eids=&pubcid=44601fed-0484-4e06-81c4-7b85af44d44d&u=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&host=skypost.ulifestyle.com.hk&ucfUid=25d79635-eb14-494a-b0f1-d2c0b49dffa2&w=300&h=250
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://skypost.ulifestyle.com.hk
Date
Thu, 23 Nov 2023 03:22:51 GMT
Access-Control-Allow-Credentials
true
Connection
close
prebid-request
onetag-sys.com/ 		15 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
hbjson
grid.bidswitch.net/ 		25 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.246.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-246-226.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
30049b3a8c465a40678568180556a1a0c7db59a6ab0eb3f00aa5fcc2f047508b

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 03:22:52 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
50
prebid
ib.adnxs.com/ut/v3/ 		23 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
ea3706d378876502dd0bb83b7ccdad0a882add917edf35e8d5877c716d904ed9
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:52 GMT
content-encoding
gzip
an-x-request-uuid
dfd1bf5e-d4a2-42ee-a9a9-1fb6ad194217
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
impstats.php
prebid.andbeyond.media/ 		69 B
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.andbeyond.media/impstats.php?aff=552426&type=pv
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.215.0.207 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-215-0-207.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.4.56 (Amazon Linux) OpenSSL/3.0.8 /
Resource Hash
adb8a23c40c051fa009635c795d0c498fd1a85f4cfb05fafcded5d631a8ff675

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Nov 2023 03:22:52 GMT
Server
Apache/2.4.56 (Amazon Linux) OpenSSL/3.0.8
Connection
keep-alive
Content-Length
69
Content-Type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ Frame A3E0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311140101&jk=1951133771090687&bg=!PD-lP3DNAAZxrfrxUa07ADQBe5WfOA0uUMU2Pnd-PlqzSIJlJB4MF_UUfydyddgF5538nF-Ap5X9JGEmWxicg76WpnbLAgAAAF9SAAAAA2gBBwoAguevc_didsfs5TebdS90IIh44RFdXBfN7ping-W560orYskncZwxzJKVjb7g8A1DYp8gl6JPs9Rd90WFQ08TDawTLJKdOvK9QV99RqKfpypgcZk6x1qUjRZi3ZOx1-uuZK28qAnMbPgb9L791x5RenRjmfx6L0Vvz8BbG_EOpYsY1fqZAvJhG8J_Sdif9b5Qx4Paehy26iAISGVLy7mYeXGT_l48cCEsimjViiw_1R8ysg2tPey-AXhNiDGvOwUl834xKcybzZQKCKqF6wpo3xlTZa0zzCayGCkj3aXBWOweEcnxHPHWIYqZD3KpVoP1x0vFjzbX553NgXH-5ZFgpe22aipQqx10TaUDoT745spKo_76E7eRyiJdj__SxPk3usq57uXw5A_cFWrT03HM1Xe18njZGieiYKl5kUDGQsZBUxXnpQQ2xMVYa7vsr7Y8Le8vaoT7YNvyQhBcaCJm2O7W11NOmTy0DCQtH2MG698iX_vlr_tMP_sobHldypjwKIbeG24kaWYGTQLw9EeQxsnRH_msi41VY_5vNyybymx4VwjfVVdpyHGHKJwhJ_bFKRa7FrLEEgDKGl4_UL3XhRFzpvaFTvxEddnDD7zW9lppGtkhO7nO7CVgRgKsoyHub7ErD-Rqpfe4TriEV53Uz3xpxg2zujhx4MqapHP9XGvw42kCZWPtoN73vkVMdwWPPezfDW7glQrAr5ke14a68RkqdrPHwm30eoRPHfJgg6-J42HGKXsLzT6CTC7Kzflh1jXtCHYwXBjh3kfG6v6RIT9NfYyaezCmubFx0wHvtbkAWElzNRQa8sw0v76jzHpmFcAViDxduOfyMuKfm7xa2iVqORBw8YMw6dxMjfwn4KSfpqrVdGREJajyTMBnYqpd0wHto6zI32LST4eJ-6NQkwpLVb0AjfIi_0O2160wjij-q2T8HVa2ljp98k9ZHehR4tGnd6_XqOUcog80FPlvLMQM96oLHDjL_F0f4hzvY9R_IGfoa9fwnFfbv2cXhm7aRy4Kiv5YQheR71EGn5S139-qLpvFkpL121vTtPXLj0WKVnD-1dFDPVfn_H30a91VscGQ439uOwtxB-vttk1M006z4YVIrJqzgA_jgXlhVy2lvhtFamfIAqhIR_TmsyS3xr75evpF1vNUHmbOM40p3H02DPSlTCbG
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
q
p.adlooxtracking.com/ 		40 B
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/q?v=gpt-92559af&c=532&t=1193&p=248&pn=%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&s=%2F21751243814%2C183518426%2F222913-300-250-15%09andbeyond30015
Requested by
Host: p.adlooxtracking.com
URL: https://p.adlooxtracking.com/gpt/a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
cace4c826223e764f2556cb22cf365dda4449c3b886f19a34ee8a3499b8a86d0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-adloox-pubint-version
20231123013001
date
Thu, 23 Nov 2023 03:22:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-real-ip
178.162.209.133
x-adloox-pubint-commit
80ca8d3
via
1.1 google
x-adloox-pubint-commit-db
5ee398e7e-dirty
server-timing
conn;dur=0.005, ua;dur=0.024, segment_pipeline;dur=0.137, segment_ip;dur=0.006, segment_iab-valid;dur=0.012, segment_iab-spider;dur=0.862, segment_bs;dur=0.004, segment;dur=1.188
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx
vary
Accept-Encoding, origin, user-agent
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
access-control-expose-headers
x-adloox-pubint-commit, x-adloox-pubint-commit-db, x-adloox-pubint-version
cache-control
private, must-revalidate, max-age=3600, stale-while-revalidate=86400, stale-if-error=86400
access-control-max-age
600
timing-allow-origin
*
access-control-allow-headers
x-cloud-trace-context
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3272521849198029&correlator=4370122267812305&eid=31079668%2C31079673%2C31079657%2C44807410%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=21751243814%3A183518426%2C222913-300-250-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C250x250%7C200x200&fluid=height&ifi=8&didk=4118059834&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dd99d1b6563fc9bfc%3AT%3D1700709770%3ART%3D1700709770%3AS%3DALNI_MYDU_TML-Ek6t8eK8e6Boe8HJL4LQ&gpic=UID%3D00000cd89979a03b%3AT%3D1700709770%3ART%3D1700709770%3AS%3DALNI_MaarDuukHbRQr1v6TQrHobzRdUQBg&abxe=1&dt=1700709772211&lmt=1700709772&adxs=1088&adys=943&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&vis=1&psz=300x0&msz=300x0&fws=4&ohw=1600&ga_vid=95362296.1700709770&ga_sid=1700709770&ga_hid=1231077867&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY0MjO0b8xSABSAghkEhkKCnB1YmNpZC5vcmcY-MjO0b8xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGM_IztG_MUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lSalJ1TjB3M05URlRTbUZ0YVZweFYwbzNjbmd4VVQwOUluMD0YtcvO0b8xSAASGQoKdWlkYXBpLmNvbRjQyM7RvzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNjJztG_MUgAUgIIag..&dlt=1700709768198&idt=2089&prev_scp=adunit%3Ddiv-gpt-ad-1520909829098-2-1%26prebidtrue%3D0%26hb_width%3D300%26hb_height%3D250%26active%3D1%26andbeyondhijack%3D0%26andbeyondunfilled%3D1%26visible%3D0%26refresh1%3D1%26activevisible%3D1%26refreshtype%3Dnone%26amznbid%3D2%26amznp%3D2%26adl_dis%3D-1%26hb_format_adtelligen%3Damp%26hb_size_adtelligent%3D300x250%26hb_pb_adtelligent%3D0.05%26hb_adid_adtelligent%3D95ca9faad8eab8b%26hb_bidder_adtelligen%3Dadtelligent%26hb_format_abmxandr%3Damp%26hb_size_abmxandr%3D300x250%26hb_pb_abmxandr%3D0.02%26hb_adid_abmxandr%3D90979976901a96c%26hb_bidder_abmxandr%3Dabmxandr%26hb_format_oftmedia%3Damp%26hb_size_oftmedia%3D300x250%26hb_pb_oftmedia%3D0.02%26hb_adid_oftmedia%3D92d010a8e3a344%26hb_bidder_oftmedia%3Doftmedia%26hb_format_adpone%3Dbanner%26hb_size_adpone%3D300x250%26hb_pb_adpone%3D0.05%26hb_adid_adpone%3D8830d2a0b74f06b%26hb_bidder_adpone%3Dadpone%26hb_size%3D300x250%26hb_format%3Damp%26hb_pb%3D0.05%26rtb_pb%3D0.05%26hb_adid%3D95ca9faad8eab8b%26hb_bidder%3Dadtelligent&cust_params=adl_ip%3Dadloox-dc%26adl_ok%3D1%26prebidtrue%3D0&adks=1043495288&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6fb18d41f4b9311818d70e6360c82b665ee4f91c1919864b944bef4dbb4c2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12921
x-xss-protection
0
google-lineitem-id
5506573591
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138265691534
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DB53 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 03:22:50 GMT
expires
Fri, 22 Nov 2024 03:22:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
grumi.js
rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/ Frame DB53 		596 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f7a97ee90e3bf0d416db4ef3985282a52d6b13b41d8b0d89a22f4baef188198

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
x-amz-version-id
0JQDHGo3POVU8V3JnG0OKnZc_UxWgL_n
content-encoding
br
last-modified
Thu, 23 Nov 2023 02:55:37 GMT
server
AmazonS3
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"9c5082ded7990ce8b1325b69f7892c1a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id
OkxjvwI2tCG1Zjik79GIQykHSc6AmgP3LOBtnKcKvudMgjS_praEuw==
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
285 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
82479b21329ff01c7a23c63063cbe4bd005beeb5669c3fb2afa0da8b82101398
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
date
Thu, 23 Nov 2023 03:22:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DB53 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
533154
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Nov 2024 23:16:58 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame DB53 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4243
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230128-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2F3AI15hRHNUXq1E3EAGY6m0yfIMbhDm6KxOLdTgUSjL4KzjS%2FK8SBrESBXh3Q1YhWdIlCXe%2BoXuIQlJAFKzf%2B01MHIt%2FJ%2FqimQAO44uvA%2FRQwhJpQiWR3bHcqoz966DgfjIBtIR7dYP8Zrm9I4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82a64a4dce6c9247-FRA
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DB53 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 03:22:52 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DB53 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUFcNSFJyKb1mBXI-zq14KUeZlQQ-Msg3tqDn2wzcw1EpUxHSnGvnIpTMSeQKn9QvIx59wU2tdzvB45kupbcoQnWxne_i4HkXlyNwv7ZJ6mLgT-Z2VlEwzb5XKHkdKXP9PwoJFoxoif6oFun8VwBhXG_7YdI1j8MjA1zFMJcyKfEy_Ziba5xHeGDKYpyC-tv1_zh3vDWpFFO9d0Md79yvtg9XgXdHHAFdoybenavjLlPKG7PKgt9-h9GNbygvA8OsqOU81AWqgivy-8YpMbic0w_yoJQsUzhMhEsmMaKLelUPFOZMLDi0BclEla8Y2r3zdbRs6yo2Bn9JRUeXkusip9hlpAy1lEm7BwbuGBrnxDq5RqIIp1-vIA7ZXniQI&sai=AMfl-YRlBIs-5kJeSXdwMjBdaSvWyuguN4m02TgQV7X2sIQpDd9IIuInNtSKkw0LGhKA-vhBv5_nXsNcd2JAHlT4CgYDwPGQipbPyKGs5DikmUBVb18nkjpZtk87ZHv2Ibs&sig=Cg0ArKJSzJdxSpDrmA2TEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311090101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce9c8b94d88bbe9b2ba922e1d21042f8b21e143e731fd88a80d472fb4e33f79a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12339
x-xss-protection
0
grumi.js
rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/ Frame BC25 		218 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
871ca577af93c4d834f8b2994a59ba092b267b5b5a1ed3f62598be4c010dee1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:20 GMT
x-amz-version-id
PPUsbnOFOz0w173jUyxKcyjfOa4niqGt
content-encoding
br
last-modified
Thu, 23 Nov 2023 02:55:43 GMT
server
AmazonS3
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"13ed0fce3b06b930a61ca71902ee1d79"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
33
x-amz-cf-id
UhrO8qJ_2ksYkzfBpxrcSpRzUEnSA44ze6K-UzfsMh9b7OZdt-KDzw==
v3
id5-sync.com/gm/ 		318 B
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/gm/v3
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
febc26d7172e39981b96cb0c1656d2e5367f70dcb732906c16b50f82b8380d49
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
date
Thu, 23 Nov 2023 03:22:51 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
pixel
googleads.g.doubleclick.net/xbbe/ Frame F062 		261 B
187 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDo-4rWBRi2u8P-ATAB&v=APEucNVQdRjMfsItx3ZnIYL8YcuABZePQR6Z2BZJ9_Fs0QDnBukhDx6qyM4h7oOsFacbh8LG_lx1gwmOaxraUqaaNGiVfmZcUbOj39a_1pUfRJEr-bpWeOzY5xjjio1wM1gPgP1LT3j6IfPA2juqFmFaxDY3ZIDvqVXrqHctqFEFjM7ZuHFPATQ
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
102
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 03:22:52 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame BC25 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31498
x-xss-protection
0
server
cafe
etag
4296746511219988724
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 03:22:52 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BC25 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CXuuvBmlE3KQjLr86wNca3_v3IjXSZceMWAg8O05e0dm6hW-Ue_w8VDavampmWo3ytf6aetXNCCJ9eoJyAB1oOI-2VH6Erl4O95KnkobuzVPKiRIE
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BC25 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=16165708509777740406&x=8&ct=77
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b574ccee-8743-4a04-8c65-3cd907bf1166
beacon-fra2.rubiconproject.com/beacon/d/ Frame BC25 		43 B
227 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/b574ccee-8743-4a04-8c65-3cd907bf1166?oo=0&accountId=21034&siteId=302564&zoneId=2535156&sizeId=2&e=6A1E40E384DA563B20C7A9EF32A79BC294D566BE3F9CC6931389833B86C6009EC79BDA4D27E9B5A9ACE2007C9D57DB5EFD26845D400FBB257A97867B1991DEE28810832BED00C745C43EE9CDF6DCFA4EF9BD0C60FF54E3B9ECE99E590CA72F65E59B702693F8CD1790B923339DF07A7168516BED3E7F54A6169BA633A0C8FA13DCF8639D23EEE53A56BA6EBADC6C5733867F3569743FA845D77A111CDD977F87CE143441DE9200704F1E7692B87A9DD801F32F91CE7B7F72E82A954C1004678A
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::154 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:52 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
register
token.rubiconproject.com/ Frame BC25 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/register?khaos=LPAMOQBI-U-48OB
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
trk.js
cdn.adnxs.com/v/s/240/ Frame BC25 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires
Thu, 14 Nov 2024 14:07:00 GMT
Date
Thu, 23 Nov 2023 03:22:52 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
652552
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27680
X-Served-By
cache-lga21956-LGA, cache-fra-eddf8230092-FRA
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
X-Timer
S1700709773.539111,VS0,VE0
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
7, 846973
it
ams3-ib.adnxs.com/ Frame BC25 		0
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fskypost.ulifestyle.com.hk%252Farticle%252F3384147%252F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&e=wqT_3QKdBaCdAgAAAwDWAAUBCIuL-6oGEIm5_cj6pcmbRhgAKjYJuB6F61G4zj8RuA0JJBkAAACA61HwPyERGwApEQkQMQAAAOABLaAww9f6DDilFUCuS0i7A1AAWK7QoQFgAGiztyt4nPUFgAEBigEDVVNEkgUG9GkBmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgAr6DXuoCPmh0dHBzOi8vc2t5cG9zdC51bGlmZXN0eWxlLmNvbS5oay9hcnRpY2xlLzMzODQxNDcv6aaZ5riv54-K55GagAMAiAMBkAMAmAMXoAMBqgMuGhM1MDU5NTUzNTkzMDA1MTM3MDMzKgdydWJpY29uOg4yMjQ5OjUzMzc4MTk0MsAD2ATIAwDYA42RVeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xMzOoBACyBA8IABABGMoHIFooADAAOAK4BADABPL0uSLIBADaBAIIAeAEAfAEAIgFAZgFAKAFjsnchqXQmMxhwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFpMke-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_aBhYKEAAJPxUBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHnPUF0gcNCREnASYM2gcGCAUJ8G7gBwDqBwIIAPAHoyCKCEcKQwAAAYv6M6b4RjclL6kfXImsUiiCu9N8Myxx432pB7WE-1SLugzOChSKkogffkSkx_2Sd456ecreI18-Kv39r1V_F60QAZUIAACAP5gIAcAI6hDSCAkI____PxAAGAA.&s=16319ec38da5ba5913008addfc1cedc789a61efa
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:52 GMT
an-x-request-uuid
846f392f-dc41-4549-b599-1e2899c467a5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 23 Nov 2023 03:22:52 GMT
container.html
2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 98F0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 03:22:50 GMT
expires
Fri, 22 Nov 2024 03:22:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tfav_adl_532.js
j.adlooxtracking.com/ads/js/ 		75 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://j.adlooxtracking.com/ads/js/tfav_adl_532.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:4192 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9187ba048e965aab532234ce6ed0e7aa70ab24676c118485f0c5a56cdd135f66

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
content-encoding
gzip
cf-cache-status
HIT
age
942
x-guploader-uploadid
ABPtcPpOtAREPdXfsX5gYct9Gn00UtryEMgY9Q7SEm61J93_p1dgbwZ-1zjzLUMIwUFT_TFpp6j0z15VIA
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Tue, 24 Oct 2023 08:15:25 GMT
server
cloudflare
etag
W/"c1f6e9e6a03893acdb9b3c848fc73b62"
vary
Accept-Encoding
x-goog-generation
1698135325532573
content-type
application/javascript
x-goog-hash
crc32c=aAo/7g==, md5=wfbp5qA4k6zbmzyEj8c7Yg==
cache-control
public, max-age=14400
x-goog-stored-content-length
76735
cf-ray
82a64a4e9afa9a24-FRA
expires
Thu, 23 Nov 2023 04:07:10 GMT
truncated
/ Frame DB53 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
167bb06303fb9d90039331f95011a134c69d73deece55d000a722a71d5db1068

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
m
ad.yieldlab.net/ Frame F062
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldlab&google_cm&google_dbm
  • https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEAdRjtZ6vQedt7_a0w9-NL4&google_cver=1
0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEAdRjtZ6vQedt7_a0w9-NL4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDo-4rWBRi2u8P-ATAB&v=APEucNVQdRjMfsItx3ZnIYL8YcuABZePQR6Z2BZJ9_Fs0QDnBukhDx6qyM4h7oOsFacbh8LG_lx1gwmOaxraUqaaNGiVfmZcUbOj39a_1pUfRJEr-bpWeOzY5xjjio1wM1gPgP1LT3j6IfPA2juqFmFaxDY3ZIDvqVXrqHctqFEFjM7ZuHFPATQ
Protocol
HTTP/1.1
Server
184.30.17.243 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-243.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 03:22:52 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Wed, 22 Nov 2023 03:22:52 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ad.yieldlab.net/m?dt_id=52&ext_id=CAESEAdRjtZ6vQedt7_a0w9-NL4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/ Frame F062
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adform_dbm&google_cm&google_dbm
  • https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGBc689LQU2E8YYXkmyHEPI&google_cver=1&adform_v=1
43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGBc689LQU2E8YYXkmyHEPI&google_cver=1&adform_v=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDo-4rWBRi2u8P-ATAB&v=APEucNVQdRjMfsItx3ZnIYL8YcuABZePQR6Z2BZJ9_Fs0QDnBukhDx6qyM4h7oOsFacbh8LG_lx1gwmOaxraUqaaNGiVfmZcUbOj39a_1pUfRJEr-bpWeOzY5xjjio1wM1gPgP1LT3j6IfPA2juqFmFaxDY3ZIDvqVXrqHctqFEFjM7ZuHFPATQ
Protocol
H2
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
last-modified
Fri, 28 Jul 2023 11:03:52 GMT
server
nginx
accept-ranges
bytes
etag
"64c3a098-2b"
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.adform.net/pixel?adform_pid=4&adform_pc=CAESEGBc689LQU2E8YYXkmyHEPI&google_cver=1&adform_v=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
312
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
grumi.js
rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/ Frame 98F0 		596 KB
172 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f7a97ee90e3bf0d416db4ef3985282a52d6b13b41d8b0d89a22f4baef188198

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
x-amz-version-id
0JQDHGo3POVU8V3JnG0OKnZc_UxWgL_n
content-encoding
br
last-modified
Thu, 23 Nov 2023 02:55:37 GMT
server
AmazonS3
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"9c5082ded7990ce8b1325b69f7892c1a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-id
YIhFgEnJCYHMWj39sSHfQzeGxlGtqPr_GVmctBbOdo-nTDgSC5v9Xw==
init
gw.geoedge.be/api/ Frame DB53 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2a00:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 03:22:52 GMT
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-length
0
x-amz-cf-id
9kAi45gH4W9s57MDD4bPJww-hT6Ek4YegYs3-ZlJz-tCXcUBDC4eKg==
x-cache
Miss from cloudfront
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1E59 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
39173
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 16:29:59 GMT
expires
Thu, 21 Nov 2024 16:29:59 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8881 		829 B
560 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
29c9be7ac04f77d01cc90b118d52545b326d67928cc5d903f2c164fbbe9d50cd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7JgIx8VkLdmlE6u6BEr-hw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-7JgIx8VkLdmlE6u6BEr-hw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 03:22:52 GMT
expires
Thu, 23 Nov 2023 03:22:52 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gen_204
pagead2.googlesyndication.com/pagead/ Frame BC25 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3977232963893&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame BC25 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3977232963893&version=m202309260101&ct=77&x=8&cor=16165708509777740000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:52 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame BC25 		23 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyeAlEcRNSRioV8aW-0J0OTeHnRHrc9AtgdOLW7omoLNMjEuPsxgMdq5jP94TNY46rVYoP3EX4E9BsTo33WcXPvyO-nZUFf7KSXjeuBqIlCVfmIaNiGIjouaF0khieUiq_toPTxG3mi1KaoB5hBaZjOOMJcNWULXkOdcB2qwVb27eQi68&cry=1&dbm_d=AKAmf-ALAXW86Px9FBKJHa45-pjLyWiWVOw4scr3eh9eG6FpeKa7_cYm-umEz0ldcsMhglJc4KDO6rDfA0RXwEgwATV4uDEgyzFWlD5QYpZ03X_0r5T3nJ9yd81-2o8xIRdpkAQJ6Hnz4AQJIS8e1aB73PSzYjFHhKoo2R4QvNscHWCL2uefaVerH1h9na83zoo9n639lBTcGpnDfAvRLkvs-zfGN9YPjxmrgvcM8T_GBKgT8mR1EyTWavODWU4Xc9C7T7Kd32oZ9naIYHPvz2w6pYsRVPhqmpf5IRm-V2sSGZj3ntY7LvtyFRV9GEXlH0nGbQYNPYyQLADjtG12lgJt3Wzdw7TaeGlHXAokHhiFcXtyMSesjVIn8qydjFGWTFP3YLQFsQok-StFDLgtSKcdwi6Z4VGQFTu02QzMFEB-eNdcOiE1NbLIdu0V35KIOHTyNS7kEcNikZy7Q3Yn-xwo8bwZk1HkH5eDE3nLSAN_blmBmTDiOA3RK_Pj0rDzyQySsvfZBSN1kaTSOoQKtUMFJqwkCcnIO6L7B1MJdhawikOcsLqniDWOoaStzwOEuH2ukMx-ibiIUDFa6hcdGc07PCX7BeTKjGDW0-peyFzLEHfKAiI7bl9WQSZ2DOqe274JA-VIvcES9PnyRNZhGLFrCQnBsbpNBCSmXzF4sk4vw_4Re4lbD5CekobPJO92AARRgkwcF1S2p5Zzd6a5BvM1VNHeIp7Eij08N4PDfNno6VeCCxXxW_Ybk73Su2_braqz4zeBF3eovo0KYMZ2Le0XgW-vRxekkv2weSRkt28nlGurB-bwgDM1fXOBzKYoxmW9x4HWUzK8RbbPPHFOQVSFWjzyaKTo4ZJO2onuzjLJkBE9XhIw5m1pc5VZP0MSMhl4-4S0ft2HANghI3LurTNFJ1FW_W0e9pbL4j8-3o1rVZFZcRzW3_WvDaiW5VSZATFlA9tzClgwotXwSHISxzRZSf8bixpHnC8CofavvcVCSi-IGpTm_TJXVvlMEuqVrFqOyRi_1Q7PGWolKpQDds45rzHfv9vYqkJMF__sv7BhDEGXDKmtjPLy68mx0bUzf_cPk8-0z26gWcFfgq_YOXDd3y0tFM9UCsGw0s17vJwRSbwYN9b6lz0w3roiuHPXbODFsA95T7Rrd3IvuTVwaQSa1U-EcKX8GI4HfPkXjtGH0PHrB97DGSl6yBOlxF1CWPLhk2Ur-yFEmVVB1RBBQrwoZNhCim9ea6BpzNGXCE_g2AdhdgFLIjntpFeEqtg3uEhzc_fvxxwcAp60aS1M4DFJPj2Uie6xW_rRVLejLkCNV3mR8QRMmDs9qWGfVwS7DUi0LF3aN3HaHa5OqpRrVS2b3ulKUv0EdlpbfEUZODNxS7n7wizRuf2k36o8rWr38wwsKe4D1hlMAK9cqPyPK494cDHU9UBEC8UGd4GO5yVgeP_62T9VnkJCdsaiR0ncOuoeC5NAF2nchZt-arj1eAilDLVSiYbOrLSKh6ozhAIQioB-82nfZFD0fCFIvq01urCkrlR9-lEsXI1bzA0beXSxN9ZIK1-ew1DZ6w9-lH2yXfGcY9Gjkna0t4L0rLX4C7wEEATGpYYyisq4BcbgkTdbWixLDjcYBVCsxK8YxbzIkWuwx3kBdQZSwty3tcSUU3bRx_5KAFgxypvQj08RN9OqF5cA3zYUp2rHk9BGIaC1X0fyun4ASK5fErv6931XtkuB2YNlPpR5D_G54sZnA8YuZWtFWpkabS1AlhN2JMSvqJHskXXRAF4QeX73RxrbJXfy8t4VybAxbLWZCdEh9lU9CWZGNG6EB-ErFDDn9MOmEty_2iPnGNw4BxjemMn-tBBeTSNDi4FRqD8YLyj_fGyiJmgFodxAjAKq4ymBYTUwYeblSyTp6kPMowurVXhs1axQmDzfvpFjUkxNKySrSIvr1tiIKsLgWOO1eOp_SkTZ2f0CacsBnxhLX_dkB8RN-Ou8YVlApk51Ltz9Pb-Bj9t9buR38G1n_KYH8So6qfLPPzkV3v1dRk9qsXuEWLXFp5NzUBj_1tjFbiTrK0q4SScpHt_da6PHBJRkZkom-KsRw-_pcU8XUBwf2p8_Q2S2qCaKDuibT2VH142aNdV12RGtp9hHhfOX_H1hVEkJA1Kty3lQkC9r-d0AAfBkX2-yZtUhzUrvtlk3g95PcguPAptvUpwzMiIYd6G2J4_Nbn4_Qef9CSmJ91c1xqT-M6kpyAkPIal1COazBtZWRjS3pGkpQuY4nv_xFJKgu0xJ7OEyPr_4wihvK-z2n1loEW1WVsxlZbn3f-CRfVjul_-V7rJVkYOxjTy5Ye_MMk3jgcTLkzR7r2ssj_uGHhIA9ga2231yyfyq4BgYXICtEw_l-o8EoZ0xsr6rK1o4fsQbWpZ_191Fc69l50T7QL-bo9yhAyRvFGV-yCYraiVaqWYWPWfzxXXlOHOI2GLEnPsEa-E7yc_2ycd0r8_rguGViHHkg_9QmPQFyNZnDH6gj4dFKqec6lgA_3oibf1avUgLiXj0SoUPZnr9Ck8LCrOK913w60rLKFuVCLwRRQOGD5IPE5sr64rOh2XB_UJVd6FRFX0cxGT6YChvEDPUQmlJsYURAMb15zH5RzFKhyZrirK0AYGEKSJWpQxZZHTBXHjPT2gfzXE3haWxxruhS2DvXC3mDChZTw7yDJQh8XjFi6PFT4Y75_jVZ8B_qMEds-X-hdoIoOkXdNYmXtb2nF1hLRrJW57VT1t4jYTIFAlKjut1jke_p0Jhi1NcQbKKhlE7tNoaVdKwc29DKZBLpoIExh7oEmurTpQ1hsAU6UpjFcKsVijjVJpc6rXqq29h_SJd_iv2yoKoznPjzQf3z_zgKx7SZL2oAHBELpGzTxg5uNQNv-KDbc7fcDnCiorfAmek_ocPCpsKZ5g-5L4DEJkAKt-4v_xmaG0RA-eG0KDcroNJJwft7cBrLBUve-4WajWkyeMe-n24fsKoLUPztimqm1FP1wbt1SplixNyG9cMY4of6Snrrhe94SVlMmwPTBBlIiAclNjwputXzxQ3AHXXN3EGNeWXrlz3eunpyLjGCXIZ_IZFf8pLpAwiBDUvguC59PaxvZmYrTNyAestZzEZkzySlAc5SEJzJuLVlzNZTZigSdfBpmASFKlxlhHdnldeeJFR8EK5cahOtgjbOL-Tb3Lp-V8L-dM4SJX9G_IUwgy2nsSnuOQ4ZNly9YkLcm2TRiA1s_VHoAFk1kKYaWddMI6RiFdrf6q2yRbFoml6gz09fudzpJsmV6nINnzIEJT_3Yp7hWB4MJZnCxuxM2IcggJDqJgEXaBCaoOhCiEVd5cW34v64wNNU6rapfESO8TyC3KlKcOWxa2Rwwjeo9jyvokoYRq9YhrajIvLvEuyALn-0gDIU3SQtAp0Dz8jwNyBU1wTTMkSB6A4Le-V6nRjdbUuoYSkDjN6HHb9mHl-TCgg6vDNK7tNQXDfHtKumKzG9uukS3XCtpai0sRdiv4-_wo1KZK3uw7bRXWUDP5DU7IJH76XFsjPI9dNfjPn4V_aomA4BHTs_nBf_6T_QqL-kD8UfTT8ehcwFq2bskKuxg7QbQIQRCSdKdb9beBeHTS2C9tioAsyKYIU0Rwn2zdTxxu3MX8yeY3FSX73meEq3abzPQnVsv-MOu1JpKSC2WQwQ7kmtWcpZKpXl-5y4KJY1_Rz2Nrb2qEJvYxXd4N31d2jEo8u8N9p9S8IALQR1CI7l8cbbrkcDMIlPQiLO53HLuF-dKl2kdUnRfDzEqJnMCPjoHPe49HOWQvYoODHv5E6JZkbZB851tFahkgxp6OsV5Dnt5jkQxWSi10srZKGwEHHX4AAppfxGLUhmA&pr=8%3AF937887FDA31E3EB&cid=CAQSMgDICaaN34-ukyDIEjhtaW8udZe_xW23-M6P88tdFXwA4SbdxgUNTqk1Pe7mi3R3AX9DGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fskypost.ulifestyle.com.hk%2F&ds=l&xdt=1&iif=1&cor=16165708509777740000&adk=1432086344&idt=50&cac=0&dtd=19
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29a3e90558a8c3081d5cfab8aea09d0e507abfaba3a202613e080d486deed0c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:52 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15380
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 98F0 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
533154
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Nov 2024 23:16:58 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 98F0 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4243
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230128-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sq89Zn3aDSmnnZBVjuI3G5VZyy%2B1ac%2BL6%2B7O5NwRg3LHDVgXTsnYfFzpCS9XnyHcgSIL7JBcBJ6ucFOSTP7MueqTYeSR1ztqIqywvS61hJJWD3AWAgLCJex4JcRYAV33jIgA3492wcjYkIqXK00%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82a64a4f0f599247-FRA
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 98F0 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 03:22:52 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8881 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311090101&jk=3272521849198029&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
ic5.php
data00.adlooxtracking.com/ads/ 		88 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://data00.adlooxtracking.com/ads/ic5.php?tagid=1193&client=and_beyond_media&d1=pg-5722~1_fo-5722~1_vpw-5722~1600_vph-5722~1200_scw-5722~1600_sch-5722~1200_sco-5722~1_sca-5722~0_srx-5722~0_sry-5722~0_ev-5708~sb.5722~rp.5722~rvp.5722~rap.5729~ss&att=0.0.1600~1200&visite_id=66180729432&seq=0&timezone=-60&js=tfav_adl_532.js&date_regen=e0208d5&type_crea=2&sl=%22sm%22%3A%22browser%22&id1=andbeyond3001&id2=%2F21751243814%2C183518426%2F222913-300-250-1&id3=4666413989&id4=2761557483&id5=138265691534&id6=5506573591&id7=1x1&id8=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&id9=DE&id11=%24ADLOOX_WEBSITE&p_d=0.022&fai=%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A%EF%BD%9CWWF%E5%A4%A5%E4%B8%AD%E5%A4%A7%E6%8B%AF%E6%95%91%E7%8F%8A%E7%91%9A%E7%A2%8E%E5%A1%8A%E6%88%90%E5%8A%9F%20%E5%BE%A9%E8%82%B2%E5%AD%98%E6%B4%BB%E7%8E%87%E9%81%9497.5%25%20-%20%E6%99%B4%E5%A0%B1%20-%20%E6%99%82%E4%BA%8B%20-%20%E8%A6%81%E8%81%9E%20-%20D221026&iframe=0&resolution=1600x1200&nav_lang=en-US&url_referrer=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&activetab=1&cf=1
Requested by
Host: j.adlooxtracking.com
URL: https://j.adlooxtracking.com/ads/js/tfav_adl_532.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.31.249 Mountain View, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
249.31.241.35.bc.googleusercontent.com
Software
/ PHP/7.4.33
Resource Hash
12db6710704be359f07f6c1e2bcb3955a3fd0ed332d59586cb0c38c6858c7312

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
PHP/7.4.33
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
x-route
ads-prod-75d5674dd6-jqspz
accept-ch
UA-Arch, UA-Model, UA-Platform, UA-Platform-Version, UA-Mobile, UA, Viewport-Width, DPR, Device-Memory, RTT, Downlink, ECT, Platform, Arch, Model, Mobile
vary
Accept-Encoding
accept-ch-lifetime
86400
content-type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
access-control-allow-methods
POST, OPTIONS
cache-control
no-cache, no-store, must-revalidate
access-control-max-age
86400
access-control-allow-headers
Content-Type, X-Requested-With
expires
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 1E59 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 23:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
100884
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Nov 2024 23:21:28 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 98F0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5lJac_StwCuPoWwQM5BYpCnUBN0Hu9piqsrgNjH2n-X8CsU95oHqxBuGt7724m_IG3MVRfFO8sFqa6ZnVbxmn714F9tRlkt-1IbUi4cX4ELIIsk0fuyiAe02NG6AQWlZgsrsz4CCmhgq5lGvBrBLD3ZYbeGHpeA2_DA_BdX5S9fecO1RsdojD8HcLSsCfe8d6hX_sxEvxN1Os7J3YrUjgWS0jFYfisSIhs61wtwyt0HyUiEqMQM2-5EFksCotgSZufzE8DfxxotyPKoHfnnMQHukOKeWbB8nxHjgNL7RBo_lixfq9Q-L37v1OVE7XyEAhotd4S2oLAHSYhXSo41z8UYRI3tiZgsqf2PmzPh3wScgvf5l9l9LY1ijbtlLc&sai=AMfl-YTdXXk1O7Mo_Zm8zUtFe4swC6fr4xXm6qZs-pM11O0c8WrWUk0nzUMZBPiPaW8vba2UDpefhJTpkdPJB0lcs99rCccZSWQ32kvV988lghy1-bk0vuFezHhJyTMqgBI&sig=Cg0ArKJSzASeas2t0BiBEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
grumi.js
rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/ Frame 5122 		218 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
871ca577af93c4d834f8b2994a59ba092b267b5b5a1ed3f62598be4c010dee1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:20 GMT
x-amz-version-id
PPUsbnOFOz0w173jUyxKcyjfOa4niqGt
content-encoding
br
last-modified
Thu, 23 Nov 2023 02:55:43 GMT
server
AmazonS3
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"13ed0fce3b06b930a61ca71902ee1d79"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
33
x-amz-cf-id
GnFQi1mNwB69BHittAW6m5ArJfSzPmda08FvODWLfL-ZxSxbOa5YIw==
truncated
/ Frame 98F0 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ca91b3677496e8f1e4704305b85507390b8314a46c17cad6f3ec03d4c08c470c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame BC25 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 03:22:52 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame BC25 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
465464
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 18:05:08 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDcwOTc3MjY1NTk0MwogIHNlcnZlcl9pcDogMTI2MDYzMzgzCiAgcHJvY2Vzc19pZDogMTY5NDYwNjkwNgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMzk1MzMx...
ad.doubleclick.net/ddm/activity/ Frame BC25 		0
857 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDcwOTc3MjY1NTk0MwogIHNlcnZlcl9pcDogMTI2MDYzMzgzCiAgcHJvY2Vzc19pZDogMTY5NDYwNjkwNgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMzk1MzMxNgphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vam9obnJlZWQuZml0bmVzcyIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMDA5MTI3MzAyOTk3MjU0Nzk1OQpkZWJ1Z19rZXk6IDE0NDM1MDUyMjQ2MTIxMzMyMDYwCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMS0yMyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDEzOTUzMzE2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0NPUkVfUExBVEZPUk1fU0VSVklDRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFURk9STV9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1FVRVJZX0NPVU5UUlkKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiVVMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQUNFTUVOVF9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMzgxNDM3OTY1CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19BRFZFUlRJU0VSX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNTIyNzEyMDQwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIwNzgxMTUyMzU0CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNTMzNzgxOTQyCiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2pvaG5yZWVkLmZpdG5lc3MiCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:52 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xc644402e31637aff0000000000000000","13":"0xe261829ac40c56bf0000000000000000","14":"0xf579b5c7686e58f70000000000000000","15":"0xfa5f950e6a9e39700000000000000000"},"debug_key":"14435052246121332060","debug_reporting":true,"destination":"https://johnreed.fitness","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["13953316"]},"priority":"0","source_event_id":"10091273029972547959"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6xonarohpn0t
hal9000.redintelligence.net/zone/ Frame BC25 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/6xonarohpn0t?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB75Ri8VeZa3_JLyGnsEPjMy84APk4MuvdO2h_oj5EfYuEAEgur7wFmCVkqqCsAfIAQmpApkrUezPQ7I-qAMByAObBKoEnwJP0EeMSV3Pye0s0WCBu2aZ6DMKxjP0-i1Qbxy6VIaitvDU-QvZ6IbVuBODj8MtH5PAEspUYuq9TXuAnOd6PVmRGQywu7lXguH1qSe9UoDV1TBEwd9aLmqaihSH8qRe4ei2-_Olflm57-24Mag8MuL2zqORyOvhu_q9BaIdZHhlJExx6Ap80ulBIdRyb4DWiG_lHvLLrG41f9sdSYvZ2MMOsxUkDhoTWiYdECxjF7wJbAplrXDm7gWW_-cpdk_uC2Vbf1TGYtBxyqe5kmRQMo7_AB5mghCTiOFsg0VmFPXimk250LgNbMc3OMuLJDL7f0zWVjZFclaawup9ajlWgIQe2vq0F5PxVmdMFYGNt-Au5HP9QK5rWvYxd-W_WCV1A8AEidGXiLwE4AQDiAXi8Jy1TZAGAaAGTYAH39qGogWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhfMgKqAjoCgEBIvf3BOvIIH2JpZGRlci14YXBpOjMwMjU2NDozQ2RodWt5NGZ5S2uACgSYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATlcvJFdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSMgDICaaN34-ukyDIEjhtaW8udZe_xW23-M6P88tdFXwA4SbdxgUNTqk1Pe7mi3R3AX9DGAE%26sig%3DAOD64_0jPztKvKDEzMSrJfHGYPyHscv-Eg%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-CAZ_z7oq0NAuUl24Wb09RSMYd36qxByIR07cunYHFU8AzVGgE6aEljlp3qv8CN-neuygmksV28P_jE-RWuLFkvlDUAvgxKhzzMGZ0AZMrahSjINZfWmxBJFpZ7aDC0GPWOREeEr_mSHKTDz2dfeoCBdPxiNrcmt2VNDB-iHI2Trf3kwEE%26cry%3D1%26dbm_d%3DAKAmf-B_p3GdUfSGFC6e6P7ddQWgQzMQ_H-TvP6yIr8zcqOPkoF5L6g8zJ5M-0pQzVi55okXD5E7lF1a73IA-xJBYgwIuHcuDRuzWOm-nYzp2JT2iJyrdC5Z9f08NvcHSj1fPtBLhsR1dTVSYoCDS6Sdf34V149Ixz8uKfR817qbW8HjNIR5GIZX-l4OPDkqHV1_Qycd5e-cl74Cli9x1PEK6zdfXPWtHS8A-Qs2c1oW_YUHGPW5MbTnstLUhGqb-4n02_3IUHfE9WZUQYwu39NTfq94fkxW54645uELZE-mkpEZ7ai9omf5QhHlEIe7At2vtT_8tU1t9fpftlJiGISjmAFknk6jiMfm-gZ65UWdbinbYW52kG3U32-i_iMU4hikWLLmp9QYlbafRfMcgCvoCCepCTpyEkIJDPPEAV4LbspPKKUV12BPl8J_3WFgQSFNeuIGYuzwssABBojD2X43EVa_lm0HvOeDzQnQp_h3_-q-0I0wclwRGmFtnJLr6yb5mUnZrxJEMxc4ljQaAymMXoH-ryb59WI0fIoN2zgoT-zBYkMHNEk4fGPPQn7fFr8n0qrLrPqVD7xtuHvKzxhNX_2LarIhsg%26adurl%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
376d6333bbcb039779f9d30a7db1c8f66f928dc72bd2db76d62349b4b079e8de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:52 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4244
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
/
ads54.adtelligent.com/display/ Frame 5122 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads54.adtelligent.com/display/?adid=3699F258A16997BB&aid=694829&cb=1807155687
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
6bee2907714effdf2cbcf57a7c1863465c0d070d310d911ec064358fe1e38ed0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:52 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
13691
init
gw.geoedge.be/api/ Frame 5122 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2a00:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 03:22:52 GMT
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-length
0
x-amz-cf-id
8csd1VP2LLtoa-iHhguMzXnTbBlROHhcNBKf0JXLq7k_tusHFJyZgg==
x-cache
Miss from cloudfront
init
gw.geoedge.be/api/ Frame 98F0 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2a00:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 03:22:52 GMT
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-length
0
x-amz-cf-id
lgRepe5NJbA3fT9lG61L9i2C4lwCSJ8LZR5-rTDTudAZ_PEQY97lFg==
x-cache
Miss from cloudfront
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 35A7 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
368587
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 20:59:45 GMT
expires
Sun, 17 Nov 2024 20:59:45 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 1E59 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?ixVgCQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame 98F0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvB85HhlTa8Ipz0DyOUcX70MA02qu_QJPtZSYByZr5Oi63y4mj0_Pq5CsYTLuVp0EAQd5gtNBXOVpPPR73eNYG81jIcrhE2jAriUisdZ4XTCF0HYanLVkm1ZXEqZ5BmlJhqu61FmtlwfRTjl2zZQiK3mL00Rdl5UCtdNKSZW_Mz1JEtWZF96nwqFsau_mXm-FP5RH63EeQXwUgJqPdsrfHuW-A7uAW98Kj0YvLYCmjmJKr98eO43GA_ELItQ8oF_KdFEvRg-hRjyWGB_TP0XvlskaoTuY1ilbGwVNjUN88H41Mlb9lu03U4JosnpVKdW7LzRBsZjBCONhCiB9k1PtIX9hYTeMxFDeOraCn4G2iKniHO2MI-LqXe3DB6_TRdHmg&sai=AMfl-YShDXdEyf4swgEPEQAovML6I_5KDPL20rgGUwhnhyesTyn9oWji2sgLlnRV-zv5IT3E_L-VjVISVBD1z8WIdUHr_ueRV8hYvi9Fs8n1JR5eTN0SclIQ2Fu2MARkWIk&sig=Cg0ArKJSzFCaNGLD3xt2EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 23 Nov 2023 03:22:52 GMT
request.php
hal900021.redintelligence.net/ Frame BC25
Redirect Chain
  • https://hal900021.redintelligence.net/request.php?zone=6xonarohpn0t&nw=20&renderingType=javascript&namespace=2af7c6bc09&subid=&uid=3475745d5eb3db75&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900021.redintelligence.net/request.php?zone=6xonarohpn0t&nw=20&renderingType=javascript&namespace=2af7c6bc09&subid=&uid=3475745d5eb3db75&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
611 B
936 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900021.redintelligence.net/request.php?zone=6xonarohpn0t&nw=20&renderingType=javascript&namespace=2af7c6bc09&subid=&uid=3475745d5eb3db75&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB75Ri8VeZa3_JLyGnsEPjMy84APk4MuvdO2h_oj5EfYuEAEgur7wFmCVkqqCsAfIAQmpApkrUezPQ7I-qAMByAObBKoEnwJP0EeMSV3Pye0s0WCBu2aZ6DMKxjP0-i1Qbxy6VIaitvDU-QvZ6IbVuBODj8MtH5PAEspUYuq9TXuAnOd6PVmRGQywu7lXguH1qSe9UoDV1TBEwd9aLmqaihSH8qRe4ei2-_Olflm57-24Mag8MuL2zqORyOvhu_q9BaIdZHhlJExx6Ap80ulBIdRyb4DWiG_lHvLLrG41f9sdSYvZ2MMOsxUkDhoTWiYdECxjF7wJbAplrXDm7gWW_-cpdk_uC2Vbf1TGYtBxyqe5kmRQMo7_AB5mghCTiOFsg0VmFPXimk250LgNbMc3OMuLJDL7f0zWVjZFclaawup9ajlWgIQe2vq0F5PxVmdMFYGNt-Au5HP9QK5rWvYxd-W_WCV1A8AEidGXiLwE4AQDiAXi8Jy1TZAGAaAGTYAH39qGogWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhfMgKqAjoCgEBIvf3BOvIIH2JpZGRlci14YXBpOjMwMjU2NDozQ2RodWt5NGZ5S2uACgSYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATlcvJFdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSMgDICaaN34-ukyDIEjhtaW8udZe_xW23-M6P88tdFXwA4SbdxgUNTqk1Pe7mi3R3AX9DGAE%26sig%3DAOD64_0jPztKvKDEzMSrJfHGYPyHscv-Eg%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-CAZ_z7oq0NAuUl24Wb09RSMYd36qxByIR07cunYHFU8AzVGgE6aEljlp3qv8CN-neuygmksV28P_jE-RWuLFkvlDUAvgxKhzzMGZ0AZMrahSjINZfWmxBJFpZ7aDC0GPWOREeEr_mSHKTDz2dfeoCBdPxiNrcmt2VNDB-iHI2Trf3kwEE%26cry%3D1%26dbm_d%3DAKAmf-B_p3GdUfSGFC6e6P7ddQWgQzMQ_H-TvP6yIr8zcqOPkoF5L6g8zJ5M-0pQzVi55okXD5E7lF1a73IA-xJBYgwIuHcuDRuzWOm-nYzp2JT2iJyrdC5Z9f08NvcHSj1fPtBLhsR1dTVSYoCDS6Sdf34V149Ixz8uKfR817qbW8HjNIR5GIZX-l4OPDkqHV1_Qycd5e-cl74Cli9x1PEK6zdfXPWtHS8A-Qs2c1oW_YUHGPW5MbTnstLUhGqb-4n02_3IUHfE9WZUQYwu39NTfq94fkxW54645uELZE-mkpEZ7ai9omf5QhHlEIe7At2vtT_8tU1t9fpftlJiGISjmAFknk6jiMfm-gZ65UWdbinbYW52kG3U32-i_iMU4hikWLLmp9QYlbafRfMcgCvoCCepCTpyEkIJDPPEAV4LbspPKKUV12BPl8J_3WFgQSFNeuIGYuzwssABBojD2X43EVa_lm0HvOeDzQnQp_h3_-q-0I0wclwRGmFtnJLr6yb5mUnZrxJEMxc4ljQaAymMXoH-ryb59WI0fIoN2zgoT-zBYkMHNEk4fGPPQn7fFr8n0qrLrPqVD7xtuHvKzxhNX_2LarIhsg%26adurl%3D&documentReferer=https%3A%2F%2F2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fskypost.ulifestyle.com.hk&random=4448063797848&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
ac2a80a1ba5aa5672593236085bc91663e4de6e4b63131085d0b78d1353c31e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 03:22:52 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
95876400007913810115215012517021
Connection
close
Content-Length
330
Expires
Thu, 23 Nov 2023 03:22:52 +0100

Redirect headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 03:22:52 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=6xonarohpn0t&nw=20&renderingType=javascript&namespace=2af7c6bc09&subid=&uid=3475745d5eb3db75&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCB75Ri8VeZa3_JLyGnsEPjMy84APk4MuvdO2h_oj5EfYuEAEgur7wFmCVkqqCsAfIAQmpApkrUezPQ7I-qAMByAObBKoEnwJP0EeMSV3Pye0s0WCBu2aZ6DMKxjP0-i1Qbxy6VIaitvDU-QvZ6IbVuBODj8MtH5PAEspUYuq9TXuAnOd6PVmRGQywu7lXguH1qSe9UoDV1TBEwd9aLmqaihSH8qRe4ei2-_Olflm57-24Mag8MuL2zqORyOvhu_q9BaIdZHhlJExx6Ap80ulBIdRyb4DWiG_lHvLLrG41f9sdSYvZ2MMOsxUkDhoTWiYdECxjF7wJbAplrXDm7gWW_-cpdk_uC2Vbf1TGYtBxyqe5kmRQMo7_AB5mghCTiOFsg0VmFPXimk250LgNbMc3OMuLJDL7f0zWVjZFclaawup9ajlWgIQe2vq0F5PxVmdMFYGNt-Au5HP9QK5rWvYxd-W_WCV1A8AEidGXiLwE4AQDiAXi8Jy1TZAGAaAGTYAH39qGogWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhfMgKqAjoCgEBIvf3BOvIIH2JpZGRlci14YXBpOjMwMjU2NDozQ2RodWt5NGZ5S2uACgSYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATlcvJFdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSMgDICaaN34-ukyDIEjhtaW8udZe_xW23-M6P88tdFXwA4SbdxgUNTqk1Pe7mi3R3AX9DGAE%26sig%3DAOD64_0jPztKvKDEzMSrJfHGYPyHscv-Eg%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-CAZ_z7oq0NAuUl24Wb09RSMYd36qxByIR07cunYHFU8AzVGgE6aEljlp3qv8CN-neuygmksV28P_jE-RWuLFkvlDUAvgxKhzzMGZ0AZMrahSjINZfWmxBJFpZ7aDC0GPWOREeEr_mSHKTDz2dfeoCBdPxiNrcmt2VNDB-iHI2Trf3kwEE%26cry%3D1%26dbm_d%3DAKAmf-B_p3GdUfSGFC6e6P7ddQWgQzMQ_H-TvP6yIr8zcqOPkoF5L6g8zJ5M-0pQzVi55okXD5E7lF1a73IA-xJBYgwIuHcuDRuzWOm-nYzp2JT2iJyrdC5Z9f08NvcHSj1fPtBLhsR1dTVSYoCDS6Sdf34V149Ixz8uKfR817qbW8HjNIR5GIZX-l4OPDkqHV1_Qycd5e-cl74Cli9x1PEK6zdfXPWtHS8A-Qs2c1oW_YUHGPW5MbTnstLUhGqb-4n02_3IUHfE9WZUQYwu39NTfq94fkxW54645uELZE-mkpEZ7ai9omf5QhHlEIe7At2vtT_8tU1t9fpftlJiGISjmAFknk6jiMfm-gZ65UWdbinbYW52kG3U32-i_iMU4hikWLLmp9QYlbafRfMcgCvoCCepCTpyEkIJDPPEAV4LbspPKKUV12BPl8J_3WFgQSFNeuIGYuzwssABBojD2X43EVa_lm0HvOeDzQnQp_h3_-q-0I0wclwRGmFtnJLr6yb5mUnZrxJEMxc4ljQaAymMXoH-ryb59WI0fIoN2zgoT-zBYkMHNEk4fGPPQn7fFr8n0qrLrPqVD7xtuHvKzxhNX_2LarIhsg%26adurl%3D&documentReferer=https%3A%2F%2F2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fskypost.ulifestyle.com.hk&random=4448063797848&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Thu, 23 Nov 2023 03:22:52 +0100
sync.js
ads54.adtelligent.com/ Frame 5122 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads54.adtelligent.com/sync.js?aid=694829
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
b1cdc0cf76bdaac07b1471ef56a34299aab7a6bc923b56fe7a36d86e81af8c0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:52 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
text/javascript
Access-Control-Allow-Origin
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1170
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 35A7 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 23:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
100884
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Nov 2024 23:21:28 GMT
campaign
ads54.adtelligent.com/tracking/ Frame 5122 		43 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads54.adtelligent.com/tracking/campaign?code=2001&dae=false&cec=true&speedLog=true&adid=3699F258A16997BB&cmpId=538100&aid=694829&i_top_domain=https%3A%2F%2Fskypost.ulifestyle.com.hk&event=1
Requested by
Host: ads54.adtelligent.com
URL: https://ads54.adtelligent.com/display/?adid=3699F258A16997BB&aid=694829&cb=1807155687
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:52 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
campaign
ads54.adtelligent.com/tracking/ Frame 5122 		43 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads54.adtelligent.com/tracking/campaign?code=0&adid=3699F258A16997BB&cmpId=538100&aid=694829&i_top_domain=https%3A%2F%2Fskypost.ulifestyle.com.hk&event=1
Requested by
Host: ads54.adtelligent.com
URL: https://ads54.adtelligent.com/display/?adid=3699F258A16997BB&aid=694829&cb=1807155687
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:52 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
sdk.js
adsdk.microsoft.com/native-to-display/ Frame 5571 		91 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Origin
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Thu, 23 Nov 2023 03:22:52 GMT
content-encoding
br
last-modified
Fri, 10 Nov 2023 19:05:36 GMT
vary
Accept-Encoding
x-azure-ref
20231123T032252Z-ttxx6t00kx7w5d6xe0kzza1ar40000000hhg00000000347r
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
551ad05e-d01e-00ca-4f09-14e0ef000000
cache-control
private, max-age=3600
x-cache
TCP_HIT
x-ms-version
2009-09-19
it
fra1-ib.adnxs.com/ Frame 5571 		0
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fra1-ib.adnxs.com/it?an_audit=0&referrer=https://skypost.ulifestyle.com.hk/&e=wqT_3QLNCPBMTQQAAAMA1gAFAQiLi_uqBhDtk6P0-Puz2ngY1-Hvp8GhjqMWKjYJhmWmXaRuuT8RDHrEJRwpuD8ZAAAAQArX8z8hDHrEJRwpuD8phmUJJNgxAAAAwPUovD8wkrL0CTiUXUC1XkjjA1C6iYq2AViU_JEBYABo77arAXjAiAaAAQGKAQNVU0SSBQb0vQOYAawCoAH6AagBAbABALgBAcABBcgBAtABCdgBAOABAPABANgCAOAC-b9a6gIiaHR0cHM6Ly9za3lwb3N0LnVsaWZlc3R5bGUuY29tLmhrL4ADAIgDAZADAJgDFKADAaoDtwMKzQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1hMDQwNWQ2Mi1kMmRhLTQzYjYtYThjOS1kNmJjZTQ1MjFiMzUmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPWEwNDA1ZDYyLWQyZGEtNDNiNi1hOGM5LWQ2YmNlNDUyMWIzNSZydHlwZT1udXJsJnRhZ0lkPTIwNzgxMzMwJnRyYWZmaWNHcm91cD1rbmFxZV8zYyZ0cmFmZmljU3ViR3JvdXA9a25hcWVfM2NfcDJmX2NwJmFpZD0ke0FVQ1RJT05fSUR9JndwPSR7QVVDVElPTl9QUklDRX0SBTEyMDg1GhM4Njk3ODA1MzM5NDM1MjU2MzAxIgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9EUXhPREUzTnpFM016TXpOak1qTWpNek5UazRNVEUzTXpBMU1qWXhOUT09wAPYBMgDANgDjZFV4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQYMmEwMDpjOTg6MjA1MDphMDA3OjI6OjExqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBLqJirYB-gQSCQAAAGBtDUlAEQAAAOBNQiFAiAUBmAUAoAX_1eTC6Ni1qxyqBRAzNjk5RjI1OEExNjk5N0JCwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFyO5e-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHwIgG0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8Aef6AKKCEcKQwAAAYv6M6b4eLTP346Iye2Q49XGRBA-3hMMGRauZBENDRJqT0mAkbZt-IPWWn9fLpq_YIZ8uGM0lFekYDGVAuIfsekQAZUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=6612b063ecdbbc52c77f76949b61518dbdefce92&pp=0.0940
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:52 GMT
an-x-request-uuid
e6146d0d-ed37-4dc5-b924-e64754c796d9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/240/ Frame 5571 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires
Thu, 14 Nov 2024 14:07:00 GMT
Date
Thu, 23 Nov 2023 03:22:52 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
652553
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27680
X-Served-By
cache-lga21956-LGA, cache-fra-eddf8230092-FRA
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
X-Timer
S1700709773.912257,VS0,VE0
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
7, 846974
c.gif
www.bing.com/aes/ Frame 5571
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=cae221c9-d02e-4166-a7a0-32a32837e08c&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=a0405d62-d2da-43b6...
  • https://www.bing.com/aes/c.gif?DI=0
0
547 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2a02:26f0:f500:6::216:5bd4 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: C326A033416744BBBE21D0C23172EE4B Ref B: FRA31EDGE0517 Ref C: 2023-11-23T03:22:53Z
x-cdn-traceid
0.94521302.1700709773.7c7496f6
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Thu, 23 Nov 2023 03:22:53 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5262CFF416A048349CF64317B6F3B8BC Ref B: FRAEDGE1719 Ref C: 2023-11-23T03:22:52Z
x-cdn-traceid
0.94521302.1700709772.7c7496c5
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
62
expires
0
fake_image.png
2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5122 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/fake_image.png
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99c4977a696a30402208dfd301527aa731afb4c22613f748a516be8bfb1462f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
x-content-type-options
nosniff
server
sffe
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1597
x-xss-protection
0
impression
ads54.adtelligent.com/tracking/ Frame 5122 		43 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads54.adtelligent.com/tracking/impression?creativeType=&inViewEnabled=undefined&inViewEvent=undefined&inViewSec=undefined&width=0&height=0&cmpId=538100&nestedLevel=0&tti=151&ttiFromStart=24&isHeadless=false&adid=3699F258A16997BB&aid=694829&i_top_domain=https%3A%2F%2Fskypost.ulifestyle.com.hk
Requested by
Host: ads54.adtelligent.com
URL: https://ads54.adtelligent.com/display/?adid=3699F258A16997BB&aid=694829&cb=1807155687
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:52 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
sync.html
s.console.adtarget.com.tr/ Frame E33C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:242:57ce::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Adtelligent /
Resource Hash
44d18febe35cb8ac1fb4f8844ca2228cf1f7dd452d044ba1fba77c28e0180e71

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
980
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 03:22:52 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
ssc-cms.33across.com/ps/ Frame 3935 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
server
33XP005
x-33x-status
2000208
/
ads.us.e-planning.net/uspd/1/ Frame C950
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
13 B
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
13
content-type
text/html
date
Thu, 23 Nov 2023 03:22:52 GMT
server
openresty
x-sid
AMS-929

Redirect headers

content-type
text/html; charset=iso-8859-1
date
Thu, 23 Nov 2023 03:22:52 GMT
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-929
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 626A 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=55976
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 03:22:52 GMT
expires
Thu, 23 Nov 2023 18:55:48 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame D9E8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame FDBB
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&gdpr=0&gdpr_consent=&gpp={gpp}&gpp_sid={gpp_sid}&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D754412%26extui...
  • https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA
43 B
444 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Thu, 23 Nov 2023 03:22:52 GMT
Etag
ede0b672c2d525c2
Server
Adtelligent

Redirect headers

cache-control
max-age=0, no-cache, no-store
content-length
154
content-type
text/html
date
Thu, 23 Nov 2023 03:22:53 GMT
expires
Thu, 23 Nov 2023 03:22:53 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=754412&extuid=0000EEA
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
pragma
no-cache
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains max-age=604800
x-mnet-hl2
E
sync.html
s.adtelligent.com/ Frame A4EA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5237::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
38f1048becbf634666bdf693feb407fa12dc03c59a7e354b5a25a78db8a06353

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
976
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 03:22:52 GMT
Server
Adtelligent
X-Robots-Tag
noindex
sync
vid.vidoomy.com/ Frame 5122 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D556847%26extuid%3D%7B%7BVID%7D%7D
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
csync
sync.adtelligent.com/ Frame 5122
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D751004%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=7991369511556427666
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=7991369511556427666
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:52 GMT
Server
Adtelligent
Etag
ede0b672c2d525c2
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:52 GMT
an-x-request-uuid
65308d73-ab4b-4304-a71b-01c809251005
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.adtelligent.com/csync?t=a&ep=751004&extuid=7991369511556427666
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 5122
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D297253%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7991369511556427666
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7991369511556427666
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:52 GMT
Server
Adtelligent
Etag
ede0b672c2d525c2
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:52 GMT
an-x-request-uuid
d3b6216e-8bf3-41ab-8992-fe71187e62b3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.adtelligent.com/csync?t=a&ep=297253&extuid=7991369511556427666
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 5122
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent
  • https://sync.1rx.io/usersync2/rmpssp?sub=adtelligent&zcc=1&cb=1700709772992
  • https://ad.turn.com/r/cs?pid=45&rndcb=5482957649
  • https://sync.1rx.io/usersync/turn/9174116025982367635?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-ac98bcf3-e919-4e26-b540-51c6d66e7382-003?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D541630%26extuid%3DRX-ac98bcf3-e919-4e26-b540...
  • https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-ac98bcf3-e919-4e26-b540-51c6d66e7382-003
43 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-ac98bcf3-e919-4e26-b540-51c6d66e7382-003
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:53 GMT
Server
Adtelligent
Etag
ede0b672c2d525c2
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=541630&extuid=RX-ac98bcf3-e919-4e26-b540-51c6d66e7382-003
date
Thu, 23 Nov 2023 03:22:53 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXac98bcf3e9194e26b54051c6d66e7382003
content-type
text/html
csync
sync.adtelligent.com/ Frame 5122
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D584890%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7991369511556427666
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7991369511556427666
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:52 GMT
Server
Adtelligent
Etag
ede0b672c2d525c2
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:52 GMT
an-x-request-uuid
62948b29-bd19-4051-b3ed-aa36c4c0f077
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.adtelligent.com/csync?t=a&ep=584890&extuid=7991369511556427666
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
csync
sync.adtelligent.com/ Frame 5122
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr={GDPR_APPLIES}&gdpr_consent={TCF_CONSENT_STRING}&us_privacy=&cb=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310531%26gdpr%3D0%26gdpr_consent%3D%2...
  • https://sync.adtelligent.com/csync?t=a&ep=310531&gdpr=0&gdpr_consent=&gpp={gpp}&gpp_sid={gpp_sid}&extuid=
43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=310531&gdpr=0&gdpr_consent=&gpp={gpp}&gpp_sid={gpp_sid}&extuid=
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:52 GMT
Server
Adtelligent
Etag
ede0b672c2d525c2
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://sync.adtelligent.com/csync?t=a&ep=310531&gdpr=0&gdpr_consent=&gpp={gpp}&gpp_sid={gpp_sid}&extuid=
date
Thu, 23 Nov 2023 03:22:52 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
pixel
ap.lijit.com/ Frame 5122 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D310570%26extuid%3D%24UID
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Nov 2023 03:22:52 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
csync
sync.adtelligent.com/ Frame 5122
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=7991369511556427666
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=7991369511556427666
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
185.83.71.234 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:52 GMT
Server
Adtelligent
Etag
ede0b672c2d525c2
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:52 GMT
an-x-request-uuid
9bdfe568-a536-4ef0-ae58-96b34fd2aaea
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=7991369511556427666
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
speed
ads54.adtelligent.com/tracking/ Frame 5122 		43 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads54.adtelligent.com/tracking/speed?network=72&queue=12
Requested by
Host: ads54.adtelligent.com
URL: https://ads54.adtelligent.com/display/?adid=3699F258A16997BB&aid=694829&cb=1807155687
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:52 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
PugMaster
image6.pubmatic.com/AdServer/ Frame 626A 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=37887435&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
content-length
0
th
www.bing.com/ Frame 5571 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.7559548859346_1UKU76M808M5VQRJNM&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=300&h=157&qlt=90
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f500:6::216:5bd4 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
6a7617bd8b5dca30224acbfed56b2e3aabf2c6fb6f83b70c875f57ef0ad76bd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid
0.94521302.1700709773.7c7496f4
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
15469
alt-svc
h3=":443"; ma=93600
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6BE4 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11924&pub_id=1929161
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
67507
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 23 Nov 2023 03:22:53 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
453, 390422
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230112-FRA
X-Timer
S1700709773.035020,VS0,VE0
rd_log
fra1-ib.adnxs.com/ Frame 5571 		0
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/rd_log?an_audit=0&referrer=https://skypost.ulifestyle.com.hk/&e=wqT_3QKNBfBMjQIAAAMA1gAFAQiLi_uqBhDtk6P0-Puz2ngY1-Hvp8GhjqMWKjYJhmWmXaRuuT8RDHrEJRwpuD8ZAAAAQArX8z8hDHrEJRwpuD8phmUJJNgxAAAAwPUovD8wkrL0CTiUXUC1XkjjA1C6iYq2AViU_JEBYABo77arAXjAiAaAAQGKAQNVU0SSBQbwyZgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEJ2AEA4AEA8AEA2AIA4AL5v1rqAiJodHRwczovL3NreXBvc3QudWxpZmVzdHlsZS5jb20uaGsvgAMAiAMBkAMAmAMUoAMBqgMAwAPYBMgDANgDjZFV4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQYMmEwMDpjOTg6MjA1MDphMDA3OjI6OjExqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBLoB7fBJ-gQSCQAAAGBtDUlAEQAAAOBNQiFAiAUBmAUAoAX_1eTC6Ni1qxyqBRAzNjk5RjI1OEExNjk5N0JCwAUAyQUAAAAAAADwP9IFCQkFC3wAAADYBQHgBQHwBcjuXvoFBAgAEACQBgCYBgC4BgDBBgEhNAAA8D_QBsKNBNoGFgoQCRIZAXAQABgA4AYB8gYCCACABwGIBwCgBwHIB8CIBtIHDQGrBQEBJgjaBwYBXvBtGADgBwDqBwIIAPAHn-gCighHCkMAAAGL-jOm-Hi0z9-OiMntkOPVxkQQPt4TDBkWrmQRDQ0Sak9JgJG2bfiD1lp_Xy6av2CGfLhjNJRXpGAxlQLiH7HpEAGVCAAAgD-YCAHACADSCAYIABAAGAA.&s=28561db964d46f1a4fa9ffe56d4ca29d5224c2d4&bdref=https%3A%2F%2Fskypost.ulifestyle.com.hk%2F&bdtop=true&bdifs=3&bstk=https%3A%2F%2Fskypost.ulifestyle.com.hk%2F,https%3A%2F%2F2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html,https%3A%2F%2F2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html,https%3A%2F%2F2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
an-x-request-uuid
8ccd7080-2e79-4e8a-a065-68ca15ad8598
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
s.console.adtarget.com.tr/sync/ Frame 28DC 		0
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync/?aid=755289&gdpr_source=none&refer=https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=755289
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a01:4f8:242:57ce::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.console.adtarget.com.tr/sync.html?aid=755289
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.console.adtarget.com.tr
Connection
Keep-Alive
Content-Length
0
Date
Thu, 23 Nov 2023 03:22:52 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
s.adtelligent.com/sync/ Frame 1CE7 		0
266 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync/?aid=651796&gdpr_source=none&refer=https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5237::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.adtelligent.com/sync.html?aid=651796
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://s.adtelligent.com
Connection
Keep-Alive
Content-Length
0
Date
Thu, 23 Nov 2023 03:22:52 GMT
Server
Adtelligent
X-Robots-Tag
noindex
vevent
fra1-ib.adnxs.com/ Frame 5571 		0
699 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https://skypost.ulifestyle.com.hk/&e=wqT_3QLNCPBMTQQAAAMA1gAFAQiLi_uqBhDtk6P0-Puz2ngY1-Hvp8GhjqMWKjYJhmWmXaRuuT8RDHrEJRwpuD8ZAAAAQArX8z8hDHrEJRwpuD8phmUJJNgxAAAAwPUovD8wkrL0CTiUXUC1XkjjA1C6iYq2AViU_JEBYABo77arAXjAiAaAAQGKAQNVU0SSBQb0vQOYAawCoAH6AagBAbABALgBAcABBcgBAtABCdgBAOABAPABANgCAOAC-b9a6gIiaHR0cHM6Ly9za3lwb3N0LnVsaWZlc3R5bGUuY29tLmhrL4ADAIgDAZADAJgDFKADAaoDtwMKzQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1hMDQwNWQ2Mi1kMmRhLTQzYjYtYThjOS1kNmJjZTQ1MjFiMzUmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPWEwNDA1ZDYyLWQyZGEtNDNiNi1hOGM5LWQ2YmNlNDUyMWIzNSZydHlwZT1udXJsJnRhZ0lkPTIwNzgxMzMwJnRyYWZmaWNHcm91cD1rbmFxZV8zYyZ0cmFmZmljU3ViR3JvdXA9a25hcWVfM2NfcDJmX2NwJmFpZD0ke0FVQ1RJT05fSUR9JndwPSR7QVVDVElPTl9QUklDRX0SBTEyMDg1GhM4Njk3ODA1MzM5NDM1MjU2MzAxIgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9EUXhPREUzTnpFM016TXpOak1qTWpNek5UazRNVEUzTXpBMU1qWXhOUT09wAPYBMgDANgDjZFV4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQYMmEwMDpjOTg6MjA1MDphMDA3OjI6OjExqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBLqJirYB-gQSCQAAAGBtDUlAEQAAAOBNQiFAiAUBmAUAoAX_1eTC6Ni1qxyqBRAzNjk5RjI1OEExNjk5N0JCwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFyO5e-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHwIgG0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8Aef6AKKCEcKQwAAAYv6M6b4eLTP346Iye2Q49XGRBA-3hMMGRauZBENDRJqT0mAkbZt-IPWWn9fLpq_YIZ8uGM0lFekYDGVAuIfsekQAZUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=6612b063ecdbbc52c77f76949b61518dbdefce92&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=157&sid=5073649821559241344&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=20781330&sw=1600&sh=1200&pw=300&ph=254&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
an-x-request-uuid
5bbdc43e-5291-4080-b52e-77b7d7c3e1b4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 6BE4 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11924&pub_id=1929161&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11924&pub_id=1929161
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
an-x-request-uuid
c6a39fb3-8391-4515-993c-311f5ba22899
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
request_content.php
hal900021.redintelligence.net/ Frame 0294 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900021.redintelligence.net/request_content.php?s=95876400007913810115215012517021&a=59e208ba
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
55235a5c4a15bb1ca9d9d93b9ad4a6ffcb22fc63bf60aa4054f64fb9e0f626c6

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1504
Content-Type
text/html; charset=utf-8
Date
Thu, 23 Nov 2023 03:22:53 GMT
Expires
Thu, 23 Nov 2023 03:22:53 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 6A55 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 03:22:53 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
rd_log
ams3-ib.adnxs.com/ Frame BC25 		0
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A&e=wqT_3QLsBKBsAgAAAwDWAAUBCIuL-6oGEIm5_cj6pcmbRhgAKjYJuB6F61G4zj8RuA0JJBkAAACA61HwPyERGwApEQkQMQAAAOABLaAww9f6DDilFUCuS0i7A1AAWK7QoQFgAGiztyt4nPUFgAEBigEDVVNEkgUG9D4BmAHYBaABWqgBAbABALgBAMABBcgBAtABANgBAOABAPABANgC6hDgAr6DXuoCPmh0dHBzOi8vc2t5cG9zdC51bGlmZXN0eWxlLmNvbS5oay9hcnRpY2xlLzMzODQxNDcv6aaZ5riv54-K55GagAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgDjZFV4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3OC4xNjIuMjA5LjEzM6gEALIEDwgAEAEYygcgWigAMAA4ArgEAMAE8vS5IsgEANoEAggB4AQA8AQAiAUBmAUAoAWOydyGpdCYzGHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWkyR76BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9oGFgoQAAAAAAVBDQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAec9QXSBw0JDSUFJgzaBwYIBQnwa-AHAOoHAggA8AejIIoIRwpDAAABi_ozpvhGNyUvqR9ciaxSKIK703wzLHHjfakHtYT7VIu6DM4KFIqSiB9-RKTH_ZJ3jnp5yt4jXz4q_f2vVX8XrRABlQgAAIA_mAgBwAjqENIIBggAEAAYAA..&s=f00c12d1a58d6e1fa60f49691df37db0b3c11607&bdref=https%3A%2F%2Fskypost.ulifestyle.com.hk%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fskypost.ulifestyle.com.hk%2F,https%3A%2F%2F2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html,https%3A%2F%2F2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
an-x-request-uuid
7ec59785-d440-4c03-b5d5-b53ca7178ea5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
init
gw.geoedge.be/api/ Frame BC25 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2a00:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 03:22:53 GMT
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-length
0
x-amz-cf-id
ssaxsqvuFPzdqqoOveMvsGDBPHXYvn_mJ5yD-BrkFfWUszc3kKBscw==
x-cache
Miss from cloudfront
vevent
ams3-ib.adnxs.com/ Frame BC25 		0
698 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A&e=wqT_3QKdBaCdAgAAAwDWAAUBCIuL-6oGEIm5_cj6pcmbRhgAKjYJuB6F61G4zj8RuA0JJBkAAACA61HwPyERGwApEQkQMQAAAOABLaAww9f6DDilFUCuS0i7A1AAWK7QoQFgAGiztyt4nPUFgAEBigEDVVNEkgUG9GkBmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgAr6DXuoCPmh0dHBzOi8vc2t5cG9zdC51bGlmZXN0eWxlLmNvbS5oay9hcnRpY2xlLzMzODQxNDcv6aaZ5riv54-K55GagAMAiAMBkAMAmAMXoAMBqgMuGhM1MDU5NTUzNTkzMDA1MTM3MDMzKgdydWJpY29uOg4yMjQ5OjUzMzc4MTk0MsAD2ATIAwDYA42RVeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xMzOoBACyBA8IABABGMoHIFooADAAOAK4BADABPL0uSLIBADaBAIIAeAEAfAEAIgFAZgFAKAFjsnchqXQmMxhwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFpMke-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_aBhYKEAAJPxUBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHnPUF0gcNCREnASYM2gcGCAUJ8G7gBwDqBwIIAPAHoyCKCEcKQwAAAYv6M6b4RjclL6kfXImsUiiCu9N8Myxx432pB7WE-1SLugzOChSKkogffkSkx_2Sd456ecreI18-Kv39r1V_F60QAZUIAACAP5gIAcAI6hDSCAkI____PxAAGAA.&s=16319ec38da5ba5913008addfc1cedc789a61efa&type=nv&nvt=5&jm=1003&px=0&py=0&bw=728&bh=90&sid=5073649821559241344&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27175875&sw=1600&sh=1200&pw=728&ph=94&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
an-x-request-uuid
5aec1f13-6c4d-4cc0-9ee7-aaa7ae9e8d08
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 6A55 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
110cc45a86a31a5f20d26a85ac76a5fe104679a252808455075fa55390f63993

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 21:12:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=64187
Connection
keep-alive
Content-Length
13229
Expires
Thu, 23 Nov 2023 21:12:40 GMT
/
track.adform.net/adfscript/ Frame 0294 		732 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=69427185;click=https://hal900021.redintelligence.net/c/plz9j5sm1c8iqr3?tprd=
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=95876400007913810115215012517021&a=59e208ba
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
713b8d605d9725a62dfff943e853161569f900a8620e254b47977245a21171f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
532
expires
-1
viewability
hal900021.redintelligence.net/ Frame 0294 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900021.redintelligence.net/viewability?s=95876400007913810115215012517021&a=9152852c&vb=m
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=95876400007913810115215012517021&a=59e208ba
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/request_content.php?s=95876400007913810115215012517021&a=59e208ba
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:53 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 35A7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BMj8NjMVeZceEKJemjuwPusyGqAYAAAAAOAHgBAI&bg=!6eql6qXNAAZxrfrxUa07ADQBe5WfOKkXagSpQ5cwWbEp_hUJjHGAS-ankxdGbQ3IeKfRntEJjmuzKGd76TcMZu__4_uiAgAAAK9SAAAAAmgBB5kDXaqtwMsV7rp9QxRoTc7pUygsECYCoo42lbXI-YEDT65wM2QwxD1QYFuSazKDGNEpaGgJSMLXL8qx_p0MT_HGYXmRQ3LITRj5xCOyVC-M-5dAJDrMxuY-Rr2Zu5CYGgG2EQwbX-aLEUFKp6qjjwcMmNeyc6b0B6Ck1F3CE1FTiX4-VsXYVfnJjI_0t8zEKbTzyiNuVEqQY6D3QjpkHXrqXFrjJWcAWFWTXsDzzch0aj74BHa9YUfUg6QB_AVcf1zca7dSD3ZQ24XlOumaWZGJod2OWCQOOPLb-CGW14l5twYuheb551j01FQEHhCK38FPurW7lZps3CraUpDqW2T3FB-d9jGaZMY47N4ttTOP8t-zk_vRd_94dEZS3q5HYpDTHYQYN-EMT8AAAaR12c49zlhY0G-k2NZrWtdRxX01FwQ1pMy2WvUfeaN1blOXbjPceq0JG99AYS3KD2CsSqpvH_f34QXjX1MBp0q3sT2SIWlkavw9bLPs42zxEmuYDDlv156AHuEI6REgeY_NTlzSqdOt-5k7cKIQ5bViQMjzWc_C7gpEpHV9AIrI7Zyj_sLHyBYdslMD9gfe89JgwSDsIfem3Cd9DRCNdtIMaYZSQRix8YWDDF_uYX4KyEFzX5vRQSFstEYoVgUcEob2PQD2Y2pmTWXUTwg9BVOs3UsPT3AxBHPg6WIW0fRIBymMYn6wlKpI4wPXSXjKZurBx-LjJ3IgHytYyGT590Fu81qI9UIDyC-QPF-Wmh5VByyxsvF0q7ydr9oCu-XH7UIiRLtTAOTM2wQ7PrF0i8XDhejDpmJ-kH8GJvzjPaMLYSPlUna527WAH62eyEzO-jb2xSAiTFg6mu77QCWWzwHZvNrz2w-TUHue7qEFpX4c6lbffluy0IzJisL0q-OWWW4kyVLngUdA9kh-GvzUcodF3Yurx27pBLvTYtCtrz73dBKo4k1s64_aT5iBvvrjGWe5i0fI-gRq8gYB8i3vXskQX9o50x67Y-0RIBL0OSAmCoY88qoHGHHcM3ypiuTrRSyvzWvW99n9v-rbty_xQ3cYMOyM2ujkhYq4qPkQdEBMEuXd1sdWkEPg8eZeLYl1BpjfoFlhuklekN4kfpiODYSD8cRi13FxePB-1zFs86HuhoK2vw
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 6A55 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame 0294 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=69427185;click=https://hal900021.redintelligence.net/c/plz9j5sm1c8iqr3?tprd=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c9b3df2175f6b51e8c7ca74de67d096dad198f28de115078f9332fa3fb379ab5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 10:42:02 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 18 Nov 2023 15:27:20 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3272521849198029&correlator=569039903657873&eid=31079668%2C31079673%2C31079657%2C44807410%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=21751243814%3A183518426%2C222913-300-250-15&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=9&didk=1585714553&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dd99d1b6563fc9bfc%3AT%3D1700709770%3ART%3D1700709770%3AS%3DALNI_MYDU_TML-Ek6t8eK8e6Boe8HJL4LQ&gpic=UID%3D00000cd89979a03b%3AT%3D1700709770%3ART%3D1700709770%3AS%3DALNI_MaarDuukHbRQr1v6TQrHobzRdUQBg&abxe=1&dt=1700709773225&lmt=1700709773&adxs=494&adys=1578&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&vis=1&psz=300x250&msz=300x-1&fws=4&ohw=300&psts=AOrYGskMurQZiChUeTXsXh-SFSzrONJ3RjSjnc7GLRQxWAwJiWsCgc-4pI1VV9ZEgURZ0RLKEoOF4j4NJ8OVJq5xYkRvMglf3zw%2CAOrYGskIS98r6q_N0WnShcbl_cfM_LGqTBQzRygQN1t_-k-DcZ9PLRp4VQ4AECOAgiOR2ErBFrLo14qipIyRhLSZHj6dFidG_L4&ga_vid=95362296.1700709770&ga_sid=1700709770&ga_hid=1231077867&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY0MjO0b8xSABSAghkEhkKCnB1YmNpZC5vcmcY-MjO0b8xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGM_IztG_MUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lSalJ1TjB3M05URlRTbUZ0YVZweFYwbzNjbmd4VVQwOUluMD0YtcvO0b8xSAASGQoKdWlkYXBpLmNvbRjQyM7RvzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNjJztG_MUgAUgIIag..&dlt=1700709768198&idt=2089&prev_scp=prebidtrue%3D0%26refresh1%3D0%26adl_dis%3D-1%26hb_format_getapp%3Damp%26hb_size_getapp%3D300x250%26hb_pb_getapp%3D0.06%26hb_adid_getapp%3D140e0528fe21a2b1%26hb_bidder_getapp%3Dgetapp%26hb_format_adtelligen%3Damp%26hb_size_adtelligent%3D300x250%26hb_pb_adtelligent%3D0.12%26hb_adid_adtelligent%3D1472acac1044abb3%26hb_bidder_adtelligen%3Dadtelligent%26hb_format_projectago%3Damp%26hb_size_projectagora%3D300x250%26hb_pb_projectagora%3D0.18%26hb_adid_projectagora%3D1425259bc6a5c13c%26hb_bidder_projectago%3Dprojectagora%26hb_format_abmxandr%3Damp%26hb_size_abmxandr%3D300x250%26hb_pb_abmxandr%3D0.02%26hb_adid_abmxandr%3D1388e40740cbe188%26hb_bidder_abmxandr%3Dabmxandr%26hb_format_oftmedia%3Damp%26hb_size_oftmedia%3D300x250%26hb_pb_oftmedia%3D0.02%26hb_adid_oftmedia%3D144db9d3745135ab%26hb_bidder_oftmedia%3Doftmedia%26hb_size%3D300x250%26hb_format%3Damp%26hb_pb%3D0.18%26rtb_pb%3D0.18%26hb_adid%3D1425259bc6a5c13c%26hb_bidder%3Dprojectagora&cust_params=adl_ip%3Dadloox-dc%26adl_ok%3D1%26prebidtrue%3D0&adks=1439915813&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14597c12750ea6b0b8c8850329a57f144bb2eb672d1877e7821775f08a2b3601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12959
x-xss-protection
0
google-lineitem-id
5017564534
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138265691450
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
469 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&pid=ERiORgkuqC9LQ&cb=2&ws=1600x1200&v=23.1108.2350&t=3500&slots=%5B%7B%22sd%22%3A%22andbeyond9702%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F21751243814%2C183518426%2F212365-970-90-2%22%7D%5D&schain=1.0%2C1!andbeyond.media%2C11406%2C1%2C%2C%2C&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
N8HDAVZRH387H1BPMRDN
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
ROQalcCOd1hIbEIF2nsuMP2zPUOJmB_MM6hCVN3XDCAaQ3euQseqpw==
/
prebid.smilewanted.com/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
82a64a535f7765b0-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
c
prebid.a-mo.net/a/ 		0
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
date
Thu, 23 Nov 2023 03:22:53 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
8
server
envoy
vary
origin, Accept-Encoding
/
ghb.adtelligent.com/v2/auction/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5241::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
a61ca2cb7c77299959a5d21d96023b4d44ae106071ef64cd2416cc9953ae1895

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 03:22:53 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://skypost.ulifestyle.com.hk
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1116
v1
prg-apac.smartadserver.com/prebid/ 		171 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:52 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		60 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 23 Nov 2023 03:22:53 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 4 inventory rules not found for mediatype: banner and adUnitCode: andbeyond9702
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
82a64a536e3b363e-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		378 B
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=407386&zone_id=2284406&size_id=2&alt_size_ids=1%2C55&rp_schain=1.0,1!andbeyond.media,11406,1,,,&eid_pubcid.org=44601fed-0484-4e06-81c4-7b85af44d44d%5E1&rf=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&tg_i.domain=skypost.ulifestyle.com.hk&tg_i.page=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&tk_flint=rtbpbjs_lite_v7.54.5&x_source.tid=0a27fc1f-c2cf-4efa-b603-dcdf8818e88b&l_pb_bid_id=159a6f0396db349a&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&x_imp.ext.tid=0a27fc1f-c2cf-4efa-b603-dcdf8818e88b&rp_maxbids=1&slots=1&rand=0.3203867110643248
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
67172680649ba6635cfd212de449379353aac8085e681d279c4c8383875d0b18

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
378
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
date
Thu, 23 Nov 2023 03:22:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e82857f2c6dd45cf085dcec7fe5623a0350da2f98f49ad67290741697ab2e110
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
gzip
an-x-request-uuid
0a9d5496-6634-4d02-8273-1b96eb09cc99
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
457b9b529dcddccad8ec9362d757b4556b85d4a58f220116d63053dd65c932a2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
gzip
an-x-request-uuid
a73c7273-7f7e-4709-98c7-9aec8a985eee
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
cdb
bidder.criteo.com/ 		0
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=37708074620&lsavail=1&bundle=bXmsI19WJTJGOEVKc1hQZVRxSHRYNEFDWUJQS2hsa1owQmc4ViUyQllaWmhRUUVlU2cxNGs0MU0wUGJkWkNTV3pvS05VaEM0ME13dkkxZVN0YjRJSUQ4WHhEbUZiZFlFVG9aeExYN09SamZRWmJBdlZXdm1sSzFTa1RlUEFXeFBYMVRpVCUyRmwzTXJEOWh5OTUlMkZLTVZCJTJGU0dPcUUyQk1GSks3TlpKTTVSRlI2UHJtUDIlMkJmcTQlM0Q
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
date
Thu, 23 Nov 2023 03:22:53 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
bid
ap.lijit.com/rtb/ 		25 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.5
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
34956363f00922beb753859cb7dd0cf747f7ddd404bc740ff5a271bd9296bcc7

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 03:22:53 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://skypost.ulifestyle.com.hk
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
92df7257fe7419c603a77c761dca5040f9709e9b7a10aff316c9cbe52687417a

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 03:22:53 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://skypost.ulifestyle.com.hk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1836
Expires
0
prebid
prebid.media.net/rtb/ 		338 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUO7Q43N
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
cad7ae6fedb8a4e8995da0b3858c27428768d0078d56359a2d2e26331e613a66

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:52 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Nov 2023 03:22:53 GMT
header
hb.aralego.com/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-D23E2BEE44B68B320DD32DD8D7BAA677&tdid=&schain=&eids=&pubcid=44601fed-0484-4e06-81c4-7b85af44d44d&u=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&host=skypost.ulifestyle.com.hk&ucfUid=25d79635-eb14-494a-b0f1-d2c0b49dffa2&w=970&h=90
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://skypost.ulifestyle.com.hk
Date
Thu, 23 Nov 2023 03:22:52 GMT
Access-Control-Allow-Credentials
true
Connection
close
prebid-request
onetag-sys.com/ 		15 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
hbjson
grid.bidswitch.net/ 		25 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.246.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-246-226.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e9ce486b1b192d6f873475440598b5459986647368e95983222ef97778748abc

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 03:22:53 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
50
bid-request
rtb.adpone.com/ 		784 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adpone.com/bid-request?pid=12272312193086
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a999db52b0dbdbbb664ad9db1e747ac1aa6071fb0032b3c1b3f9386fdaa03d4f

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYhjyH%2FtR1XGxQDcD6bNip9l1teNoCd2cMurfeUUbTbQ0RbqkJmbzstkFog8RYwAAu2YS8f63Sqhp9XuMKbDIdINUZjaYypDk3UB1VoJbocwlifFUg8ypM8HVXzUep39IkluaPHLmOepiCA9"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
access-control-allow-credentials
true
cf-ray
82a64a537c9371a9-FRA
prebid
ib.adnxs.com/ut/v3/ 		23 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
1e62bf3991551fdbcb9d0855ed93536078ad9754e9c2354e5c40623369d6ee5b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
gzip
an-x-request-uuid
82c86a2a-7838-4b02-8ff0-98b1912f0f63
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&pid=ERiORgkuqC9LQ&cb=3&ws=1600x1200&v=23.1108.2350&t=3500&slots=%5B%7B%22sd%22%3A%22andbeyond7281%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F21751243814%2C183518426%2F212365-728-90-1%22%7D%5D&schain=1.0%2C1!andbeyond.media%2C11406%2C1%2C%2C%2C&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.9.235 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-9-235.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
61HMNSQ61E7YS04STAQE
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
54hfIqfAoeRryW5uX1reFWe7rx22xY3l7O7uF_eeKi_OP2MLPaCS9w==
/
prebid.smilewanted.com/ 		0
36 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
82a64a538f9065b0-FRA
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
c
prebid.a-mo.net/a/ 		0
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.66 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
date
Thu, 23 Nov 2023 03:22:53 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
12
server
envoy
vary
origin, Accept-Encoding
bid-request
a.teads.tv/hb/ 		16 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.21.51 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-21-51.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Thu, 23 Nov 2023 03:22:53 GMT
/
ghb1.adtelligent.com/v2/auction/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a0c:5c87:5239::2 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
58731c790dda2344ce5c8624304a666109685afdb7c7afebe91be0878c04fe9c

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 03:22:53 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://skypost.ulifestyle.com.hk
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1119
v1
prg-apac.smartadserver.com/prebid/ 		171 B
567 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:52 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		60 B
210 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:994e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Thu, 23 Nov 2023 03:22:53 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 3 inventory rules not found for mediatype: banner and adUnitCode: andbeyond7281
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
82a64a539e54363e-FRA
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		377 B
411 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17054&site_id=407386&zone_id=2284400&size_id=2&alt_size_ids=1&rp_schain=1.0,1!andbeyond.media,11406,1,,,&eid_pubcid.org=44601fed-0484-4e06-81c4-7b85af44d44d%5E1&rf=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&tg_i.domain=skypost.ulifestyle.com.hk&tg_i.page=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&tk_flint=rtbpbjs_lite_v7.54.5&x_source.tid=73b86a3c-7ff0-4a40-928b-d06b1fca4bdf&l_pb_bid_id=20080e9263097257&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&x_imp.ext.tid=73b86a3c-7ff0-4a40-928b-d06b1fca4bdf&rp_maxbids=1&slots=1&rand=0.7420778478569541
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
953a10758050b38f4a96c3672ef06affcb792176bc3bc457ffbd38d8ef193b1d

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
377
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
date
Thu, 23 Nov 2023 03:22:52 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7aa4efac2e732b308af59d7b8debb27dd2c07ec78a6d7e50b7287187312ce026
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
gzip
an-x-request-uuid
cf5948db-2ae9-4008-9ea3-d1ab77ea6334
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		14 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
14cd90dc210dc1bbfc534d5306028e3720dae279385da08eeb52f6d6ec131539
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
gzip
an-x-request-uuid
18ff4915-7251-4571-9e4a-85135d0e220e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
adjson
ads.betweendigital.com/ 		2 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=7.54.5&cb=27574062110&lsavail=1&bundle=bXmsI19WJTJGOEVKc1hQZVRxSHRYNEFDWUJQS2hsa1owQmc4ViUyQllaWmhRUUVlU2cxNGs0MU0wUGJkWkNTV3pvS05VaEM0ME13dkkxZVN0YjRJSUQ4WHhEbUZiZFlFVG9aeExYN09SamZRWmJBdlZXdm1sSzFTa1RlUEFXeFBYMVRpVCUyRmwzTXJEOWh5OTUlMkZLTVZCJTJGU0dPcUUyQk1GSks3TlpKTTVSRlI2UHJtUDIlMkJmcTQlM0Q
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
df10add3a056e9782c3cd7aa922faeb823b115c6d5d268d0ce5b6ce9f6103f5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
bid
ap.lijit.com/rtb/ 		25 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.54.5
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
0273be73e95a39baf357cb835560edd63cabcd9f3d36c31e4df2afb3850afbe6

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 03:22:53 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://skypost.ulifestyle.com.hk
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
915acac60a9d3a9958f6f694627cb4e9544a8fc4b6f6682e39403351f47f1d7c

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 03:22:53 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://skypost.ulifestyle.com.hk
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1836
Expires
0
prebid
prebid.media.net/rtb/ 		338 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUO7Q43N
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
d6ae1c5098bdfb081fd5af77fdc4fc796b3b527f709df92f981b8047be5f0e08

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:52 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 23 Nov 2023 03:22:53 GMT
header
hb.aralego.com/ 		0
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-273A79AA67429ED8182DBA83968D24D6&tdid=&schain=&eids=&pubcid=44601fed-0484-4e06-81c4-7b85af44d44d&u=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&host=skypost.ulifestyle.com.hk&ucfUid=25d79635-eb14-494a-b0f1-d2c0b49dffa2&w=728&h=90
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://skypost.ulifestyle.com.hk
Date
Thu, 23 Nov 2023 03:22:53 GMT
Access-Control-Allow-Credentials
true
Connection
close
prebid-request
onetag-sys.com/ 		15 B
421 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
hbjson
grid.bidswitch.net/ 		25 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.246.226 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-246-226.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c4d5ad77746a43cc1676c326895402cc114de12d95933c21232f464d11554039

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 23 Nov 2023 03:22:53 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
50
bid-request
rtb.adpone.com/ 		816 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adpone.com/bid-request?pid=122723121923147
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:a19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2b77642f39477b49659afff1b91b1fe79ee17709151e47a97814552a455d5b2

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgbKtZGyNBLlYNBGr%2Fm2vMQ84GltNVbWlINbLNCnNktoDU5GgsTBlSxhPYpftzp6NVfFojfa%2F8Djk%2FRvep3SMAyIpF6QEZOe2lFg78YnHuAePYpSP18%2BMjrcq8DMV%2FVeLoEaVqO4d25xhAdh"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
access-control-allow-credentials
true
cf-ray
82a64a539ca771a9-FRA
prebid
ib.adnxs.com/ut/v3/ 		23 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
9caea9b15fdb674a6de13762e5434fb4e510aac8013f9977fbe40225c039f17a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
gzip
an-x-request-uuid
ae341cbc-5b15-4a1c-aa32-c442514bda4c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track.adform.net/adfserve/ Frame 0294 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=69427185;click=https://hal900021.redintelligence.net/c/plz9j5sm1c8iqr3?tprd=;js=1;adfxid=1x;7952;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0&CREFURL=https%3A%2F%2Fskypost.ulifestyle.com.hk
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
4e26774c8b30fc06ede8cef9ee5f20d4f450103149a820b45de770ff1bba8ceb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1979
expires
-1
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311090101&jk=3272521849198029&bg=!UVKlUh3NAAZxrfrxUa07ADQBe5WfOM-fXu-ZtbAuVsjNMIRV1h2J5ks4dQtngKKpAbnNRY9HtO6CTWw1r7PHUSyGFwVuAgAAAK1SAAAAAmgBBwoAo-QOU3jpe0cdaZwtGInKNOg3aAQ_U25NhhJ_MpAyB2NWr8sNXpxuGbgvjWGITedHHYVLPc6VY10tG0gTCS0ykE-DAfk6vrRSERCTVI1D7Fjg0yk1ZlYVY3C4K61qYgrt0DgVZB8ZDJbyMxV68S1ChwzPFi4_GUwYZVvsscB5SAN7bhitZ4D0nFPgZjTKIJHrx9pB0kqosN16euHS55Kgng2uTO2ZAswfrX3hfkTr7WoUvlh9WctVNLh1J0O0NhJ8Pkh8s2Pcjx_wwp8AgmOAzznCW1rbmuoEId0QS4xtatH2HPK3bAPP5rZ_9sAlxSIqqrG0VnGwfT68fcRA_rRd9W47k1yKKAyQsZazoflHlMlorHn2mhfj8GVd6HTcsiMJhIPo20DCMhhRKchao1jB6mh8Q_mzhOoHuOI2M8koFQQY7BGhsKmT34ZlE1NWICh4LG8Pb-j7ynBrtp4-jMuSHWx9N1smYlkxdSJ72De1dVtxntx6zDS2I8yv3p-W6bdARu9i6pH9tqoY4HtdoW8KgIvbjnV3eWlu1p00pImg1jVB-Ist5lpGFIB7i6GGHuitOsM_W_1AUiQTifxCx4c7JlvW1YtrcEYQgp5S5-T3VXJ4rmd3Kg8XRctMk6WZoDq7fyBH97gIN9VqjJqIbmzob2ur-8e4Td9EtPq2EG39jo7aIr_d85E9ttZUetB0bHA7jcB-Ba4fHG4WX_uVPxoiaNQbtMlTHeUA2Qdz0CY6tZ8rH0nmxnEKCjS6wZ58P1LAwl9HbgS1YGC-IPqFxxKzw8jQJeHRo5pomR-UkNqANdvq-dq3fZkDgPba_uZz7eFfYN4YaMP-Dqb5wpQ7dsKlffwmrol8P0UZVwT5Y5icgEoc53mLLM-TucGaQ0VyhT7r2vJCQ36MQt-d5iab1bIBRPRikUfTqqJ3migWFeb-zQaEAyswmutlrQnrbFqw7zyQBKXniMlPfqiLmkohJMDE-jL1IVCvT6q-UtHRqVfKbve-vEvYbuLyLhvtvkYyFXlUEU5tAXGtIrTI8-ZXXvEFUrJS2sWiz2aAVqM3MeGaFSKd9r8WSEmeAq4QXh1nlAT5RNPR08iZLieH1SXvxQQZZ5ASKqLRq1xl0cxZ_azx59AtQg0EgzTX3HtSsDk6-2SATAaFgZ6gUQOEjUo6pMbVKqkMog
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
truncated
/ Frame 0294 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Standard
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 0294 		91 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
80958b705988fc97f2179c7a83acfc7353d1145e50ffd2680bbe3e08254708c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 10:42:02 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 18 Nov 2023 15:27:20 GMT
container.html
2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7782 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 03:22:50 GMT
expires
Fri, 22 Nov 2024 03:22:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame DB53 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssgzPlxMtxrIrut00OZrZsXvJ3gKr4WLgG9hV0ptLYz1MlmFGVayrPhufTudqofbZYlpKahjlz9xqqrJ3CBa1vv9J6cQIsvdPXIfF5L0koZEcBDK3LkpChm1raoljk-CP59UUO5dvxxHE_ExTMijawwyJgEkH2zIqr3bIdtT02xA0DjZnXYNhXNdrAJsaPHRvFGOd3SWBrBTE-w4sFDVgLhjUf5G-DqEhxm0Tshj6_UiUIzNLBjCyVNQx3IbGBMwMuULJTSbIR3LC_Hz8X6j50W-Z7-69Q83FG2fhMje-PGNRWVuxZVyDUTX7DVxR9oyxdlAenkfRYHPc0c3FUZDgeCsdJGxWCS9SCqGmv9n2PfjP7qlEiyloyqihMgPWS7ZU4&sai=AMfl-YRaLDhB_HXVsQ0DRaUpchidT9MY9JvEvmh3vRztnjk3OKo2KhpPi7QBttcr0Qgy53a1YJ-n13mXShcW7rKg4o3baXGukxHV-WupifX0W82PvYsJUkUfJm-FnnRjKXY&sig=Cg0ArKJSzN80cxJSfhO4EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 23 Nov 2023 03:22:53 GMT
grumi.js
rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/ Frame 7782 		596 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f7a97ee90e3bf0d416db4ef3985282a52d6b13b41d8b0d89a22f4baef188198

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
x-amz-version-id
0JQDHGo3POVU8V3JnG0OKnZc_UxWgL_n
content-encoding
br
last-modified
Thu, 23 Nov 2023 02:55:37 GMT
server
AmazonS3
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"9c5082ded7990ce8b1325b69f7892c1a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
1
x-amz-cf-id
mR4Gg5u5l0Pubs5jq7l40kKmKOj4PQmCxXv04dTuIXaoTNy2uKsjzA==
/
track.adform.net/csimpr/ Frame 0294 		35 B
601 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=69427185&csi=p0nEJ5BfT7_B9SDvBeAM2Wxab6EHJ2mE6qz3ddpFjcjrygPkIxxfk2SlJSGhwD2_f6RUMfTvNYpGr71KvqvuWd6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal900021.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://hal900021.redintelligence.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
13883523.js
s1.adform.net/Banners/Elements/Files/169192/13883523/ Frame 896B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/13883523.js?ADFassetID=13883523&bv=258
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d325bb803508ac6f1621fb0c146c3335fc21955f1cec21dd275d09082a31c40b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
gzip
last-modified
Tue, 07 Nov 2023 10:00:31 GMT
server
nginx
x-amz-request-id
tx000001d6087b563597abf-00655712ff-3295cc06-default
etag
W/"6b2947fca138ab4e7b05caaf3f7f9f74"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7782 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
533155
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Nov 2024 23:16:58 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 7782 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4244
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230128-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M2QOmM1%2Bp4LSkEMkyTwCJVSPNNpgSznx4IDxKAYxM8m0%2BfFqoOlwurWb9mbo8AQnDuT8NRtCeqXn3BuR0ojMBtxa2aifx1GelkaVj0OznDH4l71rf4wd82zZ0Q8aPTMfLXL%2FV5BhPHDt6X5%2BljQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82a64a552a859247-FRA
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 7782 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 03:22:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7782 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsszmpSxWZMWkwoSxYuQNB3D1cy2VwjvTlDHGTdH3utt3iiRMZLClibQNxqPf8-rQepwS8d3E2OiZZiSmMT4Mzgiaa_wkxsVHLSB3Ffu5LZjVEW2ijAx_DUD-Uq6S3L2OR7JVy0vpXklPGvUhWLKctt3yxq5DUhhzaY6eVB5uBDKTwIxk42JjfUKCeBQwEEJ8-NZk7dYGwm20IijOoV-O3Bqo5iXzbDgQlABhYruOs-cMFwdnsfjYIzl-4HmJxRN43NYHgTnWO54ITKSBPYhFiDSXzkM1xn3teEoYv1NROL87JprWwn4Lru_YoEM-A5Cjs6LYSj__pV9dGfmkzVXy0J0Q6ekcIwUBaMkfXB9Ub_GCKB07wKwvZPruGQOLdvSdQc&sai=AMfl-YQkNJpdD78OcRyMzXpRe135e0lLwyBbdx8FE4BLqxFdI3tssSafYe2o6o147qkZXbDA4kkungpQWmHT0Hx_XnWmSO0ch4ygwADqddf3bcCxIk3sBSRJ_xC-pl93QLQ&sig=Cg0ArKJSzBSD6bcY6ZXaEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
screen.css
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame 896B 		1 KB
960 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/screen.css
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
13320bdfeae996f2492e02fb11715081b75a38637294875407b3e761a763ddb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
gzip
last-modified
Tue, 07 Nov 2023 10:00:32 GMT
server
nginx
x-amz-request-id
tx000000decbe7e2be9da5a-00655712ff-3295cc06-default
etag
W/"2adec2f1a53f84af8e31966b37a7996e"
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 896B 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=630
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7a785e8b2ad30e6279397d656a61f70ad6341ee944c310df19593d8fabd79d9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
gzip
last-modified
Tue, 21 Nov 2023 08:14:37 GMT
server
nginx
x-amz-request-id
tx000003200605ea56ced66-00655c671a-32959ea8-default
etag
W/"d66b8df08256b7e89279e9f83d1d7c5e"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
introfill.png
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame 896B 		183 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/introfill.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1ea1bea920eff31ce7a0b188ed36f593ac1a6c4204b715cf3f788da4837ee8ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
last-modified
Tue, 07 Nov 2023 10:00:32 GMT
server
nginx
x-amz-request-id
tx00000436ada0eaa79bf70-00655712ff-329552a5-default
etag
"c926f04900f0228cb7483b30965c72b5"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
183
disclaimer.png
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame 896B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/disclaimer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b3221920f17047d3fc1c2035662aafe25cf33cf7a53539b662e1600e26389b29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
last-modified
Tue, 07 Nov 2023 10:00:31 GMT
server
nginx
x-amz-request-id
tx00000485e97a5d2f2d72a-00655712ff-329552a5-default
etag
"c876008ac86080df79e242e143b5c254"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1827
text1.png
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame 896B 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/text1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
79e51a1ddd6f26c846b07d8656529a95763214ff2c146a64c28ff06f37d8f9e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
last-modified
Tue, 07 Nov 2023 10:00:32 GMT
server
nginx
x-amz-request-id
tx00000ed2cfaae934b875b-00655712ff-329558a4-default
etag
"0cc17964bfe7c7c7e796b31129d21450"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6339
text2.png
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame 896B 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/text2.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b845429178a6769ad9ee3d87c76e68c56751c5abbb6f9ddea34233f15ec8e2d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
last-modified
Tue, 07 Nov 2023 10:00:32 GMT
server
nginx
x-amz-request-id
tx000001a8e9280222e7789-00655712ff-329552a5-default
etag
"3021cc843ecb1304d47efe39c9085e3e"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3383
text3.png
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame 896B 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/text3.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
446a667f4198c81a4cef67504a1681bb0e0bba3548b009cbe2a905486f9da736

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
last-modified
Tue, 07 Nov 2023 10:00:32 GMT
server
nginx
x-amz-request-id
tx0000041fe46be31b4f735-00655712ff-329558a4-default
etag
"fdd1b8e51836e94b14344af5bd2ff94d"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1259
logo.png
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame 896B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/logo.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f2d3b6a2a3445d6a847875ff4602632662c1f1bd34701c0a01af69df665caca3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
last-modified
Tue, 07 Nov 2023 10:00:32 GMT
server
nginx
x-amz-request-id
tx00000e311f1ba51e5c8d0-00655712ff-329558a4-default
etag
"d439d597d40b2ef2b5d132d67d0665f7"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2109
logoend.png
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame 896B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/logoend.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bb8c30d641cd7cbab0e6c70438976aec979c05d438ecbd82586b06b2c9479fd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
last-modified
Tue, 07 Nov 2023 10:00:32 GMT
server
nginx
x-amz-request-id
tx000008184e404711a458c-00655712ff-32959e94-default
etag
"1b6c18a42dec179f75b9726f0b62db0f"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1685
date.png
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame 896B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/date.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
add3859e90da4199720a3123a57042750d07f825d0330887a8b85fb262a12089

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
last-modified
Tue, 07 Nov 2023 10:00:31 GMT
server
nginx
x-amz-request-id
tx00000d678dcb357e312de-00655712ff-3295cc06-default
etag
"ac9b9bdf2710d16033ba2e2a17a5d19b"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2177
model.jpg
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame 896B 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/model.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
62ba91bcbf4403efc35deb4443450ce793518486661f628c3260bb29d5d3444b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
last-modified
Tue, 07 Nov 2023 10:00:32 GMT
server
nginx
x-amz-request-id
tx00000bfc05c52dcdbfade-00655712ff-329558a4-default
etag
"d6e8bddea96a16549637601330e45dd7"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
49483
studio.jpg
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame 896B 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/studio.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f1afce9ae55246b7dfcea249c2aa3316672ed4d50fddd1a7b651e561c80565ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
last-modified
Tue, 07 Nov 2023 10:00:32 GMT
server
nginx
x-amz-request-id
tx00000fb3954017492e0c2-00655712ff-3295cc06-default
etag
"7e9afdb35635aa4357e5a279852778f4"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
48666
background.png
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame 896B 		148 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/background.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a8be383cbb1a472f684d4f64314933807dc81f7263aac886ae651b67fbff109d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
last-modified
Tue, 07 Nov 2023 10:00:31 GMT
server
nginx
x-amz-request-id
tx000005fa984e166013667-00655712ff-329558a4-default
etag
"b2920d38504bc83680613909b4a7e380"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
148
CSSPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame 896B 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
935289
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13669
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-9833"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ElwvM76pqJtZoGffl7hIzlCEXM3XHn%2Bidh%2FHJCwPDt2pPYowd8D8vwZSFlwC5qCziJJ8yDVODMIuUThJloPskKx4j0PVFyt0AJp2K%2BxixS4946Zz1sO9XUi9I8EoCzZWk9MQVRxRjzGwvIf1vwuLxBrk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82a64a557b2e914d-FRA
expires
Tue, 12 Nov 2024 03:22:53 GMT
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame 896B 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1045432
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1730
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-146f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2FpQNoojQZY92dSXWgY3I9FlI5%2Fvp96XSc%2BnVmms%2Bgc36AtSEVMlEmMvyE1IZrHnh%2B8mEgW7xt%2FEN5jMJQCwcZ%2FEXGSUgm0s20MDnXMjgriZP6icbjyKljj5Z0kUaPCC0Fsgv1yZCjZjGQ7tmL12Q4O0"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82a64a557b2f914d-FRA
expires
Tue, 12 Nov 2024 03:22:53 GMT
TweenLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame 896B 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1029896
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8578
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-697f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mbig4eQ2GY1pbDARzL0qGk2RwrRkA7%2BXLQeq2%2Fq7qp5kFSH0DPmodtl47VbwZL7q3WCgywuzRToNbwlkyN96dBvC2pWDStrTNIo4ZrfQ6vntslbf%2BnycUOQbj1y%2Fa4kMX798esmNQVC9pef4x9iJadyZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82a64a557b30914d-FRA
expires
Tue, 12 Nov 2024 03:22:53 GMT
script.js
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame 896B 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/script.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2967727053e62e755b40702f3825e45e7856ac6438e088ef984344e22044936b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
gzip
last-modified
Tue, 07 Nov 2023 10:00:32 GMT
server
nginx
x-amz-request-id
tx000008a8451f3403162dd-00655712ff-3295f919-default
etag
W/"91331674dfe1ca19501ea729f5fcea60"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
grumi.js
rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/ Frame 04ED 		218 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
871ca577af93c4d834f8b2994a59ba092b267b5b5a1ed3f62598be4c010dee1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:20 GMT
x-amz-version-id
PPUsbnOFOz0w173jUyxKcyjfOa4niqGt
content-encoding
br
last-modified
Thu, 23 Nov 2023 02:55:43 GMT
server
AmazonS3
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"13ed0fce3b06b930a61ca71902ee1d79"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
34
x-amz-cf-id
jj9daV9SYM-e0eXzbJpg57jiha8WP6RJ0Ht1rSNjpbbivIqkVksgzg==
truncated
/ Frame 7782 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05898c09177167ca418f3a10ad616c62df32d73534991f7d3f81106f91412d40

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0D9C 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDo-4rWBRj5ucP-ATAB&v=APEucNXD4NVE7qER5Khy5levxHJthh7YJPT8Pqp6QUwQ3rIrkNf5e-RNGzeN__GCEeUjg5GIDKRGUKjma04KQK7HsmHsw-tgG77_vVKp8XHbKDhfoqSF8dMAfzr7pNVza8jr_ewk7VYQpE7zz2OHBAklL1pCHxdkSrvCTZNPnRpi87LhySb0NpE
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 03:22:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 04ED 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 03:22:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 04ED 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AEfzDTcIff7INLoGKYBUwNVroqwyUc-KZDKbwnDqwuqumuidPeRZYBT3tjdA1a9xh6AQ_Jto8c7k8hpxxZprwz1Ur2FqWOc1jvtMLXxMGS3llMMgY
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 04ED 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=12122597242241847640&x=8&ct=77
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
49718fea-0ac2-4706-882b-f6978ab2595a
beacon-fra2.rubiconproject.com/beacon/d/ Frame 04ED 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/49718fea-0ac2-4706-882b-f6978ab2595a?oo=0&accountId=21034&siteId=302564&zoneId=2535156&sizeId=15&e=6A1E40E384DA563B55F7411210B1F566E94DB5DED997D632C69199CD14B4A92430DFFC2EBE783A0DDCC97A52BB2505D9D7572006AD7D764F282FBF78FB0B6384A5EFC72A6838064FC43EE9CDF6DCFA4EF9BD0C60FF54E3B93AFA7FBC1E83F0747F71F6A31880295A57B3D6439DBA760C2058DFB89B7454022499D27B7DBE67C1DCF8639D23EEE53A9257D6DA0C7398FA4CF0B1A8AFA45BF31DB0D4783C222D6EA272806D41841D2B87AAA7050E677208EF3D4F97AEAFB68ECDA10306204D320B
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::154 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
register
token.rubiconproject.com/ Frame 04ED 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/register?khaos=LPAMOQS9-X-KAAN
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
trk.js
cdn.adnxs.com/v/s/240/ Frame 04ED 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires
Thu, 14 Nov 2024 14:07:00 GMT
Date
Thu, 23 Nov 2023 03:22:53 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
652553
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27680
X-Served-By
cache-lga21956-LGA, cache-fra-eddf8230092-FRA
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
X-Timer
S1700709774.706168,VS0,VE0
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
7, 846975
it
ams3-ib.adnxs.com/ Frame 04ED 		0
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fskypost.ulifestyle.com.hk%252Farticle%252F3384147%252F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&e=wqT_3QKnBfBDpwIAAAMA1gAFAQiMi_uqBhCNx7-nh5O3jDQYkt_U6bCHw_NuKjYJuB6F61G4zj8RuB6F61G4zj8ZAAAAgOtR8D8huB4JGwApESQQMQAAAOABLaAww9f6DDilFUCuS0i7A1AAWK7QoQFgAGiztyt4g_UFgAEBigEDVVNEkgUG9HUBmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAuoQ4AKduV3qAj5odHRwczovL3NreXBvc3QudWxpZmVzdHlsZS5jb20uaGsvYXJ0aWNsZS8zMzg0MTQ3L-mmmea4r-ePiueRmoADAIgDAZADAJgDF6ADAaoDLhoTMzc1Mzk5MjgzNjc2ODMyNjU0MSoHcnViaWNvbjoOMjI0OTo1MzM3ODE3NTPAA9gEyAMA2AONkVXgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTc4LjE2Mi4yMDkuMTMzqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAE8vS5IsgEANoEAggB4AQB8AQAiAUBmAUAoAXEyPmN97eFpgrABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWkyR76BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9oGFgoQAAAAAAAAAAAAAAAFF3QQABgA4AYB8gYCCACABwGIBwCgBwHIB4P1BdIHDQkFIwQAAAUmDNoHBggFCfBu4AcA6gcCCADwB6MgighHCkMAAAGL-jOq4DQY3Jh07-ONUqt5QpdQn5xAHTeSXRCPGZtQjlW0qwLNkSzJKxCPxOEWpmlF1GSF373RHyKaSIfscrXjEAGVCAAAgD-YCAHACOoQ0ggJCP___z8QABgA&s=52c4096e383df0f28c498cf10983f92b79ec1ccc
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
an-x-request-uuid
5e8201b5-6adb-4056-b2c2-b76384916527
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
q
p.adlooxtracking.com/ 		49 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/q?v=gpt-92559af&c=532&t=1193&p=248&pn=%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&s=%2F21751243814%2C183518426%2F222913-970-90-2%09andbeyond9702&s=%2F21751243814%2C183518426%2F222913-728-90-1%09andbeyond7281
Requested by
Host: p.adlooxtracking.com
URL: https://p.adlooxtracking.com/gpt/a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a6185609835a581b28e6d651df223a3458b64f732623accc9ef1ddb404f2befe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-adloox-pubint-version
20231123013001
date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-real-ip
178.162.209.133
x-adloox-pubint-commit
80ca8d3
via
1.1 google
x-adloox-pubint-commit-db
5ee398e7e-dirty
server-timing
conn;dur=0.013, ua;dur=0.030, segment_pipeline;dur=0.173, segment_ip;dur=0.007, segment_iab-valid;dur=0.014, segment_iab-spider;dur=0.873, segment_bs;dur=0.004, segment;dur=1.276
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx
vary
Accept-Encoding, origin, user-agent
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
access-control-expose-headers
x-adloox-pubint-commit, x-adloox-pubint-commit-db, x-adloox-pubint-version
cache-control
private, must-revalidate, max-age=3600, stale-while-revalidate=86400, stale-if-error=86400
access-control-max-age
600
timing-allow-origin
*
access-control-allow-headers
x-cloud-trace-context
init
gw.geoedge.be/api/ Frame 7782 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2a00:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 03:22:53 GMT
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-length
0
x-amz-cf-id
b-10vngpmJx1kfKiGj5Ut-_G81GKqwth9ZW0fjHSYxoHNW8bq-azCQ==
x-cache
Miss from cloudfront
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3272521849198029&correlator=4287902077677520&eid=31079668%2C31079673%2C31079657%2C44807410%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=21751243814%3A183518426%2C222913-970-90-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C728x90&fluid=height&ifi=10&didk=4118590881&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dd99d1b6563fc9bfc%3AT%3D1700709770%3ART%3D1700709770%3AS%3DALNI_MYDU_TML-Ek6t8eK8e6Boe8HJL4LQ&gpic=UID%3D00000cd89979a03b%3AT%3D1700709770%3ART%3D1700709770%3AS%3DALNI_MaarDuukHbRQr1v6TQrHobzRdUQBg&abxe=1&dt=1700709773745&lmt=1700709773&adxs=200&adys=10&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&vis=1&psz=1200x0&msz=1200x0&fws=4&ohw=1600&psts=AOrYGskMurQZiChUeTXsXh-SFSzrONJ3RjSjnc7GLRQxWAwJiWsCgc-4pI1VV9ZEgURZ0RLKEoOF4j4NJ8OVJq5xYkRvMglf3zw%2CAOrYGskIS98r6q_N0WnShcbl_cfM_LGqTBQzRygQN1t_-k-DcZ9PLRp4VQ4AECOAgiOR2ErBFrLo14qipIyRhLSZHj6dFidG_L4%2CAOrYGslldlkQ5OpsRDd-ToKdPaW5AyiaC2gouwZQZ_Npc3DatLad8R1HvRuDrLmr_el6m1BHO1nQOcxtx3GT2-JjsEDZLOnpER0&ga_vid=95362296.1700709770&ga_sid=1700709770&ga_hid=1231077867&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY0MjO0b8xSABSAghkEhkKCnB1YmNpZC5vcmcY-MjO0b8xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGM_IztG_MUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lSalJ1TjB3M05URlRTbUZ0YVZweFYwbzNjbmd4VVQwOUluMD0YtcvO0b8xSAASGQoKdWlkYXBpLmNvbRjQyM7RvzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNjJztG_MUgAUgIIag..&dlt=1700709768198&idt=2089&prev_scp=adunit%3Ddiv-gpt-ad-1520909829098-1-1%26prebidtrue%3D0%26hb_width%3D970%26hb_height%3D90%26active%3D1%26andbeyondhijack%3D0%26andbeyondunfilled%3D1%26visible%3D0%26refresh1%3D1%26activevisible%3D1%26refreshtype%3Dnone%26amznbid%3D2%26amznp%3D2%26adl_dis%3D-1%26hb_format_adtelligen%3Damp%26hb_size_adtelligent%3D728x90%26hb_pb_adtelligent%3D0.06%26hb_adid_adtelligent%3D2439e1b3f41e36c%26hb_bidder_adtelligen%3Dadtelligent%26hb_format_projectago%3Damp%26hb_size_projectagora%3D728x90%26hb_pb_projectagora%3D0.18%26hb_adid_projectagora%3D235a7c99c5e96cd5%26hb_bidder_projectago%3Dprojectagora%26hb_format_abmxandr%3Damp%26hb_size_abmxandr%3D728x90%26hb_pb_abmxandr%3D0.04%26hb_adid_abmxandr%3D237b93041b7e6b7e%26hb_bidder_abmxandr%3Dabmxandr%26hb_format_oftmedia%3Damp%26hb_size_oftmedia%3D728x90%26hb_pb_oftmedia%3D0.03%26hb_adid_oftmedia%3D2318713f353178cf%26hb_bidder_oftmedia%3Doftmedia%26hb_format_adpone%3Dbanner%26hb_size_adpone%3D0x0%26hb_pb_adpone%3D0.05%26hb_adid_adpone%3D228e174714384661%26hb_bidder_adpone%3Dadpone%26hb_size%3D728x90%26hb_format%3Damp%26hb_pb%3D0.18%26rtb_pb%3D0.18%26hb_adid%3D235a7c99c5e96cd5%26hb_bidder%3Dprojectagora&cust_params=adl_ip%3Dadloox-dc%26adl_ok%3D1%26prebidtrue%3D0&adks=1182580958&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa50ddbbbe806d87737618e1fcb47c57a45ca450290ef4a1d6e07773fb036fb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12989
x-xss-protection
0
google-lineitem-id
5017564534
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138266010604
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 04ED 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1950625118873&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 04ED 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1950625118873&version=m202309260101&ct=77&x=8&cor=12122597242241847000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 04ED 		22 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ark1l84wgJrwMw34ob2lAuwHe6cWhGFEwsyzGYR-hItz4NEdAvFTF_L40CXkMgYtAFEJj-7GKY4Rfh_MHGMJPmfhjxs9eefhZ9hfZBLZ83kPQn8-GZh0ia36K-gJ1HSDB95yxESoe6M_8J-5508ayByNB0xeZc9aRUppuJfftxx-_Eh70&cry=1&dbm_d=AKAmf-CdlcVakQ-HB_yB4v0TYPvG4qU8NlnFgQ_NzihWPZusIPjLDQrBIX51Ly-A3k3aNUvQAgKzE55ZAk-D7XmVCglriZC-uX9q4CL8lVQeLMTOpvLthwaa4IU2bxTe-y76B3nkLGcxX9YomWaPlpH-d187OXdxnQXSVmU4Gd3zI2L17UatHsWemTBxCNExd6YEZD1Cmo2C_MPTdy99MGJlSdGDFOS3cnbAHQTGApv6gypokLtPqhai6txQjVD1MvBPeotZznFOs7V65D5QpVN-hJyaO7zG-bP13S4KYG7DNpGQCAkvklh_aQwdemfrr98e8rcMJVx5XzVlmhO-VzJZpEDMk7MErh-VHyJJjovw3RCnjzur5PqngqNvSbZ4OiCdQyug7BOcPGvIXcEmmjHVXPGsSfPbpg22hiVy1xZBGKfK8EIoks7EQLEZQ-TmEQx2pbEUQpwhaWk1o_6UcOkbOp56WHBxOWnKRQrBJDNParqGPNw7l--F1Jh0Y7cyG_t4PNL1XDBCynS4vS7oV7OcqXnzo4dEL88Mdjcs9ROwsvEwzPubbomLlsU606jcBIznWWMKAM0NwePr_cKEy3GzxvsSEVHf8KQVcnvKCh-gUZgOZDadfOzSCUV_ZBg8tCzZowMLqLeU2is3E3Kty2oYOzUMHKAE2dfzcjL7PL5d7eFnwzX4lZgDuXIcG9EP_QBnVRjW19JlolVAnaWVnuX7rulUdVylFVhT19iTs38bLK8ww0wMGWgrMk-PGnRNHwhqo4GXEK-lZIJcw-vwTrXtE9FJC5jPDt4K9ZQy_GhiloUhjCDwpKKuVQhQxG2brRh_FtdnhooQWe4QfdVU0vQ9CHBhE4ieMlpdJ4e9aOqFtQj0FTJZp03jo5zpUq4DW_SEoHoGFpywodELeWNeFDnd6Rzhtyo9bT9BX9-L9r7EXvji0zC_ex605T66LpEYAIMlyqzIjT_v7MmfdWetjR7auMiFJBXc82RslJJrLpwmddC6L8MhlfAFvOPE2ANEdPyZSSXrlSl8Cov6_ojypBKjVh3QW0ndjIxazO76IghD40n88x1t6-AN1ji4Rf814MPgsVmxK7jnIx8DrhbFrfNS3nBqPAdYmhp-07NLD-LxM-eTT_kWF2GF6uO8YW--NMDBdMzgKV4xqyRPQG-jpGRFDJk3nbhPQcRhIDwahJmUi4mO3o9y_cqfmdij85vjN_vi5fZS9R2tTfsQnFMLjgEkNY2fvfa6okeaBjMoqdjnUaUqxMLTH165WlilEUgpJ7TXaSB5dH9yN4PEr97d_p86cLCPsvq_GxvasUBAcWw0yPc8_oS6Ea9qre9QkbafO7u5u_Vjq7LSd2P2TVuG2sty5oB8ILhYRRKLKBGeFqH8fxUqloOhT5MqdaPuoTCcSXi5yiDTOmc2LkeLlR0iTFfpbYpzywcOvBdV4b8p2VgiRtqMPArQqOT-L3dgw2NACitIzsRvAyOJA72SXQ7uHg9FPERa06q05ygY1K5KCI0qbhlWg0UTjhNTQP0qEMGpzHARZJDwiuVtpV8uV5QZjNceTxieNADUp5kn3X9TXBQ5tcoUnsL6jF2LS7DSxEuedbRyBEmgOOfOczXfT-h05K9HgkPwihZqCieXfaboYHIn_Al87_IM1KnI_5n3qHZTTXwWdS8JD6IBfhDI-YySzEnemRKbnGpQFanr9P9zivkPBsRNUUTVVQOiBaHwPa_v2qled9TrRqlJBtxpS9vlVSa2bewUWQXPLq8i6oHlBbc-EZW5qZ0KcuGs84rcOmLX6ptg-fJPGErlYSVJCS_lLAEcBhgYuqHsjwWFJFmK6PEWf-0TowquBrYKnptpivGbtdxOz8-2qfgn-sa8v0HappeKlyiIzgUKq5DoJqJth03ioq_lad2P9H1YQsnYwVhU0TtrUF7Jsu6guLPtu5H3IDIei9-Zkq_OGNjwxH8oa3qk5BEmMRFbZU3SDphjp-7UnF7zkOCFbWNQu30uHa8oe9-3rrisA6mxRBJjrt2fv6M740-5KVt7cZe7cNzFH2fUtG8s15M7VZ_SwZLDLonURcDYx4l6k-gxe1QktXbT1Tl3H6-owoCnoz5a5PRdMubZvMR07U7hZEKp677uBVIWi8nMhQIdywh28fyoaeUjbgrs-8qF810yA-xYjq2LExaYitJMtTeQByU_KwknCymOXugZIasVWrqAOBzLah7LpMGnzOzB8sxnNJh9KNWB363BgPaL-e1mN2xhk8OJW2tnpoybzweYf6pxb4_tWTqpoj7YpLgOppgSkfbS29tezlVkG08wjZUnmdISHOQcba6pAT9qZS1c4fbLUHzBFqBnR8pjrIe8Wu2_7I9feYZ31uoMe2xIQ38HWV9ny_djee31Tzx7srQy2MsEfJ0xif9vUsXrZu5seM9pvWdXWZkFx5FJpqqTmO9vE4PDobcJRx231oQLX0X8tNv7RYBmPk2KRlGMDdIg4a0qVFpCJaW07Bqr3Sa51BAvAqibLhjyI1udX02slxJkbvuEJfs43kym6tCF5DYF6_ebNm9Rtvo-dmJKMjRKNknxx3xxQnAMWq9JwpdT7saPOhglMpMyr3ib2l_s9qwkjPq1QFfYkSRfuTTWSDZAe0XS1UKoWj82MWgMotZkiPbz3ulryNhTdWh7vrsBZyPqBD9vtHpmGIqHVozZEsOQW1PdpX1CQb3Uovnv7mvXxSHNh4nL-4lmopV6qVWJReF6m_usXiNywzpRWxaVexqInlsKZhojHBgjfmH-zVmMbApDx3YLAozj9SbD8jHgURTtvK-2tCYIQ6c6WbBfG1A9PPjbRYwOYp_8huEgS-hBRQ6Hd-E8pHztPxhXsHhNPMfMOFwDbTJiWWZIHy3grzsIs5GwXe6Qjl0-0ZAvalSVbvAkAiScr6devHzLpM0K0g-sDcvYse1ov0DPKgxyyAZGitxUDR_AURoPkv1GorO2pItRqF8v-H6AOBMwlqlSWauqycAJGqHmGpodc5a_g2cJk0EqHqc5-rmsLeMUOQdq77UpKERzllpQZjMYKelsHV5G1QeD6_SxcdrkTucz82X7WzW-g6BDMJkVfs3PscfbCKIXZODs1JX2VIj14GGnR4iJ2SbA0_E6S08qevIdTsMRvBADPQPaPBrLRVm_S_0fM54Kun9XkovN5FuEQJwThsIGqcKt2B_ejVCcXFiRP-Wa0hbRaMRhuyk1SNTemAflYSEzNO4tyReGwIh2GlyDv1wP1GtZK0rUOe0VkXoki4mdTXTRFIbkogQ8KmAN4ZEI8iTHbJ9OkttG9CalfuUPe83_5jdfAV_cUxsZdyL5zV0pNxbfgAUcvMmlqYA5dovr97giJlhWZMtsM0zXEhsJljSEfHuRh9iW7kuA2nzDY6aDS4CH6GPRPh0dYCFT4FvkBVxY3b86gWGj_5dRowCv10_WDxyL7mZ8GdYcZHMuw0Ev3YNOVIirsLfynLwTCYEc9of4G3InCZ_QZrmwZI5Boe_35pwJ_S9xXjkW5WzYaZtdjiinFfa7iGmXy7_b4sHSdQYITWdJ0COdeGIlW-dnDpRfNWAWSEw7AcQBIYebyWcN_DavqZDZqLOsLxOc4rTNcCzpTpei3kYUsaRQHFLNCDF-lj4C7J_bCK-ZR4DycpiD6EtHrkjUh-RLxG1LGNknuzGWSGEzx3kXE6ZNDNMWCVpsA9IDY2FVhoUMXyGCmkxsG_WbZ3OUyhk7wvU8iFKKflic9-Zn3Ze8ZfdAh5ussPVFVIwrkyZmOoBfIiOQN4eBRKsM83jcbhgKHilZOtN7Tf4RrmlrR5sZrN6lUrfgYyOPU4vpgYDtPKmBIrTMoAtcyRYUdBrTLgWOaqST65l-n11j06S5xVE8c17BxJCl3emHcOWHSN98FntLXXCtAkwoMipJwhAJgQxZzSAIMhNPTnKQHPrW9G2FCZh4YpVRNSPXloQPuBMkCiXWMiHvIOZ7hwbITrCVnTrYfBONw3zdq-oOiBf5lw&pr=8%3A2B33B2EB41D5DBD3&cid=CAQSMgDICaaN_k4hSHVJxJNFRAgHa7PsqCd8WX-oaJndKvyHCetb6AmUNxR6hs4WdW17xIZqGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fskypost.ulifestyle.com.hk%2F&ds=l&xdt=1&iif=1&cor=12122597242241847000&adk=3867677095&idt=43&cac=0&dtd=10
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
348c5b8358bc319c37e0d1a41bae3a5da2c0f374f503bb3826011073fa46928f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15016
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7782 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsulfW3NMRvq_hx-0WeFJj8tW74VMhiOH5UDpazRwGx8DQbQMqMhvHJF2r7g2aLIqWvo9z3tLZqww5LhHIbnz7tHpboD2AzN2gfaFNCYee7JzkcBV5g8OfteOGAX5PABZkLHQR5GsvV2ssD1KOqSlpppVaAN-7xYmJlCKvdRUbJzUqmdPLR2I3Osuy5sFe1kve5o-tITfFSn1GQ_sodJkI9JG_GgJnnFbcM2gpX3D-W9t6Y1gsYYLvAb-lUqQ4lBGGr2rPJrr5mGOK3vymg3jYMdsF5L5gdZnPWJUvIIA0efQXz_WHTR_HDGXk08fHpZOPoWclxM3E1uBaE85B9tI4PqZdVsxzB5u1kQRSfpK5Kw9lvjxKLxJyu9wDNkIqg25O9qHA&sai=AMfl-YS45MFObxcy9KC29yCZLg67S_G0M4VyW-kG5_UrsQLSoi4PSeQs03mHQVJBXG9hnU62b8r44AaRg-FDuZxrqmViw_TKkvOzJQ3d9OgKnHJ58RrleYwpeKa9q7Jp2-A&sig=Cg0ArKJSzEclx5mYU0WVEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 23 Nov 2023 03:22:53 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 98F0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvd12shUp0HfatcEfDQJN0p9NirBXWxPM5iRmGFtVzw6o6vleWIlubDzn-TmNOgPsxBbnelmfU6MWM_rXL0Lwl5ii8Xq7T_2AJGG5Zc6iiD6v-DhCyoWWU99DVJ36tdItZ0Y3LY0JK8SA&sig=Cg0ArKJSzBILuLoTajkNEAE&id=lidar2&mcvt=1000&p=943,1088,1193,1388&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1043495288&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700709772530&rpt=317&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 0D9C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKh7XOmaSYAyynqF7a90JTQ&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKh7XOmaSYAyynqF7a90JTQ&google_cver=1&C=1
43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKh7XOmaSYAyynqF7a90JTQ&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDo-4rWBRj5ucP-ATAB&v=APEucNXD4NVE7qER5Khy5levxHJthh7YJPT8Pqp6QUwQ3rIrkNf5e-RNGzeN__GCEeUjg5GIDKRGUKjma04KQK7HsmHsw-tgG77_vVKp8XHbKDhfoqSF8dMAfzr7pNVza8jr_ewk7VYQpE7zz2OHBAklL1pCHxdkSrvCTZNPnRpi87LhySb0NpE
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=diBRUW3MFomvA6oRZ9t1RuEsWxiEQzGLVWs318lm3C9t7E%2B4vjtKVOoEXZKHLSf09pDiYhr7CtFbBGxFolAb22W6yCxsHgfpYIbxOFTSst7w7wDCy9BaL%2FD1H5QurHJgvgMOiFS6oqBsWA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a64a56fcf76927-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taTeHwL1wmjk3rnEUREYvzZqIrKnDbO74%2BL9%2B2ifxkGiec%2FTc6idJaTzvgRm0kcck4sTrwt2JnEfk6tzZm%2FKGZCxlmEyXnPTwM1eovQMgDUQjWL1wi%2F6ooJ98eAnDm1igPAEbTTAzVsr0A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESEKh7XOmaSYAyynqF7a90JTQ&google_cver=1&C=1
cache-control
no-cache
cf-ray
82a64a56dceb6927-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame 0D9C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV7FjXUo5XrhCi9yEsUUZwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKh7XOmaSYAyynqF7a90JTQ&google_cver=1
43 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKh7XOmaSYAyynqF7a90JTQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDo-4rWBRj5ucP-ATAB&v=APEucNXD4NVE7qER5Khy5levxHJthh7YJPT8Pqp6QUwQ3rIrkNf5e-RNGzeN__GCEeUjg5GIDKRGUKjma04KQK7HsmHsw-tgG77_vVKp8XHbKDhfoqSF8dMAfzr7pNVza8jr_ewk7VYQpE7zz2OHBAklL1pCHxdkSrvCTZNPnRpi87LhySb0NpE
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=424qNDFVSYf9BI32RR7%2BRn2vTPz8rdlDQDSCN4boTEEAtZ2wQh%2Bw94WMZWYuAwIYHoSHY2bECqe6Kx2wxN89WCsl8mF6P%2FDbFTpd1IAMpJfsFWfM4XRJTxwc4JaazLjivI6ncNerXukbtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82a64a57583e3a98-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKh7XOmaSYAyynqF7a90JTQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 0D9C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIGXYpHwiXIcbxOQsUKv_fc&google_cver=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIGXYpHwiXIcbxOQsUKv_fc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDo-4rWBRj5ucP-ATAB&v=APEucNXD4NVE7qER5Khy5levxHJthh7YJPT8Pqp6QUwQ3rIrkNf5e-RNGzeN__GCEeUjg5GIDKRGUKjma04KQK7HsmHsw-tgG77_vVKp8XHbKDhfoqSF8dMAfzr7pNVza8jr_ewk7VYQpE7zz2OHBAklL1pCHxdkSrvCTZNPnRpi87LhySb0NpE
Protocol
H2
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
an-x-request-uuid
f377175b-6a30-4986-a839-5210152201ae
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIGXYpHwiXIcbxOQsUKv_fc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0D9C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk5MTM2OTUxMTU1NjQyNzY2Ng%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk5MTM2OTUxMTU1NjQyNzY2Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDo-4rWBRj5ucP-ATAB&v=APEucNXD4NVE7qER5Khy5levxHJthh7YJPT8Pqp6QUwQ3rIrkNf5e-RNGzeN__GCEeUjg5GIDKRGUKjma04KQK7HsmHsw-tgG77_vVKp8XHbKDhfoqSF8dMAfzr7pNVza8jr_ewk7VYQpE7zz2OHBAklL1pCHxdkSrvCTZNPnRpi87LhySb0NpE
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
an-x-request-uuid
3da2c863-046b-4984-8af3-cab98fa2f6dc
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Nzk5MTM2OTUxMTU1NjQyNzY2Ng%3D%3D
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 04ED 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 03:22:53 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 04ED 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
465465
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 18:05:08 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDcwOTc3Mzc4NzQ4MQogIHNlcnZlcl9pcDogMTcxNDc1NDI4CiAgcHJvY2Vzc19pZDogNDIxMTQ0NTkzNAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMzk1MzMx...
ad.doubleclick.net/ddm/activity/ Frame 04ED 		0
497 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDcwOTc3Mzc4NzQ4MQogIHNlcnZlcl9pcDogMTcxNDc1NDI4CiAgcHJvY2Vzc19pZDogNDIxMTQ0NTkzNAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMzk1MzMxNgphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vam9obnJlZWQuZml0bmVzcyIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAyMDQzOTkyNzg5NDUwNTE1Njg2CmRlYnVnX2tleTogMTE4MDk1NzE5Mzg2NTE4MjI2MzcKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTExLTIzIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTM5NTMzMTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzODE2Mjc2MzMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE1MjI3MTIwNDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjA3ODExNTIzNTQKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA1MzM3ODE3NTMKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vam9obnJlZWQuZml0bmVzcyIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xc644402e31637aff0000000000000000","13":"0xe261829ac40c56bf0000000000000000","14":"0xf579b5c7686e58f70000000000000000","15":"0xa1bbd6d3680cbb6f0000000000000000"},"debug_key":"11809571938651822637","debug_reporting":true,"destination":"https://johnreed.fitness","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["13953316"]},"priority":"0","source_event_id":"2043992789450515686"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
l5ao19m933zw
hal9000.redintelligence.net/zone/ Frame 04ED 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/l5ao19m933zw?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRBaUjMVeZcrYDPuLmLAP5uaYsA_k4MuvdP2f_oj5EfYuEAEgur7wFmCVkqqCsAfIAQmpAg2p9GjZRbI-qAMByAObBKoEtwJP0Lvx-qe1xtoxgMHYoKwWQdOa5s9Y7zBHojiKYnTVfc_g3OTI6ebJvZDDbkXwKR6kP-K6d-8J7juMUgld_PQGcRjKW1kc8ZCt7KnwEx3te5GTxBRvO_IdMJRs8LzUla9b6af-4wBLK5GQjDgaKlfIaSA0HrfoeMFACKzz8fK0p2PvKpKsw9SSDekeMSQKzigSCLU-Y3b4YDlCk4nbAVhZm37tlCRniGoZ2c4PNYn18U4_fne4uLodG3rRYMqKyzqFXzUUx8bgPV71iEN11WxqX1OdnAwZR0bx1u-VojGMuawBKVnZV8MDVV9xK_Hhr1_Ew60J7_7rl2tIUE6tCZANHdWK_mKYrErnIaN6wW9z0VQiE3XedRU-MirpkNnfcrq-UNGiTazvY2b7vYpnGSmFJvCxi_TPIsAEidGXiLwE4AQDiAXi8Jy1TZAGAaAGTYAH39qGogWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhfMgKqAjoCgEBIvf3BOvIIH2JpZGRlci14YXBpOjMwMjU2NDozQ2RodWt5NGZ5S2uACgSYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATlcvJFdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSMgDICaaN_k4hSHVJxJNFRAgHa7PsqCd8WX-oaJndKvyHCetb6AmUNxR6hs4WdW17xIZqGAE%26sig%3DAOD64_2WHzqGoyv04S4ZY4hW0Z13EMGMRw%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-BuPNFs_flSXFynnE3YFW5si7n682tsMLfKHTPAZoY_FMr17qCgiEE5tjVAd-Z-JfHVLXBE7J3JIfGZgZ-ZccLlhEJcHiDWphPrIDQnCki7atKyU_Bp1Vn9oZnMDlUuGo1sFoy9VyybpQ7Rd-_yaZSP7npC39mrYo-94z-17nlw_d2P5uM%26cry%3D1%26dbm_d%3DAKAmf-CFV3Mn4lstVVHGZURneQNQufF709b5tvpM3FfksaWplLqd9-mikdKcOXeZywkungiYjT_IgK_wKJ0WJ0U37eplRJQFvAvDtihYSmLzKfTpxAefHUMWQvdqlIxMFW3RIcXvoRE4PSktLrDeLGpngxAeqd4-0dbfcaRFbljJbvV0F2pKGnSvLTpKU8A3qGKYfik_Lj9uiwIn8x5qTKmixBI-FKEpgeLKMYX4-jZLMUKTBgmajBwOO9qxwP2QXzKJ-31KWW2fGaNMqnUV8SNfyv7FMEskiaWb8igTfWxD8keTgoke6HtFuspx-2RCNdbATss_MUYVG_eHZyQaSUvzS26WSbAHOjkGrv6C89co2Fnz2xXsaKpc3TJy3AdqoSQXHcfN0z9L8WBttrb9cV4XzURygiLql5uAvnR-DJj3X6IEk0addODEjpZjkFppfSKdr_lfolk69_Wx7Lg7SELIQT79iF23JyWVh4dXF6qAMMd_Rx9_gJIx4GTuQd3MhTTLEoXG_BwaNMUc9ZWzlOg1E70qEJZnn4oASPvd6of7vctsHLnJOc2g3S3v01N9Al7eMyJRB5bpnYl0Mk9Ivxz1OXFeVb42kQ%26adurl%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
59fcb8680bd348b267ce55ee0bec307ef332749fd3cb621060f6ece9471ce6e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:53 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4270
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 5385 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
368588
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 20:59:45 GMT
expires
Sun, 17 Nov 2024 20:59:45 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
request.php
hal900029.redintelligence.net/ Frame 04ED 		613 B
937 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/request.php?zone=l5ao19m933zw&nw=20&renderingType=javascript&namespace=b60826a687&subid=&uid=315a28245795b6f8&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCRBaUjMVeZcrYDPuLmLAP5uaYsA_k4MuvdP2f_oj5EfYuEAEgur7wFmCVkqqCsAfIAQmpAg2p9GjZRbI-qAMByAObBKoEtwJP0Lvx-qe1xtoxgMHYoKwWQdOa5s9Y7zBHojiKYnTVfc_g3OTI6ebJvZDDbkXwKR6kP-K6d-8J7juMUgld_PQGcRjKW1kc8ZCt7KnwEx3te5GTxBRvO_IdMJRs8LzUla9b6af-4wBLK5GQjDgaKlfIaSA0HrfoeMFACKzz8fK0p2PvKpKsw9SSDekeMSQKzigSCLU-Y3b4YDlCk4nbAVhZm37tlCRniGoZ2c4PNYn18U4_fne4uLodG3rRYMqKyzqFXzUUx8bgPV71iEN11WxqX1OdnAwZR0bx1u-VojGMuawBKVnZV8MDVV9xK_Hhr1_Ew60J7_7rl2tIUE6tCZANHdWK_mKYrErnIaN6wW9z0VQiE3XedRU-MirpkNnfcrq-UNGiTazvY2b7vYpnGSmFJvCxi_TPIsAEidGXiLwE4AQDiAXi8Jy1TZAGAaAGTYAH39qGogWoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggWCIDhgBAQARhfMgKqAjoCgEBIvf3BOvIIH2JpZGRlci14YXBpOjMwMjU2NDozQ2RodWt5NGZ5S2uACgSYCwHICwGADAGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQKqDQJERbATlcvJFdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSMgDICaaN_k4hSHVJxJNFRAgHa7PsqCd8WX-oaJndKvyHCetb6AmUNxR6hs4WdW17xIZqGAE%26sig%3DAOD64_2WHzqGoyv04S4ZY4hW0Z13EMGMRw%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-BuPNFs_flSXFynnE3YFW5si7n682tsMLfKHTPAZoY_FMr17qCgiEE5tjVAd-Z-JfHVLXBE7J3JIfGZgZ-ZccLlhEJcHiDWphPrIDQnCki7atKyU_Bp1Vn9oZnMDlUuGo1sFoy9VyybpQ7Rd-_yaZSP7npC39mrYo-94z-17nlw_d2P5uM%26cry%3D1%26dbm_d%3DAKAmf-CFV3Mn4lstVVHGZURneQNQufF709b5tvpM3FfksaWplLqd9-mikdKcOXeZywkungiYjT_IgK_wKJ0WJ0U37eplRJQFvAvDtihYSmLzKfTpxAefHUMWQvdqlIxMFW3RIcXvoRE4PSktLrDeLGpngxAeqd4-0dbfcaRFbljJbvV0F2pKGnSvLTpKU8A3qGKYfik_Lj9uiwIn8x5qTKmixBI-FKEpgeLKMYX4-jZLMUKTBgmajBwOO9qxwP2QXzKJ-31KWW2fGaNMqnUV8SNfyv7FMEskiaWb8igTfWxD8keTgoke6HtFuspx-2RCNdbATss_MUYVG_eHZyQaSUvzS26WSbAHOjkGrv6C89co2Fnz2xXsaKpc3TJy3AdqoSQXHcfN0z9L8WBttrb9cV4XzURygiLql5uAvnR-DJj3X6IEk0addODEjpZjkFppfSKdr_lfolk69_Wx7Lg7SELIQT79iF23JyWVh4dXF6qAMMd_Rx9_gJIx4GTuQd3MhTTLEoXG_BwaNMUc9ZWzlOg1E70qEJZnn4oASPvd6of7vctsHLnJOc2g3S3v01N9Al7eMyJRB5bpnYl0Mk9Ivxz1OXFeVb42kQ%26adurl%3D&documentReferer=https%3A%2F%2F2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fskypost.ulifestyle.com.hk&random=6740604458863&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
2f71ffc212772a83f001af8427b24971df177941530fa601407e24ea298d4daa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 03:22:54 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
62741700009923110115217012517029
Connection
close
Content-Length
331
Expires
Thu, 23 Nov 2023 03:22:54 +0100
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 5385 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 23:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
100885
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Nov 2024 23:21:28 GMT
container.html
2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F0CA 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 03:22:50 GMT
expires
Fri, 22 Nov 2024 03:22:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
c.gif
www.bing.com/aes/ Frame 5571
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=cae221c9-d02e-4166-a7a0-32a32837e08c&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=391466&publisherId=162645330&rId=a0405d62-d2da-43b6...
  • https://www.bing.com/aes/c.gif?type=mv
0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
2a02:26f0:f500:6::216:5bd4 Munich, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 460BCE7BCECC413EAB051E4705CF091A Ref B: FRAEDGE1117 Ref C: 2023-11-23T03:22:54Z
x-cdn-traceid
0.94521302.1700709774.7c749af3
vary
Origin
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
alt-svc
h3=":443"; ma=93600
content-length
0
quic-version
0x00000001

Redirect headers

expires
0
pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Thu, 23 Nov 2023 03:22:54 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: CA104D33D767441C9A4002CF74BA83CD Ref B: FRAEDGE1719 Ref C: 2023-11-23T03:22:54Z
x-cdn-traceid
0.94521302.1700709774.7c749ac6
vary
Origin
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=93600
content-length
65
quic-version
0x00000001
grumi.js
rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/ Frame F0CA 		596 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f7a97ee90e3bf0d416db4ef3985282a52d6b13b41d8b0d89a22f4baef188198

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
x-amz-version-id
0JQDHGo3POVU8V3JnG0OKnZc_UxWgL_n
content-encoding
br
last-modified
Thu, 23 Nov 2023 02:55:37 GMT
server
AmazonS3
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"9c5082ded7990ce8b1325b69f7892c1a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2
x-amz-cf-id
I_oz8rh8fCQ-keh_Nfkt2QROoNgVpnNt-1n7lzei6nJPDct9U4A4LA==
request_content.php
hal900029.redintelligence.net/ Frame 4B8B 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/request_content.php?s=62741700009923110115217012517029&a=73ab8b0b
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
90fe5297dc1c317831e03caa6c2d9dfef0208050e632b50bd865782b08147d2b

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2299
Content-Type
text/html; charset=utf-8
Date
Thu, 23 Nov 2023 03:22:54 GMT
Expires
Thu, 23 Nov 2023 03:22:54 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 9BB8 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 03:22:54 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame BB50 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=2725&pub_id=2192392
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
67508
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 23 Nov 2023 03:22:54 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
453, 390423
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230112-FRA
X-Timer
S1700709774.077244,VS0,VE0
rd_log
ams3-ib.adnxs.com/ Frame 04ED 		0
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A&e=wqT_3QL2BPBDdgIAAAMA1gAFAQiMi_uqBhCNx7-nh5O3jDQYkt_U6bCHw_NuKjYJuB6F61G4zj8RuB6F61G4zj8ZAAAAgOtR8D8huB4JGwApESQQMQAAAOABLaAww9f6DDilFUCuS0i7A1AAWK7QoQFgAGiztyt4g_UFgAEBigEDVVNEkgUG9D4BmAGsAqAB-gGoAQGwAQC4AQDAAQXIAQLQAQDYAQDgAQDwAQDYAuoQ4AKduV3qAj5odHRwczovL3NreXBvc3QudWxpZmVzdHlsZS5jb20uaGsvYXJ0aWNsZS8zMzg0MTQ3L-mmmea4r-ePiueRmoADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYA42RVeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xMzOoBACyBBAIABABGKwCIPoBKAAwADgCuAQAwATy9LkiyAQA2gQCCAHgBADwBACIBQGYBQCgBcTI-Y33t4WmCsAFAMkFAAAAAAAA8D_SBQkJAAAAAAAAAADYBQHgBQHwBaTJHvoFBAgAEACQBgCYBgC4BgDBBgAAAAAAAPA_2gYWChAAAAEwGQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAeD9QXSBw0JESgBJgjaBwYBWfBtGADgBwDqBwIIAPAHoyCKCEcKQwAAAYv6M6rgNBjcmHTv441Sq3lCl1CfnEAdN5JdEI8Zm1COVbSrAs2RLMkrEI_E4RamaUXUZIXfvdEfIppIh-xyteMQAZUIAACAP5gIAcAI6hDSCAYIABAAGAA.&s=1a2e5eade301ad1f551f0228f4fdabb7919d5d59&bdref=https%3A%2F%2Fskypost.ulifestyle.com.hk%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fskypost.ulifestyle.com.hk%2F,https%3A%2F%2F2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html,https%3A%2F%2F2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
an-x-request-uuid
d57374ac-dc90-49a1-aacf-e9d1b9d9bd79
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 9BB8 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
110cc45a86a31a5f20d26a85ac76a5fe104679a252808455075fa55390f63993

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 21:12:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=64186
Connection
keep-alive
Content-Length
13229
Expires
Thu, 23 Nov 2023 21:12:40 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F0CA 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
533156
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Nov 2024 23:16:58 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame F0CA 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4245
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230128-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jndwtcp5DLaI3H6KIv4nl8Vn6EplTaSQkn40jN2D6%2B2NgS460CdVruUSaSjrfayXk8c7Eg0h%2FdrNmxpkxlGyoixMckNFqazO668bOF9tTurB1os84zdNJGPBQWp6msdWDMe1k8X8EPPHYqBQuRY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82a64a582be69247-FRA
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F0CA 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 03:22:54 GMT
async_usersync
ib.adnxs.com/ Frame 6BE4 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=11924&pub_id=1929161&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=11924&pub_id=1929161
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
an-x-request-uuid
e2e3a670-32c0-434c-b949-634a5489f803
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame BB50 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=2725&pub_id=2192392&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=2725&pub_id=2192392
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
an-x-request-uuid
82a02f84-2799-4dc7-9e34-6d4ea2e65090
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
fra1-ib.adnxs.com/ Frame 5571 		0
699 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fra1-ib.adnxs.com/vevent?an_audit=0&referrer=https://skypost.ulifestyle.com.hk/&e=wqT_3QLNCPBMTQQAAAMA1gAFAQiLi_uqBhDtk6P0-Puz2ngY1-Hvp8GhjqMWKjYJhmWmXaRuuT8RDHrEJRwpuD8ZAAAAQArX8z8hDHrEJRwpuD8phmUJJNgxAAAAwPUovD8wkrL0CTiUXUC1XkjjA1C6iYq2AViU_JEBYABo77arAXjAiAaAAQGKAQNVU0SSBQb0vQOYAawCoAH6AagBAbABALgBAcABBcgBAtABCdgBAOABAPABANgCAOAC-b9a6gIiaHR0cHM6Ly9za3lwb3N0LnVsaWZlc3R5bGUuY29tLmhrL4ADAIgDAZADAJgDFKADAaoDtwMKzQJodHRwczovL3d3dy5iaW5nLmNvbS9hcGkvdjEvbWVkaWF0aW9uL3RyYWNraW5nP2FkVW5pdD0zOTE0NjYmYXVJZD1hMDQwNWQ2Mi1kMmRhLTQzYjYtYThjOS1kNmJjZTQ1MjFiMzUmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTM5MTQ2NiZwdWJsaXNoZXJJZD0xNjI2NDUzMzAmcklkPWEwNDA1ZDYyLWQyZGEtNDNiNi1hOGM5LWQ2YmNlNDUyMWIzNSZydHlwZT1udXJsJnRhZ0lkPTIwNzgxMzMwJnRyYWZmaWNHcm91cD1rbmFxZV8zYyZ0cmFmZmljU3ViR3JvdXA9a25hcWVfM2NfcDJmX2NwJmFpZD0ke0FVQ1RJT05fSUR9JndwPSR7QVVDVElPTl9QUklDRX0SBTEyMDg1GhM4Njk3ODA1MzM5NDM1MjU2MzAxIgkzODE4NDY3MTQqBGJpbmc6OFUyVmhjbU5vUVdRak9EUXhPREUzTnpFM016TXpOak1qTWpNek5UazRNVEUzTXpBMU1qWXhOUT09wAPYBMgDANgDjZFV4AMA6AMA-AMDgAQAkgQJL29wZW5ydGIymAQAogQYMmEwMDpjOTg6MjA1MDphMDA3OjI6OjExqAQAsgQMCAAQABgAIAAwADgAuAQAwAQAyAQA2gQCCAHgBADwBLqJirYB-gQSCQAAAGBtDUlAEQAAAOBNQiFAiAUBmAUAoAX_1eTC6Ni1qxyqBRAzNjk5RjI1OEExNjk5N0JCwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFyO5e-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_QBsKNBNoGFgoQAAAAAAAAAAAAAAAAAAAAABAAGADgBgHyBgIIAIAHAYgHAKAHAcgHwIgG0gcNCQAAAAAAAAAAEAAYANoHBggAEAAYAOAHAOoHAggA8Aef6AKKCEcKQwAAAYv6M6b4eLTP346Iye2Q49XGRBA-3hMMGRauZBENDRJqT0mAkbZt-IPWWn9fLpq_YIZ8uGM0lFekYDGVAuIfsekQAZUIAACAP5gIAcAIANIIDgiBgoSIkKDAgAEQABgA&s=6612b063ecdbbc52c77f76949b61518dbdefce92&type=pv&jm=1003|1030&px=0&py=0&bw=300&bh=157&sf=1&sid=5073649821559241344&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=20781330&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
an-x-request-uuid
84d4de3e-7790-4a9b-bb98-a9fe43263a66
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
init
gw.geoedge.be/api/ Frame 04ED 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2a00:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 03:22:54 GMT
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-length
0
x-amz-cf-id
gvFSEKMotv-fPc9ZsLGJuDmxOurcZi9Mpk3Td7jilTGyDhQ7zB3h3g==
x-cache
Miss from cloudfront
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 4B8B 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=62741700009923110115217012517029&a=73ab8b0b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:07:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44141
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Nov 2024 15:07:13 GMT
/
track.adform.net/adfscript/ Frame 4B8B 		727 B
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=69427184;click=https://hal900029.redintelligence.net/c/pjvndt3os6zuy4n?tprd=
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=62741700009923110115217012517029&a=73ab8b0b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f31fb542f10d1e3a7c13e8d89df964c8f59bf3b177362f9c37af35e37dba822a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
526
expires
-1
vevent
ams3-ib.adnxs.com/ Frame 04ED 		0
700 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A&e=wqT_3QKnBfBDpwIAAAMA1gAFAQiMi_uqBhCNx7-nh5O3jDQYkt_U6bCHw_NuKjYJuB6F61G4zj8RuB6F61G4zj8ZAAAAgOtR8D8huB4JGwApESQQMQAAAOABLaAww9f6DDilFUCuS0i7A1AAWK7QoQFgAGiztyt4g_UFgAEBigEDVVNEkgUG9HUBmAGsAqAB-gGoAQGwAQC4AQHAAQXIAQLQAQDYAQDgAQDwAQDYAuoQ4AKduV3qAj5odHRwczovL3NreXBvc3QudWxpZmVzdHlsZS5jb20uaGsvYXJ0aWNsZS8zMzg0MTQ3L-mmmea4r-ePiueRmoADAIgDAZADAJgDF6ADAaoDLhoTMzc1Mzk5MjgzNjc2ODMyNjU0MSoHcnViaWNvbjoOMjI0OTo1MzM3ODE3NTPAA9gEyAMA2AONkVXgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQPMTc4LjE2Mi4yMDkuMTMzqAQAsgQQCAAQARisAiD6ASgAMAA4ArgEAMAE8vS5IsgEANoEAggB4AQB8AQAiAUBmAUAoAXEyPmN97eFpgrABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWkyR76BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9oGFgoQAAAAAAAAAAAAAAAFF3QQABgA4AYB8gYCCACABwGIBwCgBwHIB4P1BdIHDQkFIwQAAAUmDNoHBggFCfBu4AcA6gcCCADwB6MgighHCkMAAAGL-jOq4DQY3Jh07-ONUqt5QpdQn5xAHTeSXRCPGZtQjlW0qwLNkSzJKxCPxOEWpmlF1GSF373RHyKaSIfscrXjEAGVCAAAgD-YCAHACOoQ0ggJCP___z8QABgA&s=52c4096e383df0f28c498cf10983f92b79ec1ccc&type=nv&nvt=5&jm=1003&px=0&py=0&bw=300&bh=250&sid=5073649821559241344&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27175875&sw=1600&sh=1200&pw=300&ph=254&ww=300&wh=250&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
an-x-request-uuid
3268875f-c885-490d-9fca-73ed8cf5bb8b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
khaos.json
token.rubiconproject.com/ Frame 9BB8 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame F0CA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstndyiCRfcwHTzXgKhoqHxG6hzFW4cuqIIqC-bRPcF3v_qy_azFiKJw3ZKOKxglrSC6svbvHInMzzAsxClQ8Hbub37VzZerTYzWOcCc3A5WlGz0FtUTNHEANXIYT_rGRCwZDFzwLpMRtPcTamW1_sID2FzenyTLI8qXnVceuBrbvRdMCeERDN-Jwvkaa9rNlB7gOrw2vucBuHMEsDpc091d8P2yddSTtoAWSS_TYliuC2cYc8hp9lxk66cSNPHUgMvGKIoWuK3rMG1RaSgYogj-y1qC1HlhY7LITwiAYWUmcOroe3f-3mUSbVx4hpF2-MP8lhg4q8xSLHZ6wjRrALQEh3vCD5C6kiumSLB7-ngjrkP6-Sa-DO0rPIm7tQgY&sai=AMfl-YR6sFlVVYi4rExa3xN6ZZmqxJMeEnkmw2-HPo80-gigjdeLfuJZSou0MMyhrWK0a9f3Q7SedZSUgypQeMRFNkFQSPBjk1pi7G9bhXaQmDjEgh7oFdCwVg5pnQ-UadY&sig=Cg0ArKJSzE00rmknfrCWEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame F0CA 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f8c3f5777e6a2c2d7880f4e65a161b625c760fb388617eef3c31fec531db913b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
grumi.js
rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/ Frame F66C 		218 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
871ca577af93c4d834f8b2994a59ba092b267b5b5a1ed3f62598be4c010dee1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:20 GMT
x-amz-version-id
PPUsbnOFOz0w173jUyxKcyjfOa4niqGt
content-encoding
br
last-modified
Thu, 23 Nov 2023 02:55:43 GMT
server
AmazonS3
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"13ed0fce3b06b930a61ca71902ee1d79"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
35
x-amz-cf-id
asQAy4kcRKte5XIk1hbncG2Dj6iqhQWXdsc_tL6I3iPv2U8m9mnBTg==
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5385 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BdLjMjcVeZZmIMOSD4gGuoZbYDwAAAAA4AeAEAg&bg=!EhGlEV7NAAZxrfrxUa07ADQBe5WfOBC-J3JdPlcPOdXv10wTrjFBSQolZAgvHF0_B7S6wUCvL05g2OE0i9EZEmUJJgoEAgAAAJtSAAAAA2gBB5kDWsZFpgXBiQiJRVd6ZW2m_b4tp1Jbjh3ebfY8hhdT9ngd3E0cMa3oKxBzByvdrx08fKeQOZTJ_R1jMVdWsrcJaXjqKXtLjC_4s-lL3OFIJOKME4qw0CmgYonCsKWHkeb4SGwGjCqaBJdniEQAsQXWkQa5R6piqlrW0pBUYk1hqXQTtdVITVP3-uUtc7HSMswd_44bMZwUwu6553ZyKZamwnwV_7ugodYuEjGFmEw4Itg309U5zNdKevTeX_6ecpwUzODCc7a0OzslyrXUG2OVfuWfo5bO1cosFOmj56ke6rVtXFktvQ4lnYTBPfD2x2B0tSDXT4OAzII5NPMOILJ975e8JGqChRbClgz7Alcrp5Bi3jBmZahnURg6biBLAl2qw96_nxpSVGY7GJqFF4UXYlHeoCvHvdV4FPilwZ8khjbxHGG7Z7720MugC4ZUJKeO79M_diVVLomTAi7zhi9RxKM_iKPnCVvzOWHtpDJSJLEOJZT2Qy2j_sNAL8FItv4JxAHKfuGKoEfibAlNz6BwT3W_k9SD_cqHPwgNsGOTn6QUiWfa48AbZ9VoyJMhKu8QPVrYUwi1xzoUKNHDCaJdDLiMy-ko9COwBhAqACnzUcFGJz7svc2CIyOnjg4k_vaBqDA8i5vP-xq2nXjZS5-GTEpvtUGL9SSlxQFc8Ku66WSPcUXERi8H9FMWvXqRl8cDNkEZhbDYVqpzVAj_IYq6jHFHyGJDBzRnOGli7UiDDwS6kglQ_QZzuiX6zWiNta2f_hbZF9vMSxNLm1YNderI4TAgrhMRxJ1NH-0m1EKFN-LF07F5YD89R5-MUH7jek7iTNplReaoZ-R4PtC1KNr75LVKqIBFmY5b1ok6goDJMTc0avNoSYqhmFlGdZr5_4li4hx-iooi2RXI9t_s-C0k3v9eE-CxRKDE2fqJfmkk-n8OtMbXWFjNYyhmtCEDWFRu2tRcj6atzVD7ne6346zK5NZA7ZwGizAxm1CfvHuIQitr1IDs7IgE35BDo52FzRiUxtH6N_oWrdEe0vbjp7xiPrDGhr0yvtpZBUpw5X4cI3o-0wyvfmPSDfxrTrZM-xRHaMgGW9mpI19-tNE74ibL_Jxq5spvDqDNue-d6xj1PC8foCEmD85HKKw0rQ
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
init
gw.geoedge.be/api/ Frame F0CA 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2a00:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 03:22:54 GMT
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-length
0
x-amz-cf-id
SIecUtz2u-jH5YH_e4THBlF5dX4tBGAiwgLvI_jsky3j0TCV75qGNw==
x-cache
Miss from cloudfront
pixel
googleads.g.doubleclick.net/xbbe/ Frame A823 		552 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDo-4rWBRi2u8P-ATAB&v=APEucNVXdWLlheGzqwhNDsKuJmkAbCvqukU_KriF9lH7A_tIBP3rw1uvc5GeZr1RzxwDBT0MPtQnF5B_D8t0JuZndjaYS-6WlXadbAWFdMDn4ADDVJoBDAUoJEFQ8feSMLL4B2OjO_Vfj8hWKEvll7xevrCjdR3Nz8u93C4Pmz3x7HcDUMmwUI4
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3dad89bd01783443195a892365b91096da2f6ebb36b2169ab32af37344c82f1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 03:22:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame F66C 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31498
x-xss-protection
0
server
cafe
etag
4296746511219988724
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 03:22:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F66C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DGHvqu50kUhD15_kSXhvizfFAFAN_NY34Y9cVURkawQZcxkKINBFmx2NW5CufZgnR2v0NBLRcEnavwVCv5h_cP90B4eOeqskQrt5vN3pRJKFu_sN0
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F66C 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6977125126271680881&x=8&ct=77
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
755ab64c-258d-4b8f-9e87-deec43a5df22
beacon-fra2.rubiconproject.com/beacon/d/ Frame F66C 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/755ab64c-258d-4b8f-9e87-deec43a5df22?oo=0&accountId=21034&siteId=302564&zoneId=2535156&sizeId=2&e=6A1E40E384DA563B0980B2C14D85CE28F027647B0C78CCA1A1860D1C53DECE5CD41F2C5CBA830A7CC5894E66DDD34A8AFD26845D400FBB25924BC95939A744DB604C2A270951921CC43EE9CDF6DCFA4EF9BD0C60FF54E3B9ECE99E590CA72F657F71F6A31880295A57B3D6439DBA760C99A009454FE8F7436E997CB26BA6AC0E3D269919A82F2443FED46E2133348FADC58E1E3EDFFCFE57A758A794FA6F0D335C544ED260814AB6D7FC762D72EB90309235A4CDE09995BECDA10306204D320B
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::154 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:53 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
register
token.rubiconproject.com/ Frame F66C 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/register?khaos=LPAMORQB-1Q-E3VK
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
trk.js
cdn.adnxs.com/v/s/240/ Frame F66C 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires
Thu, 14 Nov 2024 14:07:00 GMT
Date
Thu, 23 Nov 2023 03:22:54 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
652554
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27680
X-Served-By
cache-lga21956-LGA, cache-fra-eddf8230092-FRA
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
X-Timer
S1700709774.241928,VS0,VE0
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
7, 846976
it
ams3-ib.adnxs.com/ Frame F66C 		0
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fskypost.ulifestyle.com.hk%252Farticle%252F3384147%252F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&e=wqT_3QKlBfBDpQIAAAMA1gAFAQiNi_uqBhDAlYOl-5mTyj8Ykt_U6bCHw_NuKjYJuB6F61G4zj8RuB6F61G4zj8ZAAAAgOtR8D8huB4JGwApESQQMQAAAOABLaAww9f6DDilFUCuS0i7A1AAWK7QoQFgAGiztyt4vfQFgAEBigEDVVNEkgUG9GkBmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgAp25XeoCPmh0dHBzOi8vc2t5cG9zdC51bGlmZXN0eWxlLmNvbS5oay9hcnRpY2xlLzMzODQxNDcv6aaZ5riv54-K55GagAMAiAMBkAMAmAMXoAMBqgMuGhM0NTgxMzcxMTc1OTE1MDE0ODQ4KgdydWJpY29uOg4yMjQ5OjUzMzc4MTk0MsAD2ATIAwDYA42RVeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xMzOoBACyBA8IABABGMoHIFooADAAOAK4BADABPL0uSLIBADaBAIIAeAEAfAEAIgFAZgFAKAF0LfC8Pq0wex6wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFpMke-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_aBhYKEAAJPxUBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHvfQF0gcNCREnASYM2gcGCAUJ8G7gBwDqBwIIAPAHoyCKCEcKQwAAAYv6M67IP5RMz7SgysClh2n4W1ilVJl3NmueZIeplIRtPzhrz3OqPMz_8huUgSQB5Nub2sXqNE5WfN23yefMJC8QAZUIAACAP5gIAcAI6hDSCAkI____PxAAGAA.&s=898acc7011febcbc072f59a60b2a227300866e5a
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
an-x-request-uuid
81778dae-27c9-4331-ae18-6eb95caa5653
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
viewability
hal900029.redintelligence.net/ Frame 4B8B 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900029.redintelligence.net/viewability?s=62741700009923110115217012517029&a=06895da2&vb=m
Requested by
Host: hal900029.redintelligence.net
URL: https://hal900029.redintelligence.net/request_content.php?s=62741700009923110115217012517029&a=73ab8b0b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.99.219.174 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.174.219.99.88.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/request_content.php?s=62741700009923110115217012517029&a=73ab8b0b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:54 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame 4B8B 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=69427184;click=https://hal900029.redintelligence.net/c/pjvndt3os6zuy4n?tprd=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c9b3df2175f6b51e8c7ca74de67d096dad198f28de115078f9332fa3fb379ab5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 10:42:02 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 18 Nov 2023 15:27:20 GMT
tap.php
pixel.rubiconproject.com/ Frame A823
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_dbm
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFmbb_dfnqjGbHrJDPaEMHk&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFmbb_dfnqjGbHrJDPaEMHk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDo-4rWBRi2u8P-ATAB&v=APEucNVXdWLlheGzqwhNDsKuJmkAbCvqukU_KriF9lH7A_tIBP3rw1uvc5GeZr1RzxwDBT0MPtQnF5B_D8t0JuZndjaYS-6WlXadbAWFdMDn4ADDVJoBDAUoJEFQ8feSMLL4B2OjO_Vfj8hWKEvll7xevrCjdR3Nz8u93C4Pmz3x7HcDUMmwUI4
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFmbb_dfnqjGbHrJDPaEMHk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A823
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjhkMjc1ODQyNjg0ODRiNWIyMTNkMjA4ZWRlNGJjZGIwNmVlY2IzZg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjhkMjc1ODQyNjg0ODRiNWIyMTNkMjA4ZWRlNGJjZGIwNmVlY2IzZg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDo-4rWBRi2u8P-ATAB&v=APEucNVXdWLlheGzqwhNDsKuJmkAbCvqukU_KriF9lH7A_tIBP3rw1uvc5GeZr1RzxwDBT0MPtQnF5B_D8t0JuZndjaYS-6WlXadbAWFdMDn4ADDVJoBDAUoJEFQ8feSMLL4B2OjO_Vfj8hWKEvll7xevrCjdR3Nz8u93C4Pmz3x7HcDUMmwUI4
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjhkMjc1ODQyNjg0ODRiNWIyMTNkMjA4ZWRlNGJjZGIwNmVlY2IzZg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sd
us-u.openx.net/w/1.0/ Frame A823
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECLl1A-nSt6aXMnAkr1qpbA&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECLl1A-nSt6aXMnAkr1qpbA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDo-4rWBRi2u8P-ATAB&v=APEucNVXdWLlheGzqwhNDsKuJmkAbCvqukU_KriF9lH7A_tIBP3rw1uvc5GeZr1RzxwDBT0MPtQnF5B_D8t0JuZndjaYS-6WlXadbAWFdMDn4ADDVJoBDAUoJEFQ8feSMLL4B2OjO_Vfj8hWKEvll7xevrCjdR3Nz8u93C4Pmz3x7HcDUMmwUI4
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECLl1A-nSt6aXMnAkr1qpbA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame A823 		43 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDo-4rWBRi2u8P-ATAB&v=APEucNVXdWLlheGzqwhNDsKuJmkAbCvqukU_KriF9lH7A_tIBP3rw1uvc5GeZr1RzxwDBT0MPtQnF5B_D8t0JuZndjaYS-6WlXadbAWFdMDn4ADDVJoBDAUoJEFQ8feSMLL4B2OjO_Vfj8hWKEvll7xevrCjdR3Nz8u93C4Pmz3x7HcDUMmwUI4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
track.adform.net/adfserve/ Frame 4B8B 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=69427184;click=https://hal900029.redintelligence.net/c/pjvndt3os6zuy4n?tprd=;js=1;adfxid=1x;10128;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0&CREFURL=https%3A%2F%2Fskypost.ulifestyle.com.hk
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d3a7f90c98e8671fad20b48df345749b75e18c4deea652d1c456441e29afded1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1973
expires
-1
view
securepubads.g.doubleclick.net/pcs/ Frame F0CA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNKWfsI_6Gjy7J1IN2I_Nq1Efg1sur3WnIJkbKKkN3FRb4mubh_5BvEJj8OEii9b_6pqvmGT-KNsIbw_hv896Z0YKUoiqzEYDmFzoJzeQ2EqD6CURYMRSchc5AhrPftebOv1nqH23iniY-FDmk8cfobi-dhTcNPCjkFbJpP0oyKgA2pN5ewh8Bj6kxigW0j-JBF3fULrH9zE6aXETWHNvC9kf8WgVfd5hgwuV51OboMs-zU8_iMXgP7EKbAeWuD4cz2WILzeRdR2A54LHyTgC19NxmjafDDVyEVANTTc6T6IQoTmoT-OklnbXBeDh5gGF2G7IF9FFlas_j1I041ydG1Cmor66qUKk9329swDJav18NRsoRxtJjhJvjnuyEenY&sai=AMfl-YSe7V4BU8C8wyqMwx1FdST7VSNwyV0v8pOsMU_8OgH6dZ_Zd_1J2nlicvv48XhpKc2fLs-LNMYV5rPmeBsxDquomO74XSAfsOri0O_-E86fqOd6Y5l1r06jHvWi90Y&sig=Cg0ArKJSzNfWe58QHCreEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 23 Nov 2023 03:22:54 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F66C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1274657219501&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F66C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1274657219501&version=m202309260101&ct=77&x=8&cor=6977125126271680000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame F66C 		22 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CebZRK70TZUiA2OMC_Z_HbzN0D5KRQrCHlojKPIgZFZTCJ1fKCvIYuL8I4gjmqF3_fLDjPdqFwgra05JBWoQ-FhOc-Y4HIvZOvVWveDbFavy6i03JjAq45iXBfIyIhfFC_mVoTvma1KS3ogNbKnpaw-W8x6AS-VCI84ibTIJZ9-hvIAkE&cry=1&dbm_d=AKAmf-A2OuGY287ufSsncIP3b5Lrazd8lInwJeQLtAywkf0OnZKBqCaNZ3dD6HmxFkYwZisG6J6FR_NNr4iDaCLjk0YV_H0qAT59BRXZge7eqe92mc1uoY85pQpzPSE1v0_54Z-wG8eGN-gj7jMgJatMINqrUZwZYTobTo4TkLyoi-uIx5T2lHfcoK-eyxZFuhSkTICaC7eqs6f7SoSEVrGBYAJZPvg6feP60DdZAvh0o-1aHGxHBW2gX8pM3BsJJ1_R1io5VvzX06mmgWexziAW6XK2F3E1WM1vUeGfvnvLVNp_t6cLGAeQS1AWqMdCDvlHfXx2LOCWdPteBiE-mif4NYX_4k-EiwfOiPP7rQu4VsAXEt0Ath_hYUZ0eLQoxWV513StrGMJVP9N5nfkIGy359OgLemrApt9DC--T9nZI89d8hEKuOqI0uvJqYYRWKyd_O7tBQyYAGZV5dlKDjunMQ6UydsqMjs2tXx3t6vI6p3jII_moaG4JDMkaDRGTqPsD61bG06Jpmkcrk2sIp3zVwzVQtJNNDfrt3hgY7zsa14trkG5zFVDbgbsanNJaUxxw1oCS5-9J2gVezaDRXz5YFeaUhRQXnnLCkP5JOeNG5fjy08eqEwTOhwD5kaz65KXZtRQBHkeOSJoFWV6Z8MNlCSL_jdC83TB35Ua7jWpYtXaxWyE7g-Sl9NDLz64MGmE2W4WiUqAOzVnI4I58QZLj4rzJnUpQOMEyhdaV-_FK3VR1qaNphYuJiXkgOu9lNrqPXG1oGA219lNOm8WcIid-suKAntBVLGVfARI1wWh2_y214fsEPkZ3bdyuhwa94K8x5KWFtST0m9Kqv0c_68tdLJmzMNUeGbgvxxkoUcfXComt1NcBMYyQQVReY7f4ylHeQNi6sBuVdOFLSX71fg1XPDvpN94kXRaTRudE5GMqQcOU0R8-xxEqmK-MqcXy1_cqJg8Kq2nrkrfVK72vrAlRR1EU4dYFwCENzRX7LiHvKrc3sA7dREQ2biJU_oIuxnKQll3i2rE3Nga7lnlXaxVlDskeu3m44BC58DgEHLkscJfbT3koBO-5LhjZuOl4yZ1n7IFIaCYGCD3BeCvOlzGWEP8VOhqAiZBsdaqHUArwl2IqGryMJUIMpa0Mzoiu4LVMmDs84ONofle8Ytv32itfGQ48t_m5DaQqy0lsCQ4TiiNT_mlB8ujC_SDpsnLwZUP2kwoSkMW5X66g5hA8iNeQO6teyTShW0GHkdTrxBRlvlGxXwKoS3zJodinLeCd2URP61gC5oMP5gV0xwCugoiQwLebPIp83pevbWZlHgQ3kp5ld_cSlI131pwSo7B2lt5GNojJLIozoUhsLQMbK1Ru-AkWji8t9Tw9giuFB1y8BnrHozFAhlULORQbigK0jPIv65T9VVfXNqiXYDX-LzErHwP7snbED6nyKfvFKCRSm3_v8RYxwHD1q8p4Y3aeVqX6kKrvyIx2UJMkUtPaAD2xuB8FHTzORWqgwTtnJ3xuPJUyf_nri0Kl5jVfNbDVF7PysJyke5lnGO6GnYDPmJqP5dyScsJaIveDMnJjef3VTYZN36QMYMmWSip_jeN3cIHRfO-vePeHk_TRV-lh31-zkKnbAFTINGd9Yf0pTtb38f6kkKYpp8nJhHcKcYFC4q78LQuGSkOqlNdBd-p8L72L6cD4TaS-DWiETEuy4t0clQeIOrpw_cEXNgcKjcVG3sAdHqSpwpM_n4Mil9eMHj9dgLH8noE8VRtfRymIY9L0XkC8xKYKybLeP4TagnuHREqQLvcNjFYRr0MB8BEsRHhhEum-s81jzY0V8nYr3GjRZAhBdvpYx8w-kSeNrTPplsUckb268RPJeJscq4H-cF3QBHM2AENIidWwKZULDfIXRfb3qsqFk9ucTk-XSe8kfW6--4TGovvZIEQB33HuCOJUh2-Ae_4W5rHi_tdMvHp5MhkFWVnYSVjtnIuJksoIIwQu75coMcDS-4eqFjQXHYwxozxsmYEnX_PBw4Iaf3_cTk6pvxifhpwtYWC_ePrkaWfbVYrqe4GF1sGMOMjTpPE_6UcsGJLhFHM0MfQfF6i5d0D2Za39ygJMSS6Jg_fAsx5qSxlTgUVmQEivaI3J6fqBir4a_7uyLZcuyEcowybOKB9ruEzbceDJtfTS56sXBUukAy_W4N9gY8d4RVKraX6zdAEy0K4RgIlo3zvvmNQ8jSaBuJfdHwK3bJKLbC9KklgfNftO3cqZGdOzWTKBK4caRXsmr3-jsl6A64rKYzXpI7j2_xLyjDqqR0uLa5ugvjSKqN_Z064fDf32g-dgzoFWqhhhK-6OE0PmTrqMPc2xR5gtlaVPI-wz74ROya60id_1A0Nr2r5TcbrNg-r6Gx0aWfftccfhSXXDiRmC6sHNNuYTs-5t7mv1Di8ctFlWrXzIUolw2HnUSZPPh7d1D5klDr96BpYPcWpJHhMmwO3vo60uPBO13CU4YbaAWNm9eV6cAQ-UQcBV-Sk-K_0qv5ZQm4x-PCV4ykEkUCqQbg6WdwsxMPw1_a93fn_ovPkH0hX0eZt0f22ddRMIlRXn7Oc2B8jk-nfs8fZzSqN6870578OAX6kW-rbVHEw-j0NWJAYGc0HsTkrFSBr1UJJ0GxMUJdBK2LUSNisRQG1GTmxQh8kiJfCTqUzMRNZ19F6boyu-htEz71ZRarKzpPVMNRtWZfPso-BVAyQ5sLLRpmRjI2leMrCYtX3aufoqgOkUJEbbjT940ECk34008tw07DbRYNeZjbACuZ_zlFBWn5ccfj9nDdQAqCH4oLFwFQ3mhlAWDi7pgXC6m7NeBrZ5KKq9idoNYs_p1VnRRXwekkH4AwgdHN3lcg6qmyvrCgjdpZ7pCw75KkvaPfbE0ZoR2jvjQLaAMEljfb5CWpEFoadPfQNGTbLhpwRIHly7gjBNh0oEplvQvhqEgyAvNkJawbyZH7gR4qmPg-OymWjapVQu_vpr5updqctP0dYg-NyJB947lXfswOh90XMHuYWfZOKlDaf8immmfSf_XjsNX_V_Kyl3CctWbW7FxxAwBkW6zJrxuadS5nkhn1z9TbYgMnKdUV9vGZuPAmPXE8ubocUfUogJZGkWmXxGzumfW4ebPQAwkev1Ojq0YTL-q8ah0cp5xBHw5VtHIA91P58WRYAX3N39hpDX4ksY93whmW8zvSJ8EvLv6beU3Pi8ykXM9kGLKmPdN5Gj7C87TPT3sKM0t7g0vqlm1x0u-4ZqQyBumO_IJVoO-fSoJ2Wq4mG1rhFBtFl4OLxBDLKSk7r3Zu2lAdClob5-5VhDlQ_cE6t7-GYUJ_vGre8x8yfiqX1WaL6Tz6-kCNsqs65SYZLEjWmAX7SWJSvBXo6iQ8oIfP5aRHEpvbWftZhceGCw9cFSus9SClmCKsTJzhe2XGIPaZr0ZhQJ8OTuhCIl2T6CvRtZXVForsm0FtUNLtRwNVCSoMKoXbsoDxRPyVcGk2dzb6urhi2XXa0hOjaFx8gI1eqRxQRY3IKMCnI241YZwYTn8SN-7A24umj1feZ5I820jf3XOgiHH5xSnUv0BYqT1KOLrt-kd9dtgbrajQ9HUbjB_9Ced5S2tcjckIBCTmVpuDF2_Uw8DOeXQ9lTZbClYkFaYocabOvAJpcoLhAV0wSrWa35PoTMi1UHi8wPznQzMn41zeQu1YDupvn9cou7SpA1UlmNTPkAr4ao5qVv4c_fidH8ruPs2IGTii066jZr1xjgu2ONGZEg4DvObJhpM3eXAI93LTbrfCAv418uIDXiSTsos0k8CcUB3vh5TlA9Gd_jmUIZghBG-obeIiA2rBQEZFK_p-3ECwwNWEj9C4fazLXCXLE0uJwirDWuXEbEqwmjV2ZNMeG7xgQHmMr8oiZqMUmPh2Gn1-lLTXh-WvjyfjCi-429Bbp48H6-i19YQQ_NxWJEPyZBSHRngTYqa1Efg4hsVukqqQ7&pr=8%3A2B33B2EB41D5DBD3&cid=CAQSMgDICaaNjjuMdUalcfc8bz9bJecBThw7VHTeymADAt6MJF91F4B0gFfnI7o-cH8g3EesGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dc_eid=31079495&dv3_ver=m202309260101&rfl=https%3A%2F%2Fskypost.ulifestyle.com.hk%2F&ds=l&xdt=1&iif=1&cor=6977125126271680000&adk=3820307439&idt=62&cac=0&dtd=2
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed9a874e8b47ce191a4ad064ef65d58049f95cbb3654bc91176f87cdf08691f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14992
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 4B8B 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F66C 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 03:22:54 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame F66C 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
465466
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 18:05:08 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDcwOTc3NDMyOTgyNwogIHNlcnZlcl9pcDogMTc1NjE0MzM3CiAgcHJvY2Vzc19pZDogMTc3OTQxNDIzMwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMzk1MzMx...
ad.doubleclick.net/ddm/activity/ Frame F66C 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDcwOTc3NDMyOTgyNwogIHNlcnZlcl9pcDogMTc1NjE0MzM3CiAgcHJvY2Vzc19pZDogMTc3OTQxNDIzMwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMzk1MzMxNgphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vam9obnJlZWQuZml0bmVzcyIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA3OTMwODk0ODg3NTIxMjc3MjE3CmRlYnVnX2tleTogMTg5Njc0NDA4ODUyNTk4NDMxNgppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjMtMTEtMjMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMzk1MzMxNgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM4MTQzNzk2NQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTUyMjcxMjA0MAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMDc4MTE1MjM1NAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDUzMzc4MTk0MgogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9qb2hucmVlZC5maXRuZXNzIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0Cg
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xc644402e31637aff0000000000000000","13":"0xe261829ac40c56bf0000000000000000","14":"0xf579b5c7686e58f70000000000000000","15":"0xfa5f950e6a9e39700000000000000000"},"debug_key":"1896744088525984316","debug_reporting":true,"destination":"https://johnreed.fitness","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["13953316"]},"priority":"0","source_event_id":"7930894887521277217"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6xonarohpn0t
hal9000.redintelligence.net/zone/ Frame F66C 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/6xonarohpn0t?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCaV5ejcVeZee6GunemLAP_ri3UOTgy6907aH-iPkR9i4QASC6vvAWYJWSqoKwB8gBCakCDan0aNlFsj6oAwHIA5sEqgSxAk_QJepX5Atw-xWWNo6zC1kAUmvBkasRPU83_xeyrdUjLi4pKxVLDgWKLdXQIplVyap8pwQIav6ppG2x2hNbteR7ls3hfibP_A2im-iasMA_RodtHicoxCh3gcDR5k3MfWcXCkhhkBIxSdu2UpuePAdW_XDhqp0cgjT7HzaoaCWKgRmgnkbWHoz4unu-r_JtIeOaqlM1MPTQjBLuTG0cA4yQy09yqeH52Lp-hdmTzHGdiss_ElSmjA831PAn_dXg8iJF4oy9NJ8AZMN_zhX3iVIrnbyindZatjg1d7A2-A9riVKDvmOQQCc14xnIair7rPM4A2O_8tQV651-06IEFZAcN85-9ZUImqBCNeDSwl0OCwjmFnWCHqmwMtrBhFStRm3Baq1h6bTik6oKLZHQieonwASJ0ZeIvATgBAOIBeLwnLVNkAYBoAZNgAff2oaiBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF8yAqoCOgKAQEi9_cE68ggfYmlkZGVyLXhhcGk6MzAyNTY0OjNDZGh1a3k0ZnlLa4AKBJgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBOVy8kV0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSMgDICaaNjjuMdUalcfc8bz9bJecBThw7VHTeymADAt6MJF91F4B0gFfnI7o-cH8g3EesGAE%26sig%3DAOD64_0IvEbAYo58v6sBQLCZUYMh3Mk7QQ%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-CFZQ1B6_WXwvDFaKy7b4YQ1ywFvkBy-PXkawbtUqxS7wDAmq9raTJQV9Umw4pV2N9ILnE57ma1Hz6U-sGapzyLgCxX-WbmHpVE_Kpk_QEqc6PKeuM6Md1GiZosJT9ciPfJhXu5wThz3YCpY6YeAA9z4r9UddbOuBrJ-VT-z3qgFF4ZcHc%26cry%3D1%26dbm_d%3DAKAmf-Ax3T5CDm4akZessKRaC0MGLLZ7EbhQm0XkGTRPo9JAGbMLrq1YeNpLl07xawDGEo-2HxV8WsLewTsCwTPasHCHtznKPBms6ddjJV-Aa4eUeT2nqAYU-YM1PJpUEt_iAyDhCRY5V9oqDTPn-NDQ66BfmyYz3O82MXmhYXpIAGPf4VkIk3_XnG22Ha0SYQYTbrigAhc8kRSucl2rllEe4-7ai2i5sTR0X0WxMp9qLDTwqiK98-SDk19FFXY9E_nf-7t_UD5KNBChTPNcTgjmouR5OLqauiTzMYLOdgvR17TO6HZBoAvd-8f-MCTtWIGX7tPqAaeLJcCa_NIyf08mCxUOD20HwhhAyECHuoEMGFnB0KvbwbATzedCvQxE3VjCs03bBlSxTPxLFBP511OKlD0Xw08R5YP5kj-Ul3o4lmpysQH9SRm0o4YEweo-tim7KNZRCrNIGejTBnoV3FgKWRaEhxf_QnALYJznMY1QNSxjw_mmLD7mJxHPcoXn1Fl9iY2cA-Rn386w4Mqq9OkqRm9XoIYc6mgMCZX-d71ynO7DU4OVz1RmuNSTvRWD0hNwri1CCgYsGqp1bnq58ClZ0Yu_t6zHig%26adurl%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
7935c83a94610a08661ea3542a9e2e53eda077b11a16a262fd08cd1ffccb3f0b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:54 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4257
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Standard
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 4B8B 		91 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
80958b705988fc97f2179c7a83acfc7353d1145e50ffd2680bbe3e08254708c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 10:42:02 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 18 Nov 2023 15:27:20 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame C67F 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
368589
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 20:59:45 GMT
expires
Sun, 17 Nov 2024 20:59:45 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
request.php
hal900021.redintelligence.net/ Frame F66C 		611 B
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900021.redintelligence.net/request.php?zone=6xonarohpn0t&nw=20&renderingType=javascript&namespace=a7e90d29ed&subid=&uid=6d2b162bc1091f8e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCaV5ejcVeZee6GunemLAP_ri3UOTgy6907aH-iPkR9i4QASC6vvAWYJWSqoKwB8gBCakCDan0aNlFsj6oAwHIA5sEqgSxAk_QJepX5Atw-xWWNo6zC1kAUmvBkasRPU83_xeyrdUjLi4pKxVLDgWKLdXQIplVyap8pwQIav6ppG2x2hNbteR7ls3hfibP_A2im-iasMA_RodtHicoxCh3gcDR5k3MfWcXCkhhkBIxSdu2UpuePAdW_XDhqp0cgjT7HzaoaCWKgRmgnkbWHoz4unu-r_JtIeOaqlM1MPTQjBLuTG0cA4yQy09yqeH52Lp-hdmTzHGdiss_ElSmjA831PAn_dXg8iJF4oy9NJ8AZMN_zhX3iVIrnbyindZatjg1d7A2-A9riVKDvmOQQCc14xnIair7rPM4A2O_8tQV651-06IEFZAcN85-9ZUImqBCNeDSwl0OCwjmFnWCHqmwMtrBhFStRm3Baq1h6bTik6oKLZHQieonwASJ0ZeIvATgBAOIBeLwnLVNkAYBoAZNgAff2oaiBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF8yAqoCOgKAQEi9_cE68ggfYmlkZGVyLXhhcGk6MzAyNTY0OjNDZGh1a3k0ZnlLa4AKBJgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkRFsBOVy8kV0BMA2BMD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSMgDICaaNjjuMdUalcfc8bz9bJecBThw7VHTeymADAt6MJF91F4B0gFfnI7o-cH8g3EesGAE%26sig%3DAOD64_0IvEbAYo58v6sBQLCZUYMh3Mk7QQ%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-CFZQ1B6_WXwvDFaKy7b4YQ1ywFvkBy-PXkawbtUqxS7wDAmq9raTJQV9Umw4pV2N9ILnE57ma1Hz6U-sGapzyLgCxX-WbmHpVE_Kpk_QEqc6PKeuM6Md1GiZosJT9ciPfJhXu5wThz3YCpY6YeAA9z4r9UddbOuBrJ-VT-z3qgFF4ZcHc%26cry%3D1%26dbm_d%3DAKAmf-Ax3T5CDm4akZessKRaC0MGLLZ7EbhQm0XkGTRPo9JAGbMLrq1YeNpLl07xawDGEo-2HxV8WsLewTsCwTPasHCHtznKPBms6ddjJV-Aa4eUeT2nqAYU-YM1PJpUEt_iAyDhCRY5V9oqDTPn-NDQ66BfmyYz3O82MXmhYXpIAGPf4VkIk3_XnG22Ha0SYQYTbrigAhc8kRSucl2rllEe4-7ai2i5sTR0X0WxMp9qLDTwqiK98-SDk19FFXY9E_nf-7t_UD5KNBChTPNcTgjmouR5OLqauiTzMYLOdgvR17TO6HZBoAvd-8f-MCTtWIGX7tPqAaeLJcCa_NIyf08mCxUOD20HwhhAyECHuoEMGFnB0KvbwbATzedCvQxE3VjCs03bBlSxTPxLFBP511OKlD0Xw08R5YP5kj-Ul3o4lmpysQH9SRm0o4YEweo-tim7KNZRCrNIGejTBnoV3FgKWRaEhxf_QnALYJznMY1QNSxjw_mmLD7mJxHPcoXn1Fl9iY2cA-Rn386w4Mqq9OkqRm9XoIYc6mgMCZX-d71ynO7DU4OVz1RmuNSTvRWD0hNwri1CCgYsGqp1bnq58ClZ0Yu_t6zHig%26adurl%3D&documentReferer=https%3A%2F%2F2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fskypost.ulifestyle.com.hk&random=997102794844&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
0dc263d082aeb5d24a27f0aa073bdcbe4c53447206b651e9f157cc550520cdd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 03:22:54 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
28959000007914310115215012517021
Connection
close
Content-Length
329
Expires
Thu, 23 Nov 2023 03:22:54 +0100
gen_204
pagead2.googlesyndication.com/pagead/ Frame BC25 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3977232963893&version=m202309260101&ct=77&x=8&cor=16165708509777740000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame C67F 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 23:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
100886
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Nov 2024 23:21:28 GMT
/
track.adform.net/csimpr/ Frame 4B8B 		35 B
601 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=69427184&csi=r_2vhpGIRF49WnqtiBFx5msywfn_8hAs6qz3ddpFjcgJDwKV3Zer3GSlJSGhwD2_OZtic5WWWWrw-Dt0SassEt6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal900029.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://hal900029.redintelligence.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
13883522.js
s1.adform.net/Banners/Elements/Files/169192/13883522/ Frame A009 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883522/13883522.js?ADFassetID=13883522&bv=258
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
71fc7a9e6cfbe62e1e13cef84f6a3da37d124b5b288b5004325661bb4196ddf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
gzip
last-modified
Tue, 07 Nov 2023 10:00:31 GMT
server
nginx
x-amz-request-id
tx000005812e3359fbbb08c-00655712cd-3295cc06-default
etag
W/"a39653037c67c04df02058d36eb5b0ed"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
screen.css
s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/ Frame A009 		2 KB
960 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/screen.css
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1d1291048a328ae3397677304ea025819c3e555cf5d4bf9fd09d6937515468ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
gzip
last-modified
Tue, 07 Nov 2023 10:00:31 GMT
server
nginx
x-amz-request-id
tx00000b43be12e3d8ca901-00655712cd-3295f919-default
etag
W/"e888adb8579084ab17f9a96e92a9a2e7"
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame A009 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=630
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7a785e8b2ad30e6279397d656a61f70ad6341ee944c310df19593d8fabd79d9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
gzip
last-modified
Tue, 21 Nov 2023 08:14:37 GMT
server
nginx
x-amz-request-id
tx000003200605ea56ced66-00655c671a-32959ea8-default
etag
W/"d66b8df08256b7e89279e9f83d1d7c5e"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
introfill.png
s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/ Frame A009 		183 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/introfill.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1ea1bea920eff31ce7a0b188ed36f593ac1a6c4204b715cf3f788da4837ee8ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
last-modified
Tue, 07 Nov 2023 10:00:31 GMT
server
nginx
x-amz-request-id
tx00000acc379257781f3bd-00655712cd-32959ea8-default
etag
"c926f04900f0228cb7483b30965c72b5"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
183
disclaimer.png
s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/ Frame A009 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/disclaimer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b09e392e6dbf849518e28b0fc0cd8e57b80d3b80a4702597d7214a90f94784fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
last-modified
Tue, 07 Nov 2023 10:00:31 GMT
server
nginx
x-amz-request-id
tx00000677ef29be0d965d9-00655712cd-3295f919-default
etag
"d5f6aa9b1f68716b1b9ad627e6e613d0"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2754
text1.png
s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/ Frame A009 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/text1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06c892a75aec057a1be47de0096ffd1c92f8333770440f6d956842d936952bf8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
last-modified
Tue, 07 Nov 2023 10:00:31 GMT
server
nginx
x-amz-request-id
tx00000f7e9e9dedc4e87e4-00655712cd-329558a4-default
etag
"209b60427a402823df8a2622fb135d74"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2988
text2.png
s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/ Frame A009 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/text2.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
698d5df68d6a11f141e23862c8ca6da810e401d3084441ab5a662a1077725daf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
last-modified
Tue, 07 Nov 2023 10:00:31 GMT
server
nginx
x-amz-request-id
tx00000416e71336ddb1b73-00655712cd-32959ea8-default
etag
"8449545750e6394bf8412a7db24a7f0d"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3664
text3.png
s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/ Frame A009 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/text3.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1d2686d2f2f97b8b72e5b7557cf090bafb1a214ea40dcb23e3f5f168cb7394e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
last-modified
Tue, 07 Nov 2023 10:00:31 GMT
server
nginx
x-amz-request-id
tx000006257071d75cd927e-00655712cd-3295f919-default
etag
"c2b3f4a385ef88ce38538a8263b6325c"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1103
logo.png
s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/ Frame A009 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/logo.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
625a9658a316b6dbba0c0c403181aeaff4e3b7ee48309f50a88f9445ab09d02e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
last-modified
Tue, 07 Nov 2023 10:00:31 GMT
server
nginx
x-amz-request-id
tx000005b28c6883762a10f-00655712cd-32959ea8-default
etag
"56ac6fd4a3f31e6ae2aebd1c38cbac3c"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2011
logoend.png
s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/ Frame A009 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/logoend.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
086691700a9c65149e633342fc9492e9a3ac65e68244f050d296c8cd1004cda9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
last-modified
Tue, 07 Nov 2023 10:00:31 GMT
server
nginx
x-amz-request-id
tx000008bf19cf017288876-00655712cd-32959e94-default
etag
"e30be42f293e4541e550d125e9df7c1a"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1479
date.png
s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/ Frame A009 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/date.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d46491a15a9c3b82a70c1f7d90ddb72da09ce6a1eb29e22530e81f08a9d55320

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
last-modified
Tue, 07 Nov 2023 10:00:31 GMT
server
nginx
x-amz-request-id
tx0000005bdb1db3ad8c1d7-00655712cd-32959e94-default
etag
"c965dee7a0882a227e50e76c14c4ddb5"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2391
model.jpg
s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/ Frame A009 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/model.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
36abcc22b21374ae58cb45bf18c9836e2b680d63424d4eabfebcd255c7db9822

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
last-modified
Tue, 07 Nov 2023 10:00:31 GMT
server
nginx
x-amz-request-id
tx0000035f8b38eddc6cefe-00655712cd-32959ea8-default
etag
"137e0f8716b95df6e6852ff8765adc69"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
49918
studio.jpg
s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/ Frame A009 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/studio.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c459aba722553c161b36ae97e149e3c1935d4a989a80cd9fd98b2b9419ab4696

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
last-modified
Tue, 07 Nov 2023 10:00:31 GMT
server
nginx
x-amz-request-id
tx000002162172758344bcf-00655712cd-3295f919-default
etag
"274b3e4beb44a1438b3c0b9b951bdc68"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
49488
background.png
s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/ Frame A009 		153 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/background.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
660dc0188eace48376ad5612eaddd6e8767dcfa7c718763a9bbea64240c4c6b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
last-modified
Tue, 07 Nov 2023 10:00:31 GMT
server
nginx
x-amz-request-id
tx0000093e5a3d14337f24e-00655712cd-329552a5-default
etag
"f9f129d1348715c62fe58562621a50dd"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
153
CSSPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame A009 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
935290
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13669
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-9833"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qlbLOP9zbAFLDrXlNxy3vZjcRN3TK%2B8KmWa7nonvi4ImKpZiz%2BCRP3Qvn5lbZa2%2FWap98ZrHv%2FPFvMXtY74KOvZc%2F0ZZuaKOwTsDLPl6CeQZkHwE2JEH7IsYIn3lY44Q1HVctfu0yzo4g3eCmkB0D1Wj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82a64a5ace55914d-FRA
expires
Tue, 12 Nov 2024 03:22:54 GMT
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame A009 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1045433
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1730
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-146f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AGFwSEM0WjYn%2B8SOKfZQ2vVRegsQrSGi7Hj4qWgIVZVpTgcr2hgzoCsE1n9Vb%2FlnCWwBMZE6wtniJLbnnaG2gQ1SlkpaO89O7zywRZ107JjNSHa8d7VtmJRo1usKPAncUOkmnA1k7cCWRY4d%2BuxEhnAS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82a64a5ace56914d-FRA
expires
Tue, 12 Nov 2024 03:22:54 GMT
TweenLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame A009 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1029897
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8578
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-697f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9BWl30EHW95JaZj%2Bl12TTMEYHNcItW1ZlhXTB%2F2NGtmkVplqY%2BDCOblmzpHMoXdp6Q8T%2Fgj9uVyrKgckIMYQSUDBt%2FgGuN%2BUFqGysGVXZzTCu%2BBZekY9EbTIOUIyjZHmHOIeu2htp438yMuuqo2Dza21"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82a64a5ace58914d-FRA
expires
Tue, 12 Nov 2024 03:22:54 GMT
script.js
s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/ Frame A009 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883522/bvpath_258/script.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
9489e5f11a42e488563cf12b61d78263103700eb19080b97128e49e214b90090

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900029.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
gzip
last-modified
Tue, 07 Nov 2023 10:00:31 GMT
server
nginx
x-amz-request-id
tx000009801d2cc5f67fc13-00655712cd-32959e94-default
etag
W/"b9fd51f654d012f120d61a095426dd0b"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3272521849198029&correlator=446891212526439&eid=31079668%2C31079673%2C31079657%2C44807410%2C31079525&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=21751243814%3A183518426%2C222913-728-90-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x90&fluid=height&ifi=11&didk=4118654607&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Dd99d1b6563fc9bfc%3AT%3D1700709770%3ART%3D1700709770%3AS%3DALNI_MYDU_TML-Ek6t8eK8e6Boe8HJL4LQ&gpic=UID%3D00000cd89979a03b%3AT%3D1700709770%3ART%3D1700709770%3AS%3DALNI_MaarDuukHbRQr1v6TQrHobzRdUQBg&abxe=1&dt=1700709774543&lmt=1700709774&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&psts=AOrYGskMurQZiChUeTXsXh-SFSzrONJ3RjSjnc7GLRQxWAwJiWsCgc-4pI1VV9ZEgURZ0RLKEoOF4j4NJ8OVJq5xYkRvMglf3zw%2CAOrYGskIS98r6q_N0WnShcbl_cfM_LGqTBQzRygQN1t_-k-DcZ9PLRp4VQ4AECOAgiOR2ErBFrLo14qipIyRhLSZHj6dFidG_L4%2CAOrYGslldlkQ5OpsRDd-ToKdPaW5AyiaC2gouwZQZ_Npc3DatLad8R1HvRuDrLmr_el6m1BHO1nQOcxtx3GT2-JjsEDZLOnpER0%2CAOrYGsniXELM-S4Z8N5spl5ZXJBvuYAaAvAhZ3g6DkwlF9EYX0tLOzEgCy5LBxqYbGphCfiTrkQML63vwKwJ2t6759Sg5tv8HXs&ga_vid=95362296.1700709770&ga_sid=1700709770&ga_hid=1231077867&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY0MjO0b8xSABSAghkEhkKCnB1YmNpZC5vcmcY-MjO0b8xSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGM_IztG_MUgAUgIIZBI-CgVvcGVueBIsZXlKcElqb2lSalJ1TjB3M05URlRTbUZ0YVZweFYwbzNjbmd4VVQwOUluMD0YtcvO0b8xSAASGQoKdWlkYXBpLmNvbRjQyM7RvzFIAFICCGQSGwoMaWQ1LXN5bmMuY29tGNjJztG_MUgAUgIIag..&dlt=1700709768198&idt=2089&prev_scp=adunit%3Dlightboxdfp%26prebidtrue%3D0%26hb_width%3D728%26hb_height%3D90%26active%3D1%26andbeyondhijack%3D0%26andbeyondunfilled%3D1%26visible%3D0%26refresh1%3D1%26activevisible%3D1%26refreshtype%3Dnone%26amznbid%3D2%26amznp%3D2%26adl_dis%3D-1%26hb_format_criteointl%3Damp%26hb_size_criteointl%3D728x90%26hb_pb_criteointl%3D0.09%26hb_adid_criteointl%3D230e7f91197e251b%26hb_bidder_criteointl%3Dcriteointl%26hb_format_adtelligen%3Damp%26hb_size_adtelligent%3D728x90%26hb_pb_adtelligent%3D0.07%26hb_adid_adtelligent%3D244d7b73f37df1cd%26hb_bidder_adtelligen%3Dadtelligent%26hb_format_projectago%3Damp%26hb_size_projectagora%3D728x90%26hb_pb_projectagora%3D0.18%26hb_adid_projectagora%3D2457832c91be84f%26hb_bidder_projectago%3Dprojectagora%26hb_format_abmxandr%3Damp%26hb_size_abmxandr%3D728x90%26hb_pb_abmxandr%3D0.02%26hb_adid_abmxandr%3D2334c05df1a8b941%26hb_bidder_abmxandr%3Dabmxandr%26hb_format_oftmedia%3Damp%26hb_size_oftmedia%3D728x90%26hb_pb_oftmedia%3D0.02%26hb_adid_oftmedia%3D2397a34db6554d93%26hb_bidder_oftmedia%3Doftmedia%26hb_format_adpone%3Dbanner%26hb_size_adpone%3D728x90%26hb_pb_adpone%3D0.05%26hb_adid_adpone%3D2298865a1003b399%26hb_bidder_adpone%3Dadpone%26hb_size%3D728x90%26hb_format%3Damp%26hb_pb%3D0.18%26rtb_pb%3D0.18%26hb_adid%3D2457832c91be84f%26hb_bidder%3Dprojectagora&cust_params=adl_ip%3Dadloox-dc%26adl_ok%3D1%26prebidtrue%3D0&adks=1469548094&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js?cb=31079657
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
221486151b152d32029a30f831ee232e832e37bf800e185c09d329a11877f354
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13020
x-xss-protection
0
google-lineitem-id
5017564534
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138266010559
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
request_content.php
hal900021.redintelligence.net/ Frame 9C71 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900021.redintelligence.net/request_content.php?s=28959000007914310115215012517021&a=75cc0569
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e841e017de0b064cb9e6aeb8b441052b38bad5a8ea76059de0a63c178ee5b956

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2289
Content-Type
text/html; charset=utf-8
Date
Thu, 23 Nov 2023 03:22:54 GMT
Expires
Thu, 23 Nov 2023 03:22:54 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame D550 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 03:22:54 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame A45A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=2725&pub_id=2192392
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
67509
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 23 Nov 2023 03:22:54 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
453, 390424
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230112-FRA
X-Timer
S1700709775.578236,VS0,VE0
rd_log
ams3-ib.adnxs.com/ Frame F66C 		0
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A&e=wqT_3QL0BPBDdAIAAAMA1gAFAQiNi_uqBhDAlYOl-5mTyj8Ykt_U6bCHw_NuKjYJuB6F61G4zj8RuB6F61G4zj8ZAAAAgOtR8D8huB4JGwApESQQMQAAAOABLaAww9f6DDilFUCuS0i7A1AAWK7QoQFgAGiztyt4vfQFgAEBigEDVVNEkgUG9D4BmAHYBaABWqgBAbABALgBAMABBcgBAtABANgBAOABAPABANgC6hDgAp25XeoCPmh0dHBzOi8vc2t5cG9zdC51bGlmZXN0eWxlLmNvbS5oay9hcnRpY2xlLzMzODQxNDcv6aaZ5riv54-K55GagAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgDjZFV4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3OC4xNjIuMjA5LjEzM6gEALIEDwgAEAEYygcgWigAMAA4ArgEAMAE8vS5IsgEANoEAggB4AQA8AQAiAUBmAUAoAXQt8Lw-rTB7HrABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWkyR76BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9oGFgoQAAAAAAVBDQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAe99AXSBw0JDSUFJgzaBwYIBQnwa-AHAOoHAggA8AejIIoIRwpDAAABi_ozrsg_lEzPtKDKwKWHafhbWKVUmXc2a55kh6mUhG0_OGvPc6o8zP_yG5SBJAHk25vaxeo0TlZ83bfJ58wkLxABlQgAAIA_mAgBwAjqENIIBggAEAAYAA..&s=73134fad2452608f03d997ff6a54a5a66927362d&bdref=https%3A%2F%2Fskypost.ulifestyle.com.hk%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fskypost.ulifestyle.com.hk%2F,https%3A%2F%2F2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html,https%3A%2F%2F2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
an-x-request-uuid
66a3ab57-2775-4df6-8dd1-df4a4a04b2ff
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame D550 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
110cc45a86a31a5f20d26a85ac76a5fe104679a252808455075fa55390f63993

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:54 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 21:12:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=64186
Connection
keep-alive
Content-Length
13229
Expires
Thu, 23 Nov 2023 21:12:40 GMT
async_usersync
ib.adnxs.com/ Frame A45A 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=2725&pub_id=2192392&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=2725&pub_id=2192392
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
an-x-request-uuid
dae3e494-a898-4f9a-8da3-093101cf62ac
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.6.2/ Frame 9C71 		89 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.6.2/jquery.min.js
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=28959000007914310115215012517021&a=75cc0569
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 15:07:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44141
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Nov 2024 15:07:13 GMT
/
track.adform.net/adfscript/ Frame 9C71 		727 B
962 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=69427189;click=https://hal900021.redintelligence.net/c/poisvan6xaosm6x?tprd=
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=28959000007914310115215012517021&a=75cc0569
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f46fcb084eab72269483b74e8a2fc1738936373909c6c31774c5cdaf90fa6f7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
525
expires
-1
khaos.json
token.rubiconproject.com/ Frame D550 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
init
gw.geoedge.be/api/ Frame F66C 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2a00:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 03:22:54 GMT
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-length
0
x-amz-cf-id
yRDIeARdKvffQWmi32lsW6wrDc8jn9EOugYrkFGqNNXqFBE4S3UE2w==
x-cache
Miss from cloudfront
vevent
ams3-ib.adnxs.com/ Frame F66C 		0
699 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A&e=wqT_3QKlBfBDpQIAAAMA1gAFAQiNi_uqBhDAlYOl-5mTyj8Ykt_U6bCHw_NuKjYJuB6F61G4zj8RuB6F61G4zj8ZAAAAgOtR8D8huB4JGwApESQQMQAAAOABLaAww9f6DDilFUCuS0i7A1AAWK7QoQFgAGiztyt4vfQFgAEBigEDVVNEkgUG9GkBmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgAp25XeoCPmh0dHBzOi8vc2t5cG9zdC51bGlmZXN0eWxlLmNvbS5oay9hcnRpY2xlLzMzODQxNDcv6aaZ5riv54-K55GagAMAiAMBkAMAmAMXoAMBqgMuGhM0NTgxMzcxMTc1OTE1MDE0ODQ4KgdydWJpY29uOg4yMjQ5OjUzMzc4MTk0MsAD2ATIAwDYA42RVeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xMzOoBACyBA8IABABGMoHIFooADAAOAK4BADABPL0uSLIBADaBAIIAeAEAfAEAIgFAZgFAKAF0LfC8Pq0wex6wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFpMke-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_aBhYKEAAJPxUBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHvfQF0gcNCREnASYM2gcGCAUJ8G7gBwDqBwIIAPAHoyCKCEcKQwAAAYv6M67IP5RMz7SgysClh2n4W1ilVJl3NmueZIeplIRtPzhrz3OqPMz_8huUgSQB5Nub2sXqNE5WfN23yefMJC8QAZUIAACAP5gIAcAI6hDSCAkI____PxAAGAA.&s=898acc7011febcbc072f59a60b2a227300866e5a&type=nv&nvt=5&jm=1003&px=0&py=0&bw=728&bh=90&sid=5073649821559241344&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27175875&sw=1600&sh=1200&pw=728&ph=94&ww=728&wh=90&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
an-x-request-uuid
e46c5907-950a-4a81-913a-42a86e57dcf2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
viewability
hal900021.redintelligence.net/ Frame 9C71 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900021.redintelligence.net/viewability?s=28959000007914310115215012517021&a=ba3891e9&vb=m
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=28959000007914310115215012517021&a=75cc0569
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/request_content.php?s=28959000007914310115215012517021&a=75cc0569
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:54 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame 9C71 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=69427189;click=https://hal900021.redintelligence.net/c/poisvan6xaosm6x?tprd=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c9b3df2175f6b51e8c7ca74de67d096dad198f28de115078f9332fa3fb379ab5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 10:42:02 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 18 Nov 2023 15:27:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C67F 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Br0tojsVeZeOQFIHT3gPZ6b7QBgAAAAA4AeAEAg&bg=!39yl3JPNAAZxrfrxUa07ADQBe5WfON1IW4oQPzLFd_6nJSSiglLdWoiWS88ahX7okhfX8IGJ6wGah9jHZffswzV-O3P-AgAAAJFSAAAAAmgBB5kDVzOxomRTuzva0mqozsLCyUiRNMtocJpKL4XK4RQEiz2XKWivwUnKtP2fgsFKVHF2P--iioonciW9XOvv3Xz-h91Bk2cfSDXCKK-1ewJDQi1kzkP11yVHpAZM7vPqYt2fhdFqCBLmvuV4vDFJzhj9_WchwoZF2wVS9bt_-JkqcbTc-BDsoGr8-LFW6StXHU7zGJYRr05Gxn3lz9k3K9JEBf3hhYDPBobxJg-znoYP_G9BG4oDKqeISigcHdR3cqWwtaIie-tK1xOjPPKbthzYAV9eHeIsEzkFZLxr9E_OtjsmQ4sXNxQ-Ls5Bev-8XV2s8aew0ga90NzxWYAHRmVzXiG9f-k2eitFouanwIlXP2mvZItJDffffyfwSdBTlGzoKsQ6LidQLdGE0YrhrSY1R-gr3j2-E2WSDB2Y-HlxfhaWn8wFOFHhc_OfdJ8ahIhqrYvk8hx-GrC9VridAg2YJ0znLn5hLyiUZG3ZlvRECiokmbmtYusBvo5YQveH9MV7iywC-a8FrRZprCleSBAc4X61xRIgzvS6TJR-J_nXlcNudvt7rsadSD9EMbe6e7f68aFrbmPuF1wp4L8dmKKFEnsLAbigTqQn_m1rPkjI9YdIKDkyWBVoazkF7oHJq86F90gj9nzNZcxFKSxpJIbknedRjHxhpXQ4Eqp6McTkZFBiQTe05NLXuSQMP7tg4e9xoBxVBQmlqW6loYzkBZrXMwriGNU8mdN9za97BU5dsWS9FDD2rtoqTz0kM-j6F0T5qzOKS8hQX4CoJTTcQ-XUNk123_rs8fta8i0hlrHBA9YJom7j2DT-CyNWU0NflrL_HIL9wMNvX1bhJ4gN6L-11HMobIN7GHjXSpmtfumGtAV1PyFJO9WUrygRxe7XywWRTsxaCTXtiQ2qjWL0ggxwT5HfShpPbNXRNKLPb5S_CGQqv5U6cQT-vEy6He6YCI3v92TNj_d433yeXQeN9DecKqNU_NdRS-ELP7s52nq1hT54XOkRlPyD05kQeewsVwso38Ft6AmdEwEj8i80zdJfrrd5S7ZZ7narPcjL31Xz6QCZ4zzD9dgwaQ4XJSK6JFqk0Ed2D-2KwTHUr8tnqWJZ82y9KXZuxp9k0JxpDntfk0UsqsE1DPM2eQ
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfserve/ Frame 9C71 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=69427189;click=https://hal900021.redintelligence.net/c/poisvan6xaosm6x?tprd=;js=1;adfxid=2x;7449;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0&CREFURL=https%3A%2F%2Fskypost.ulifestyle.com.hk
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f7b95b66cf6a110f6182b6df6de99195e5af09f40bc04913aacad1679f4af4ae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1982
expires
-1
truncated
/ Frame 9C71 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Standard
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 9C71 		91 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
80958b705988fc97f2179c7a83acfc7353d1145e50ffd2680bbe3e08254708c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 10:42:02 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 18 Nov 2023 15:27:20 GMT
container.html
2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CF2F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi-ip.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 03:22:50 GMT
expires
Fri, 22 Nov 2024 03:22:50 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
track.adform.net/csimpr/ Frame 9C71 		35 B
601 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=69427189&csi=DZRy65L4QwI-hq2-AMbL0noJtBf7KXZReo977v8gpRoJDwKV3Zer3GSlJSGhwD2_hmd8J4QV2zRmKQeyP8uIc96vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal900021.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://hal900021.redintelligence.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
13883586.js
s1.adform.net/Banners/Elements/Files/169192/13883586/ Frame 5405 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883586/13883586.js?ADFassetID=13883586&bv=258
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d325bb803508ac6f1621fb0c146c3335fc21955f1cec21dd275d09082a31c40b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
gzip
last-modified
Tue, 07 Nov 2023 10:05:49 GMT
server
nginx
x-amz-request-id
tx00000ec62dc986b799230-006557130f-329558a4-default
etag
W/"6b2947fca138ab4e7b05caaf3f7f9f74"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
grumi.js
rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/ Frame CF2F 		596 KB
171 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f7a97ee90e3bf0d416db4ef3985282a52d6b13b41d8b0d89a22f4baef188198

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:52 GMT
x-amz-version-id
0JQDHGo3POVU8V3JnG0OKnZc_UxWgL_n
content-encoding
br
last-modified
Thu, 23 Nov 2023 02:55:37 GMT
server
AmazonS3
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"9c5082ded7990ce8b1325b69f7892c1a"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
2
x-amz-cf-id
laU_wv_xsZ-FaiEfMMDKkHyE82TU0H9KchHVndx4sT4i4iCkOrI5jg==
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CF2F 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
533156
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Nov 2024 23:16:58 GMT
creative.js
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame CF2F 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4245
x-jsd-version
1.16.0
content-encoding
br
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230128-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hknsu8IPZKk8SYNKvB2Cbnw6TPuFuzJwD0aKbsV5jOg%2FSbAy31Q%2FJvrY3ncbLj%2FfDWSc4SqyP9Cp3QXTR4rgK5j3FayY5gYLWS1b2KYHtFs0Kz5F1unquOI2GTjQjpAC50v8fpe2dS1XJH5ud5c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82a64a5d0ebb9247-FRA
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame CF2F 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 03:22:54 GMT
screen.css
s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/ Frame 5405 		1 KB
960 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/screen.css
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
13320bdfeae996f2492e02fb11715081b75a38637294875407b3e761a763ddb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
gzip
last-modified
Tue, 07 Nov 2023 10:05:50 GMT
server
nginx
x-amz-request-id
tx00000049e1777bbb5356d-006557130f-329552a5-default
etag
W/"2adec2f1a53f84af8e31966b37a7996e"
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 5405 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=630
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7a785e8b2ad30e6279397d656a61f70ad6341ee944c310df19593d8fabd79d9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
gzip
last-modified
Tue, 21 Nov 2023 08:14:37 GMT
server
nginx
x-amz-request-id
tx000003200605ea56ced66-00655c671a-32959ea8-default
etag
W/"d66b8df08256b7e89279e9f83d1d7c5e"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
introfill.png
s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/ Frame 5405 		183 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/introfill.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1ea1bea920eff31ce7a0b188ed36f593ac1a6c4204b715cf3f788da4837ee8ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
last-modified
Tue, 07 Nov 2023 10:05:49 GMT
server
nginx
x-amz-request-id
tx00000b3e6d2ab9e896dcb-006557130f-32959e94-default
etag
"c926f04900f0228cb7483b30965c72b5"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
183
disclaimer.png
s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/ Frame 5405 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/disclaimer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b3221920f17047d3fc1c2035662aafe25cf33cf7a53539b662e1600e26389b29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
last-modified
Tue, 07 Nov 2023 10:05:49 GMT
server
nginx
x-amz-request-id
tx00000801224edce26840f-006557130f-3295f919-default
etag
"c876008ac86080df79e242e143b5c254"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1827
text1.png
s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/ Frame 5405 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/text1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
79e51a1ddd6f26c846b07d8656529a95763214ff2c146a64c28ff06f37d8f9e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
last-modified
Tue, 07 Nov 2023 10:05:50 GMT
server
nginx
x-amz-request-id
tx0000082e06665294599fb-006557130f-3295cc06-default
etag
"0cc17964bfe7c7c7e796b31129d21450"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6339
text2.png
s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/ Frame 5405 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/text2.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b845429178a6769ad9ee3d87c76e68c56751c5abbb6f9ddea34233f15ec8e2d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
last-modified
Tue, 07 Nov 2023 10:05:50 GMT
server
nginx
x-amz-request-id
tx000005c6c4f3ea3dd8a9c-006557130f-32959e94-default
etag
"3021cc843ecb1304d47efe39c9085e3e"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3383
text3.png
s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/ Frame 5405 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/text3.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
446a667f4198c81a4cef67504a1681bb0e0bba3548b009cbe2a905486f9da736

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
last-modified
Tue, 07 Nov 2023 10:05:50 GMT
server
nginx
x-amz-request-id
tx0000006ec7d0a04588ba4-006557130f-329552a5-default
etag
"fdd1b8e51836e94b14344af5bd2ff94d"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1259
logo.png
s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/ Frame 5405 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/logo.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f2d3b6a2a3445d6a847875ff4602632662c1f1bd34701c0a01af69df665caca3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
last-modified
Tue, 07 Nov 2023 10:05:50 GMT
server
nginx
x-amz-request-id
tx000005fc60383030ab759-006557130f-3295f919-default
etag
"d439d597d40b2ef2b5d132d67d0665f7"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2109
logoend.png
s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/ Frame 5405 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/logoend.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bb8c30d641cd7cbab0e6c70438976aec979c05d438ecbd82586b06b2c9479fd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
last-modified
Tue, 07 Nov 2023 10:05:50 GMT
server
nginx
x-amz-request-id
tx0000045f0e56a7d091e9f-006557130f-329552a5-default
etag
"1b6c18a42dec179f75b9726f0b62db0f"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1685
date.png
s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/ Frame 5405 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/date.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
add3859e90da4199720a3123a57042750d07f825d0330887a8b85fb262a12089

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
last-modified
Tue, 07 Nov 2023 10:05:49 GMT
server
nginx
x-amz-request-id
tx00000cbe95371d728d69a-006557130f-3295f919-default
etag
"ac9b9bdf2710d16033ba2e2a17a5d19b"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2177
model.jpg
s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/ Frame 5405 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/model.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
289b2fe8a78f869951e8b5208875d4b3608d09113490e99fe3353312a96493ba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
last-modified
Tue, 07 Nov 2023 10:05:50 GMT
server
nginx
x-amz-request-id
tx00000e4e91f7ef684d4a6-006557130f-3295cc06-default
etag
"562d436176d02e1c4bcc41e01c2d8fda"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
49823
studio.jpg
s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/ Frame 5405 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/studio.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
62ba91bcbf4403efc35deb4443450ce793518486661f628c3260bb29d5d3444b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
last-modified
Tue, 07 Nov 2023 10:05:50 GMT
server
nginx
x-amz-request-id
tx000002227e1f44827d2dc-006557130f-3295f919-default
etag
"d6e8bddea96a16549637601330e45dd7"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
49483
background.png
s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/ Frame 5405 		148 B
477 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/background.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a8be383cbb1a472f684d4f64314933807dc81f7263aac886ae651b67fbff109d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
last-modified
Tue, 07 Nov 2023 10:05:49 GMT
server
nginx
x-amz-request-id
tx0000005320a311bae4c24-006557130f-3295cc06-default
etag
"b2920d38504bc83680613909b4a7e380"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
148
CSSPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame 5405 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1036211
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13669
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-9833"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1kVkef8oob3Z5IFu%2B5Yd9d5Z%2BNEu3tHkGTac5aV11uCJ40uUA4j4TNHuKP2hPHAxoILDQNpRRPj7ezYfcr8nHJkcwR6mPaKfQCcjk%2B%2FFX6cNqRNG7y6qGEnxS3hBLCumwx59ONR0Y%2B6ys3Jy9xox4D8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82a64a5d1f5b3667-FRA
expires
Tue, 12 Nov 2024 03:22:54 GMT
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame 5405 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
867889
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1730
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-146f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dkUI8ShCdCUdQud2SOoex6XE6vuOsU7%2FBgjlFLoIZKcYFLYKpQWzmlMsZouRyYc6ZDxpGA%2F6TUdQcm4XrxMPvf1Gn2UqqP%2B2BHQHX1MYnGjoT46D%2BocQ4HhGY54frLbpc0AKP0cQb4vrrRe0iNrH641b"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82a64a5d1f5c3667-FRA
expires
Tue, 12 Nov 2024 03:22:54 GMT
TweenLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame 5405 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
859899
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8578
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-697f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X2YpoNxVeIjE5QkntgsAYhK06pRfzOvQz70FyIZCib5%2FP0DzuJEifOKVZVsUwWv6uNvFpeUyidIdpuVBm8U3diPDRRCYG44YzFFstbsWWknUlfS2XkN1Cs2PuTzJkyaQ8QsLJ%2FsA3VRGR89P1gPr2wYH"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82a64a5d1f5d3667-FRA
expires
Tue, 12 Nov 2024 03:22:54 GMT
script.js
s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/ Frame 5405 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883586/bvpath_258/script.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2967727053e62e755b40702f3825e45e7856ac6438e088ef984344e22044936b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
content-encoding
gzip
last-modified
Tue, 07 Nov 2023 10:05:50 GMT
server
nginx
x-amz-request-id
tx00000fe8c92e983d3cb3b-006557130f-3295cc06-default
etag
W/"91331674dfe1ca19501ea729f5fcea60"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
view
securepubads.g.doubleclick.net/pcs/ Frame CF2F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUjBRKTKe10DRn0azLuG93qB2ctFvB906AD3eusjLT6NDUCTBzaoVY8B3JKUqSNS8dm8qowRNDRVYwyf9auV2B5nmbaIFHufesZ7J6vb9pua70lvTmZqETQ99tMDje6WSNoNJaHzt1XhT1dTq8XYKOueR5vixcHIpT1FbxcYfCYhq1avaQD1ef115M10b56pRszwBrC3ZQ-ONzo2mSHTzpWwzDLHM5JFT0q8grhl36EuFakK86gnOAUUcRcHywQ64-x7JuYyVurtFzGCh1G4HfJI5_ynd1rxBhxYTMfwVr62qYsoXgp493VhLHgfGEBNioCH8dYq4073zwyWOnfY1VkwXX--ysgbiT8f5SrZRGMuaQvj7W-kF4qocnnFf5&sai=AMfl-YQGuatNtaWVKj_T-7bZezzxUhMG20kQAaJeT5Ud19Lwpqaw8zB8nk3W778UTL01GovwJ5YwL_XQqelywEZ7VngdlSyI7ySHLR3A9GcanPcpt-oW9CQCLtgh2bvW5B4&sig=Cg0ArKJSzKLZD8YTqxT9EAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
grumi.js
rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/ Frame CFE2 		218 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/grumi.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:9a00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
871ca577af93c4d834f8b2994a59ba092b267b5b5a1ed3f62598be4c010dee1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:20 GMT
x-amz-version-id
PPUsbnOFOz0w173jUyxKcyjfOa4niqGt
content-encoding
br
last-modified
Thu, 23 Nov 2023 02:55:43 GMT
server
AmazonS3
via
1.1 fa87f2173bfe5d35fd73cec71ab12a32.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
etag
W/"13ed0fce3b06b930a61ca71902ee1d79"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public,max-age=3600,stale-while-revalidate=3600,immutable,must-revalidate
age
35
x-amz-cf-id
6dzLJcppY92uj8Knoce0MN-2BTCdIhkbK2LPm4l-9AdP134GCw5RYg==
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5D0D 		676 B
287 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDo-4rWBRi2u8P-ATAB&v=APEucNX0t_P925DjrQVSduGBR5nWH2R0nNrqac_ZUGf7VJAYDxuwfw7-DRCRl6LGLlAWuTAGyfV3Raf99d4oMqWni7LMpKMtmId0Aj6Si1fyqh9u7avLskAjsqpYv7-LSuYUEVnL02wncriuEhXwNOsMFWe-K7PiNVw4aKTnuaznDkh8XMwDG8U
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e744a66257c7c975261db63da2cc0b344ff2a82621849aea8c8c7019337df51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
267
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 03:22:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame CFE2 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 23 Nov 2023 03:22:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CFE2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CCcV0t818bykbxSVLa6vkHgA5HOaAgG2m1q5u7rDqIJFGzrRRaH_lGefYB78G1EpcNbOsniLqk_8Lsck0tSEE37YUMHfY6K7_-IPA4bKvB-qHmgqk
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CFE2 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=14431015755630711412&x=8&ct=77
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
44d08295-b2f6-442a-b264-ff7785835b4f
beacon-fra2.rubiconproject.com/beacon/d/ Frame CFE2 		43 B
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/44d08295-b2f6-442a-b264-ff7785835b4f?oo=0&accountId=21034&siteId=302564&zoneId=2535156&sizeId=2&e=6A1E40E384DA563BB41F0FD6C0B7788DB7D332F8C186219A6736F66B4F38BC72B62C40ED539DEBBCB7E3B39DBA7C855517A3FC8B7AEE0193901F981DC9C13DA2604C2A270951921CC43EE9CDF6DCFA4EF9BD0C60FF54E3B9ECE99E590CA72F65F19587EC429FCB5377F884F8B414C85E4B04ACC5A201731DD71583AB1F712C24A361EDDC5148CC9B094BAC657C95FB932A502FFB213E04007D35700CEEA1C453848DB5609BD7B148CE26ED760883864A2D3D1DB452394544
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::154 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/avif
cache-control
private, max-age=0, no-cache
content-length
43
x-xss-protection
1; mode=block
expires
01 Jan 1970 10:00:00 GMT
register
token.rubiconproject.com/ Frame CFE2 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/register?khaos=LPAMORQP-1U-HJ1C
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
trk.js
cdn.adnxs.com/v/s/240/ Frame CFE2 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires
Thu, 14 Nov 2024 14:07:00 GMT
Date
Thu, 23 Nov 2023 03:22:54 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
652555
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27680
X-Served-By
cache-lga21956-LGA, cache-fra-eddf8230092-FRA
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
X-Timer
S1700709775.990562,VS0,VE0
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
7, 846977
it
ams3-ib.adnxs.com/ Frame CFE2 		0
649 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fskypost.ulifestyle.com.hk%252Farticle%252F3384147%252F%25E9%25A6%2599%25E6%25B8%25AF%25E7%258F%258A%25E7%2591%259A&e=wqT_3QKlBfBDpQIAAAMA1gAFAQiNi_uqBhCf1Yb0q6TH6jUYkt_U6bCHw_NuKjYJuB6F61G4zj8RuB6F61G4zj8ZAAAAgOtR8D8huB4JGwApESQQMQAAAOABLaAww9f6DDilFUCuS0i7A1AAWK7QoQFgAGiztyt44PYFgAEBigEDVVNEkgUG9GkBmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgAr6DXuoCPmh0dHBzOi8vc2t5cG9zdC51bGlmZXN0eWxlLmNvbS5oay9hcnRpY2xlLzMzODQxNDcv6aaZ5riv54-K55GagAMAiAMBkAMAmAMXoAMBqgMuGhMzODc5MDM4Njg5MTExODEyNzY3KgdydWJpY29uOg4yMjQ5OjUzMzc4MTk0MsAD2ATIAwDYA42RVeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xMzOoBACyBA8IABABGNgFIFooADAAOAK4BADABPL0uSLIBADaBAIIAeAEAfAEAIgFAZgFAKAFmZPG_ojo_thGwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFpMke-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_aBhYKEAAJPxUBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH4PYF0gcNCREnASYM2gcGCAUJ8G7gBwDqBwIIAPAHoyCKCEcKQwAAAYv6M67INdUdIr6Bqp8P8fJzf4MA8nyuwlJD8NBNCMXHqRhZPgHIJNnBqrv23IRK_4y6X6niITa5JBocdBvIopMQAZUIAACAP5gIAcAI6hDSCAkI____PxAAGAA.&s=98d039f174de73165fd2944bb85abe2c0a51f73a
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
an-x-request-uuid
70e79e53-8351-4277-8711-aa97d3a5e5c7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:22:55 GMT
init
gw.geoedge.be/api/ Frame CF2F 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2a00:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 03:22:55 GMT
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-length
0
x-amz-cf-id
u_tsMq_lTSuazQLcGJjvEGeGg83JEtx8Ust-enY1Ctw18rTEvlCCpQ==
x-cache
Miss from cloudfront
Pug
image2.pubmatic.com/AdServer/ Frame 5D0D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_dbm
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEG8VBioXQ4feh9r3SnQudXg&google_cver=1
0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEG8VBioXQ4feh9r3SnQudXg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDo-4rWBRi2u8P-ATAB&v=APEucNX0t_P925DjrQVSduGBR5nWH2R0nNrqac_ZUGf7VJAYDxuwfw7-DRCRl6LGLlAWuTAGyfV3Raf99d4oMqWni7LMpKMtmId0Aj6Si1fyqh9u7avLskAjsqpYv7-LSuYUEVnL02wncriuEhXwNOsMFWe-K7PiNVw4aKTnuaznDkh8XMwDG8U
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 03:22:55 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&piggybackCookie=CAESEG8VBioXQ4feh9r3SnQudXg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
350
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 5D0D 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&p=360&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpubmatic%26google_hm%3D%23%23B64_PM_UID%26gdpr%3DPM_GDPR%26gdpr_consent%3DPM_CONSENT
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDo-4rWBRi2u8P-ATAB&v=APEucNX0t_P925DjrQVSduGBR5nWH2R0nNrqac_ZUGf7VJAYDxuwfw7-DRCRl6LGLlAWuTAGyfV3Raf99d4oMqWni7LMpKMtmId0Aj6Si1fyqh9u7avLskAjsqpYv7-LSuYUEVnL02wncriuEhXwNOsMFWe-K7PiNVw4aKTnuaznDkh8XMwDG8U
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 23 Nov 2023 03:22:55 GMT
content-length
0
content-type
text/html; charset=UTF-8
um
sync.teads.tv/ Frame 5D0D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEHqfw-MIJycIb31U4vNCMVM&google_cver=1
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEHqfw-MIJycIb31U4vNCMVM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDo-4rWBRi2u8P-ATAB&v=APEucNX0t_P925DjrQVSduGBR5nWH2R0nNrqac_ZUGf7VJAYDxuwfw7-DRCRl6LGLlAWuTAGyfV3Raf99d4oMqWni7LMpKMtmId0Aj6Si1fyqh9u7avLskAjsqpYv7-LSuYUEVnL02wncriuEhXwNOsMFWe-K7PiNVw4aKTnuaznDkh8XMwDG8U
Protocol
H2
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Thu, 23 Nov 2023 03:22:55 GMT
pragma
no-cache
date
Thu, 23 Nov 2023 03:22:55 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEHqfw-MIJycIb31U4vNCMVM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 5D0D 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDo-4rWBRi2u8P-ATAB&v=APEucNX0t_P925DjrQVSduGBR5nWH2R0nNrqac_ZUGf7VJAYDxuwfw7-DRCRl6LGLlAWuTAGyfV3Raf99d4oMqWni7LMpKMtmId0Aj6Si1fyqh9u7avLskAjsqpYv7-LSuYUEVnL02wncriuEhXwNOsMFWe-K7PiNVw4aKTnuaznDkh8XMwDG8U
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-16-97-41.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Thu, 23 Nov 2023 03:22:55 GMT
pragma
no-cache
date
Thu, 23 Nov 2023 03:22:55 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
syncframe
gum.criteo.com/ Frame CC0B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=skypost.ulifestyle.com.hk
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi-ip.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 23 Nov 2023 03:22:54 GMT
server
Kestrel
server-processing-duration-in-ticks
1057521
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		94 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://skypost.ulifestyle.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 07 Nov 2023 09:08:30 GMT
server
nginx
etag
W/"6549fe8e-17704"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Nov 2023 03:22:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CFE2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6670571327945&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CFE2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6670571327945&version=m202309260101&ct=77&x=8&cor=14431015755630710000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame CFE2 		23 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CNju5LIV6c2lNA5gQlXWgIzd8n-rvEpjrAGXwuDrj_SlY9ewjZhkfZaUckc_hN_fcfkJBvcNdZzFyIwgGOyW3-45Az8pyMJc8fJKOAleRA0dk0uhUa1Jx9vBjvhTOziLXK-_iy2HV6BnskW8z4F9T64dqez68gVco-7AEJVZJkJ0Ip4Fc&cry=1&dbm_d=AKAmf-D2kz4RZy0-mNXSjuxNlwvQd2ziC3Ni3rV2X2z_zAXQF2sivQb23fJRUhBiatYdJH3q9wguufLUnnRVELwDO1gVHW4kWskE2pyqgyoGWe7D2B7LVfFbqCN8fa6R3YoB-PrQCY3XPjHiaav_JmsYBllynBraLXNSSeVSzhIT7Z3j5QB2pViTc3Cnh9w0ltwxzKiYLz_uyrxLPEZ1YnOPy8_UvuYovO4xpbCpMxSEpY7FXH8Q0h6bymmE8Wvz-nrtRhc1v2pFctlwCmJmHOv7v3dIJZhlmiysk7val5UeiNqpG2SZ0N6DxT8vCtfTa8MYsMw2m0gHJZehMxhoXtOsl8wM3LaQgCS2sKkIvxjk59dEk18B7Lu6JGm7WY1wW5VniR1MtgsyTvn6g3lGzZR_MI7VVPq1M-H6HUfvZ9DVtRL4GE38_GzwGDFn7uz3cX6Zajhn-U4mDJtg5TQMgLbdHliZXwYadND63UMYeFrtKQuB1l2WdcT9JEAGR0U-h1cWVkDhx_UhFVdmXc_EK1qS5Fh4vOcGAJxCwJdz-4bohWyAAivtis2Qph15DTHmVtagCtOu5Wy1iS8yW8W5bLvbjQ0nBy0dfQouGhTNjerwwPEpvGXowAaWEvdjG6kTKLtHj27hhs-YB90bjk2zYo9XqaWb2zY4rGxajLI6oi4Qq0YMiwkXCiOal77Qm6CA31ezAVfqqix2_-i7CyktFD_j-i20q-Ogu0Sxombty3r-9eL8PIqXNB8E1NTkbGxTuleqAE11d3gaAwp4n4mThpw1L1pqHWG6e95qgXkgmLS5pPuqwWOGtlfRGqKWS96P9dnoISpDA58yEB3OwSEq-8pd9cab8EJixxJS9LaBPgs0W419qSWAwrP-EudSdk1wd4cM-MDcEbEVrqWT2GJiwWnxFe3Rb_hiHGRosOtpyUF7TRxmvFghkVDbQb5vOxPIQ9Z4D1RhAoOOc0oGxIcfcAM1U3tme7IlZ_3mXqisLi16hHs9qj8G2N-QAcHKOcnjFt_cThRnGPth5d8AFrbrFSIeGdSwGCzRODAOyeX4oYRhvCaQHcnnZUbXVzXzV6Vf70F0iTKcgkQyqfnCARTFr7qB5L-_v8naOv7hp5DoyH28l0R_8QqWG4Fn0_HYnlOSeHbdEV-u6Lf0xDd1z7cJL_aI1zjUa6AfNCKCczGemtUyDzoMkebijYY_ToKFwrQ75IwK4NvrArwZm5nyorCia8I-VgIYjutg6fFmR4T8SBhJJXc8xHR7c6Jb9t2FTHIzCn0yMoLf_MCqu3hJ5jYSZ1vz0umchsCiLSfSN98IhvbFuKtGDESF0bA1hopuw1Uy87J1BdgWAiNFj0RvepAqMT5jnQBNqGN7IptlcOdcOTzLR9hFqZScLHkOxxqyTvloX_kTYooY7SnbvWEPh-T-YnofPpG3_lNSC9vEoXlIdivjCthANP4LrkTkk-VWBcVh-t9e6JsMW6iYdCN854omcO_l7EGU_BWcPN7dD2TG1aK5Cv-MBXzGq1K_r7XHTF5E07J4Lnd62i489ReO2q5xlqHmN8q__jJyNBHPTJVIs65DLOgAd7BZeCj5-2bydOAY7CeQkyNTxZ0tE0mRi0qIpR46p36EDOEOPro-c_9xMZr1gUfvkk3g5SgbXQrIbqPlvdzghGsW7YmWhETeKqtcRWGhP8B8FZtmz0lz20IudtOGEfiqNbY3I7_UcZgbu0sPDIkD47XrfuHCqtRJeiZPwePiLxUcvLrDhDRH0ngUbwxvJ2Q5T5--u-Hp1Laggk6K8QzXyy7lzob5LknC-E6utn5zT8NHBZ50sCsyXABbBxXnJXACAOyTvaM2vUxefvNRh066_AbYaOcXTwNpmDe71mDTGqKSPae4G9mB2VWshVqfIU0HWTP7bTHIRajJYVRQ94Zj_x7wWJ-h4z8qtslqYTsKpzgDWC4TfbEq5rdnZz2lO6mZB8_F97EBeAx2TmfBNcz5ZiN1SjFi5j9ApG96hmbDQc8l-Ak01BVPubcw7es9v28vEubHXqjETLZKOqjbReWVMIMiwG7QVOJfhRak9rzAdTKc_vdCpO77tbkQjzmnG7uyrBzqoODuLdbuj0ugXYrqtWo-vpmXrZbyo8YC1pJtFrclu6hiDJ_tpeho4RNPEZqWQN0SDfhzHD12BQj693Yj8HVRG25Z7KhgA-_w40RH0r9puZ92Z2PEaGLmNfREfkhuWZT15hIzuG8n7nMJPWsf16r7JlT1aE7CdpULpe-EPcxCF-JU-WKKvK3yagJKvFYkTumUSRhXIeAr7JlzWilrba3Ndw2jq7Hk-SPqE-zUiRby-a4-ZBXTbuFvR-HoQyB5B_o81HehV-wdHz7z8lxhtbg77QoW-OzBpDlQ6W_FnJ48MV3-QydlolhdXqFY-O5OFYhSK-8j52bavtKP3xFIi0nJdxhgEknTsZ4kb4w33oC4vz7D9p9ukaRONGab9R02YFhNTBrVBNGmC-Bs5A0B3h-1c24qqVLf3exmNVy_DS3keG47ZF5SPy6VdBBBQq6-kzaYwXRLJ2v0O_um5FARM5_ivCUl8wKXrg0oKsWN3KYUxqNTsnw_ZytMVz4nztJThdA2yYRVTLBYAUOnxyq-8mNs8FzQapo0aKIIvll_Zn0mvXurwj_v728z_QdYl5B4qc98ZNXK2mSyys4pyM0KIvTPo6F-qmIv4VTvE6B81D1YuAY8PQqWnJNuiaN9VGs3S2jG4qz4s6MX_jIYxz4cgoM9Mw0XV9nlqqMu7YHSkleTb6Gr4MwR6FmdJJFZSK7o26Mlmbwsr4FXPxCcT5Hof_rTComjy9D_rsGtwMiqtZF4YJZYW3kn-L8WsyVEIz9539RnkZ0LW-XO27Fz8TR_3ayODnXqwoj5CgIgCOX5aA6mdqbOI7yzw-eP6hrNqU49wuKtNmdbnbrN6p4SmGpYvS9CEd2d6TpmwwHz6R3QIgFFqvp9yKs9tS_6fTplBkCj6Vhp3Vh2teLwy65E7PJ-Vmh1ggBvFj95ZDeTJAQDRCOSW-WlpmBCaaG_0B0DM7n1ovujQ9Yl_9FA5ovVbt_dtgFV7rKqmjbfMV69Epn5qq3RjJ-ziXrUg8jy3-vmWXgXE7J0uqRjP5h2mHPw1Ky4vnZMz-h0F4s56y1Ch_8CkDQvVDKWrLFoA5Y0OCekxri6AEayfKkve8yq10M_vdeQjgVjSexEb5WQj1CsOe8_uyCK75g9ps5GgbhQuGv_LeUL8lpUzaYzXJUf8FSi5seeDonb8rFoGsjVZGIxwNXT5h5oEDgGJL5G3YG_aoRs_RUa0IP5UtJXvFe6HtHokC0-UazihLFmTmwk8iLgiCQ-5YXOMVSeOWnOREsPcrSfkxQKAibQgT3o-2UGLaCc3ErDMfXVO0r9hJc2IFlEd4bjX_9R9SATsxhHA7bqfJ3fDeZ3FoOFR7rmg4sAdLvpd9yxIluRBCsO7Z7nQwBtjP6bpFpuqIi4c0lUR-lWaZetpL-LDJzQd8-sq-BGauW6Eio91QX1K48hZnYpxvf3EoRbDU8IA9IevXuTFfEJUiT3t1a7A2t-XFKackxZKr6XnBSBzuYE9SdzU1TuRbKQ8kKh6lez4XUhLvt-51QLFZP_O6F79bHcBSF_JGNVWpx1xRWMwXv0VGt6PWM7uCMmyWJDQzlnwulJZ4r3keKaFzHGR67wmJALbm6yq7lfJFiOJhmVd5sh8JzJil8gptUqm2DqdXPWBpg2o-5SVVtQuvXKqL0fpKLsCxX2GHwLE3InHCQaFI7R19bcNQkI2dSWeJu0js2AlxqMsaYYvycsv3HTnZA0s6LwZpa7pYevwHos7gNvMI7aroBUSp9fG3KsikRf6HtBkgKfq3T0ZtYvxZEV45gNdceVsn_wve1eu3mKHLCLIJ1_3oO-fBdc1kDpnTJGpmcN-02n2c8wF_Jly00r0_cV6N-C2us&pr=8%3A2F6BA1B52EC57F4B&cid=CAQSMgDICaaNoGdl09qvFRGYIpednt2ed4t9B95QT2AKZfBiQMCrbvpiUZYkTVyFbiLyL92CGAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&dv3_ver=m202309260101&rfl=https%3A%2F%2Fskypost.ulifestyle.com.hk%2F&ds=l&xdt=1&iif=1&cor=14431015755630710000&adk=2644979602&idt=57&cac=0&dtd=15
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f33d44c838ce9fbc809a221232ab7242e84f6ada2de091476353608c5ddd78ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:55 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15153
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sid
mug.criteo.com/ Frame CC0B
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=ulifestyle.com.hk&sn=ChromeSyncframe&so=3&topUrl=skypost.ulifestyle.com.hk&bundle=bXmsI19WJTJGOEVKc1hQZVRxSHRYNEFDWUJQS2hsa1owQmc4ViUyQlla...
  • https://mug.criteo.com/sid?cpp=6RE-Pnx2OEpmLzBKWm14Q3Bkam5jMlVoS1ppY1d2SGE3ZmdCNm1Eb0hPZ1NubVROVEUrUWJtZGVTWUNuUzB3cVJWekw3WStuOVNZcHp1Y2lxV3Yxb2s0ZE53NEhqY1dDcE5UMStzL0xVUnVsczJ6NjR2SFZlY294V1N3Ry...
463 B
675 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=6RE-Pnx2OEpmLzBKWm14Q3Bkam5jMlVoS1ppY1d2SGE3ZmdCNm1Eb0hPZ1NubVROVEUrUWJtZGVTWUNuUzB3cVJWekw3WStuOVNZcHp1Y2lxV3Yxb2s0ZE53NEhqY1dDcE5UMStzL0xVUnVsczJ6NjR2SFZlY294V1N3RytkM0VPRTB6OVZqbjN6WXdNUkxXU0lnNkJhOFF5aFNGQXRjNFpENlhnUTlpMkJ1UnhqUDg5UlZpaGcrZmhVVE1qeWN3eUhydTA1SE1ucEE3cllOL0pHM3lvTEtsYy91TGhVWjhYZlNWeHVjSzNDZWFvd0I2bjZvWWVXQVQySEtJVUIwWEJqTVRqQU9mdnNHY0ZkY2VTOEE5ZmNBTTRZUm1qNGhEU1Z6c09hUy9pWFBFNnBldz18&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
b26e332ef609c32b216d7f4382cefece45ce43738278d72a9ab033a7c4394a11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:54 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
675891
expires
0

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:55 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=6RE-Pnx2OEpmLzBKWm14Q3Bkam5jMlVoS1ppY1d2SGE3ZmdCNm1Eb0hPZ1NubVROVEUrUWJtZGVTWUNuUzB3cVJWekw3WStuOVNZcHp1Y2lxV3Yxb2s0ZE53NEhqY1dDcE5UMStzL0xVUnVsczJ6NjR2SFZlY294V1N3RytkM0VPRTB6OVZqbjN6WXdNUkxXU0lnNkJhOFF5aFNGQXRjNFpENlhnUTlpMkJ1UnhqUDg5UlZpaGcrZmhVVE1qeWN3eUhydTA1SE1ucEE3cllOL0pHM3lvTEtsYy91TGhVWjhYZlNWeHVjSzNDZWFvd0I2bjZvWWVXQVQySEtJVUIwWEJqTVRqQU9mdnNHY0ZkY2VTOEE5ZmNBTTRZUm1qNGhEU1Z6c09hUy9pWFBFNnBldz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
296847
content-length
0
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame CF2F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssc_HL9H6nL-VjNcAPq42XVG864RJPUp71hbveR6IbWnxGGe6O-Bh1hr0M3wq5hRJQ7CkAQOUUGxYwDa7XBMkh2B0Yri2fUuoLj4-uyd-s1IPjS3OyfNnTff9jwpaWLyd2h_sWhyLKL8UMbg9UJ31PZ0lymlXr6PQgFOmkh_4EY-QeeUl7l_M7w8qM1LwLAhp7dCGp2yJs-P3kZ3yYfomexiUPWKvNM_TBMmXh79usoXf4Ka2tJ76-c7qC9eOZMK37Xmh8UKEtmPMH3H5SYxcdI3Wrozw_T4UmdioeUDgxax4i80ccpgNTs47ahaN850wXxX6CyneW4FYJEKPZCuCHtx0ZTJssJJ0D9098lPHXtyIcEe5dWyRY4NwR5tUZUrxg&sai=AMfl-YTH_7SLIb6avuRvxNIdMoSnWXEYYeOMkerdu9ult1CjWZR9APfsrT8KjXRWixElzqH6_LfRArrQPEV6WxHarwJBas4Xg8DA24vDSODpDTnG_ktRbAZtEpGnlTfyRcw&sig=Cg0ArKJSzP9ESs4H75i1EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Thu, 23 Nov 2023 03:22:55 GMT
async_usersync
ib.adnxs.com/ Frame BB50 		0
599 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=2725&pub_id=2192392&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=2725&pub_id=2192392
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:55 GMT
an-x-request-uuid
453d958f-f747-433b-ae81-8f6bb7d335fb
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame CFE2 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 23 Nov 2023 03:22:55 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame CFE2 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 18:05:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
465467
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Nov 2024 18:05:08 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDcwOTc3NTA4NTkyNAogIHNlcnZlcl9pcDogMTM0MDU1MDc2CiAgcHJvY2Vzc19pZDogMzIzODkwNTA5NAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMzk1MzMx...
ad.doubleclick.net/ddm/activity/ Frame CFE2 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMDcwOTc3NTA4NTkyNAogIHNlcnZlcl9pcDogMTM0MDU1MDc2CiAgcHJvY2Vzc19pZDogMzIzODkwNTA5NAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMzk1MzMxNgphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vam9obnJlZWQuZml0bmVzcyIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAzNjAwNzYyNzE5MzI0MjQwODIxCmRlYnVnX2tleTogMTcyNzgzNjkxOTUwMjU4MzI2NjEKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDIzLTExLTIzIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTM5NTMzMTYKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzODE0Mzc5NjUKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE1MjI3MTIwNDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMjA3ODExNTIzNTQKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA1MzM3ODE5NDIKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vam9obnJlZWQuZml0bmVzcyIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:55 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0xc644402e31637aff0000000000000000","13":"0xe261829ac40c56bf0000000000000000","14":"0xf579b5c7686e58f70000000000000000","15":"0xfa5f950e6a9e39700000000000000000"},"debug_key":"17278369195025832661","debug_reporting":true,"destination":"https://johnreed.fitness","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["13953316"]},"priority":"0","source_event_id":"3600762719324240821"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6xonarohpn0t
hal9000.redintelligence.net/zone/ Frame CFE2 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/6xonarohpn0t?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7-lgjcVeZYe4G5Dz1gb-moGAB-Tgy6907aH-iPkR9i4QASC6vvAWYJWSqoKwB8gBCakClL6JFRFEsj6oAwHIA5sEqgSxAk_QbeZYwSMkdx36Sv-HGfysETWds0K4RIqVU7uw2-gA03z5MIOj4CQHBiZ7WgKcVEbILZmAaSH7jHOh0204ti9L95Y1scwJrgHrAlrOqq1uEVeUnw1OyRg9gPIAv3lp587ifrWPECf00rYRIUnHh9JxxgCGnacDGeofqbzChp7q53jvNavFGg9i2to9MAAtKaF5gu0CzBbg92DuZw8jzHqIDQpuBw2SiTgIC5bJUjQe_o0IJI5j-fNSiqswn7iy2kI1kLXsHaPfGuKqckMN4rVfqO2PpkR8lSbtYAzuoB_8CvouBAw5UeEpLciv2J8DCwyVRmWm8Xok62AJYMXdZRzdkPp5pEDOk_AKnQXKBsC-FMph44CrgzBaA4yyqKAy-osBFA4oWz-WiSwUUkAiM5NTwASJ0ZeIvATgBAOIBeLwnLVNkAYBoAZNgAff2oaiBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF8yAqoCOgKAQEi9_cE68ggfYmlkZGVyLXhhcGk6MzAyNTY0OjNDZGh1a3k0ZnlLa4AKBJgLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJERbATlcvJFdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSMgDICaaNoGdl09qvFRGYIpednt2ed4t9B95QT2AKZfBiQMCrbvpiUZYkTVyFbiLyL92CGAE%26sig%3DAOD64_3s8hSaLX0dPjWXa_PoSypBR5PjZA%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-Bxf8h_c9X51NWI7TWhlPGYCz6M8SfsKHfYvvLbKurAnOY2UOR04YPX3_u0dc9zkhqOqyIKAk6eauA9fzHjJGLJCz2OF3KUvKJT7-MfUB9rSiiAz9srJxRUizsS9b35c17c68nVY9Srk0T8FrBk1yeYv9j9RMFRG6JBVLvlgeVvOMPdHkg%26cry%3D1%26dbm_d%3DAKAmf-CRo7ZE4C-qIfQAxGFK-bYj3TGF4_6mKTmOu55nGXZSbfE6tBijF_s6_rq9i3ByLfr_cBrcbV2uAUE_opVv8wIUQgO_dyww7pMFRpZbSv8HON536B0hc-9X_uplHD2zjWmouVcC1tQgj2YdX-Fb1CWqoju9hoS2FaJSAt4BuJgiXexy1IDkMSD9kXJ___WVFnTKB3qmGy8LkxWcRK1rcuQJusvJDeQw6EqlM_JBBT6XQr2kqOsdJkpSFF3zhpWktyxt682722rgmCkHdCXkODxyEBke6YzCLh7D64Tpq4ZHitI3eWzgO0stMDcFRWm24Sng7G5GcVz7rzJfKF5gw72OOWwAnvuS_yAtrm0peyzKvrQA0wI8fyWWdvP35Co1Y0UL3AKbSN7yweJ9DinlktssZzyanCyOov0DyUMXtthdWpx5gwkMz85KZ_nyxcHJX5A4gjeQ-Js3sOXmgq7zhv7_3xh2UbH_ZJ0WtuYlTUYxIbeXGLL8QodXOgma1bldT_xpP4afg3hEWLA9RTcbSVrYV2gajv3kT79utQPsuOUj71VwFnaxPXH715CkmWNoXNpKcPOVThjRyWIAlZiIWKjp9eqjZg%26adurl%3D
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
96847f55cc527fe6d00a127ff2ac2b9b7012fd07cf034bed1e214956560d4c4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:55 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4254
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 7DFE 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
368590
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 20:59:45 GMT
expires
Sun, 17 Nov 2024 20:59:45 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
request.php
hal900017.redintelligence.net/ Frame CFE2 		611 B
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900017.redintelligence.net/request.php?zone=6xonarohpn0t&nw=20&renderingType=javascript&namespace=558c947bb9&subid=&uid=2b9ead0e7e790899&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=0x0&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC7-lgjcVeZYe4G5Dz1gb-moGAB-Tgy6907aH-iPkR9i4QASC6vvAWYJWSqoKwB8gBCakClL6JFRFEsj6oAwHIA5sEqgSxAk_QbeZYwSMkdx36Sv-HGfysETWds0K4RIqVU7uw2-gA03z5MIOj4CQHBiZ7WgKcVEbILZmAaSH7jHOh0204ti9L95Y1scwJrgHrAlrOqq1uEVeUnw1OyRg9gPIAv3lp587ifrWPECf00rYRIUnHh9JxxgCGnacDGeofqbzChp7q53jvNavFGg9i2to9MAAtKaF5gu0CzBbg92DuZw8jzHqIDQpuBw2SiTgIC5bJUjQe_o0IJI5j-fNSiqswn7iy2kI1kLXsHaPfGuKqckMN4rVfqO2PpkR8lSbtYAzuoB_8CvouBAw5UeEpLciv2J8DCwyVRmWm8Xok62AJYMXdZRzdkPp5pEDOk_AKnQXKBsC-FMph44CrgzBaA4yyqKAy-osBFA4oWz-WiSwUUkAiM5NTwASJ0ZeIvATgBAOIBeLwnLVNkAYBoAZNgAff2oaiBagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF8yAqoCOgKAQEi9_cE68ggfYmlkZGVyLXhhcGk6MzAyNTY0OjNDZGh1a3k0ZnlLa4AKBJgLAcgLAYAMAaIMECoOCgzktLEC7rWxArW4sQKqDQJERbATlcvJFdATANgTA9gUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSMgDICaaNoGdl09qvFRGYIpednt2ed4t9B95QT2AKZfBiQMCrbvpiUZYkTVyFbiLyL92CGAE%26sig%3DAOD64_3s8hSaLX0dPjWXa_PoSypBR5PjZA%26client%3Dca-pub-6579838053286784%26dbm_c%3DAKAmf-Bxf8h_c9X51NWI7TWhlPGYCz6M8SfsKHfYvvLbKurAnOY2UOR04YPX3_u0dc9zkhqOqyIKAk6eauA9fzHjJGLJCz2OF3KUvKJT7-MfUB9rSiiAz9srJxRUizsS9b35c17c68nVY9Srk0T8FrBk1yeYv9j9RMFRG6JBVLvlgeVvOMPdHkg%26cry%3D1%26dbm_d%3DAKAmf-CRo7ZE4C-qIfQAxGFK-bYj3TGF4_6mKTmOu55nGXZSbfE6tBijF_s6_rq9i3ByLfr_cBrcbV2uAUE_opVv8wIUQgO_dyww7pMFRpZbSv8HON536B0hc-9X_uplHD2zjWmouVcC1tQgj2YdX-Fb1CWqoju9hoS2FaJSAt4BuJgiXexy1IDkMSD9kXJ___WVFnTKB3qmGy8LkxWcRK1rcuQJusvJDeQw6EqlM_JBBT6XQr2kqOsdJkpSFF3zhpWktyxt682722rgmCkHdCXkODxyEBke6YzCLh7D64Tpq4ZHitI3eWzgO0stMDcFRWm24Sng7G5GcVz7rzJfKF5gw72OOWwAnvuS_yAtrm0peyzKvrQA0wI8fyWWdvP35Co1Y0UL3AKbSN7yweJ9DinlktssZzyanCyOov0DyUMXtthdWpx5gwkMz85KZ_nyxcHJX5A4gjeQ-Js3sOXmgq7zhv7_3xh2UbH_ZJ0WtuYlTUYxIbeXGLL8QodXOgma1bldT_xpP4afg3hEWLA9RTcbSVrYV2gajv3kT79utQPsuOUj71VwFnaxPXH715CkmWNoXNpKcPOVThjRyWIAlZiIWKjp9eqjZg%26adurl%3D&documentReferer=https%3A%2F%2F2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=https%3A%2F%2F2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com%2Chttps%3A%2F%2Fskypost.ulifestyle.com.hk&random=1924475678272&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.9.70.69.159.clients.your-server.de
Software
Apache /
Resource Hash
e6e6033ad63c37062d521d6b4579b08a5261f44ccbae8f662b362e9d32e1d9b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 23 Nov 2023 03:22:55 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
40274000008132010115215012517017
Connection
close
Content-Length
329
Expires
Thu, 23 Nov 2023 03:22:55 +0100
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 7DFE 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 23:21:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
100887
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Nov 2024 23:21:28 GMT
request_content.php
hal900017.redintelligence.net/ Frame 42B8 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900017.redintelligence.net/request_content.php?s=40274000008132010115215012517017&a=c7ed6972
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.9.70.69.159.clients.your-server.de
Software
Apache /
Resource Hash
f19d6e2a9a17bde8ae849c50bcbb6002579413a95b9a811f0e70e2da13c52454

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
1504
Content-Type
text/html; charset=utf-8
Date
Thu, 23 Nov 2023 03:22:55 GMT
Expires
Thu, 23 Nov 2023 03:22:55 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5AD4 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 03:22:55 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 1D5B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=2725&pub_id=2192392
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
67510
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 23 Nov 2023 03:22:55 GMT
ETag
W/"623de86a-cf34"
Expires
Thu, 16 Nov 2023 08:37:34 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
453, 390425
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230112-FRA
X-Timer
S1700709775.308074,VS0,VE0
rd_log
ams3-ib.adnxs.com/ Frame CFE2 		0
649 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A&e=wqT_3QL0BPBDdAIAAAMA1gAFAQiNi_uqBhCf1Yb0q6TH6jUYkt_U6bCHw_NuKjYJuB6F61G4zj8RuB6F61G4zj8ZAAAAgOtR8D8huB4JGwApESQQMQAAAOABLaAww9f6DDilFUCuS0i7A1AAWK7QoQFgAGiztyt44PYFgAEBigEDVVNEkgUG9D4BmAHYBaABWqgBAbABALgBAMABBcgBAtABANgBAOABAPABANgC6hDgAr6DXuoCPmh0dHBzOi8vc2t5cG9zdC51bGlmZXN0eWxlLmNvbS5oay9hcnRpY2xlLzMzODQxNDcv6aaZ5riv54-K55GagAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgDjZFV4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDzE3OC4xNjIuMjA5LjEzM6gEALIEDwgAEAEY2AUgWigAMAA4ArgEAMAE8vS5IsgEANoEAggB4AQA8AQAiAUBmAUAoAWZk8b-iOj-2EbABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWkyR76BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9oGFgoQAAAAAAVBDQF0EAAYAOAGAfIGAggAgAcBiAcAoAcByAfg9gXSBw0JDSUFJgzaBwYIBQnwa-AHAOoHAggA8AejIIoIRwpDAAABi_ozrsg11R0ivoGqnw_x8nN_gwDyfK7CUkPw0E0IxcepGFk-Acgk2cGqu_bchEr_jLpfqeIhNrkkGhx0G8iikxABlQgAAIA_mAgBwAjqENIIBggAEAAYAA..&s=7c43a16e3f7b7bc472c4399ffb1fc0b1cabfeb5a&bdref=https%3A%2F%2Fskypost.ulifestyle.com.hk%2F&bdtop=true&bdifs=2&bstk=https%3A%2F%2Fskypost.ulifestyle.com.hk%2F,https%3A%2F%2F2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html,https%3A%2F%2F2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:55 GMT
an-x-request-uuid
95f30849-8082-4e63-a7e3-86148060fd87
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F0CA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrMSpP9KQdWibPl4rR4t1x-tNRp7IWKaMsP2Y8-1mYakgYDeRT6zHQ_P6rf4_ynMD6AcVU0Qlifq5h8-rMpO7IMC1uxVHnjGFLS8VDvBVzkxCirk_IWHTKGDC2vwPXszC4tNqhcbZgDw&sig=Cg0ArKJSzOQvICGqSQ0AEAE&id=lidar2&mcvt=1011&p=10,436,100,1164&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1182580958&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700709774029&rpt=260&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 5AD4 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
110cc45a86a31a5f20d26a85ac76a5fe104679a252808455075fa55390f63993

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 21:12:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=64185
Connection
keep-alive
Content-Length
13229
Expires
Thu, 23 Nov 2023 21:12:40 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 04ED 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1950625118873&version=m202309260101&ct=77&x=8&cor=12122597242241847000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 1D5B 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=2725&pub_id=2192392&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=2725&pub_id=2192392
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:55 GMT
an-x-request-uuid
46cbead2-e76c-4d6a-be06-bae166323f27
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
track.adform.net/adfscript/ Frame 42B8 		727 B
963 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=69427185;click=https://hal900017.redintelligence.net/c/pzmvtsrrijn2efq?tprd=
Requested by
Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=40274000008132010115215012517017&a=c7ed6972
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
eb3e12c73e4969480d831a6485ecba955dd90f44708f117e1cdc8decdca49610
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
526
expires
-1
init
gw.geoedge.be/api/ Frame CFE2 		0
216 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/init
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2a00:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 03:22:55 GMT
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-length
0
x-amz-cf-id
EvVCEhQcm69_Az_g9Rem5nUy-wU13owgHkvZj_YkCIIpayEhvIizvA==
x-cache
Miss from cloudfront
khaos.json
token.rubiconproject.com/ Frame 5AD4 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
viewability
hal900017.redintelligence.net/ Frame 42B8 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900017.redintelligence.net/viewability?s=40274000008132010115215012517017&a=bf89332b&vb=m
Requested by
Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=40274000008132010115215012517017&a=c7ed6972
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.9.70.69.159.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/request_content.php?s=40274000008132010115215012517017&a=c7ed6972
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:55 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
vevent
ams3-ib.adnxs.com/ Frame CFE2 		0
699 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A&e=wqT_3QKlBfBDpQIAAAMA1gAFAQiNi_uqBhCf1Yb0q6TH6jUYkt_U6bCHw_NuKjYJuB6F61G4zj8RuB6F61G4zj8ZAAAAgOtR8D8huB4JGwApESQQMQAAAOABLaAww9f6DDilFUCuS0i7A1AAWK7QoQFgAGiztyt44PYFgAEBigEDVVNEkgUG9GkBmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgAr6DXuoCPmh0dHBzOi8vc2t5cG9zdC51bGlmZXN0eWxlLmNvbS5oay9hcnRpY2xlLzMzODQxNDcv6aaZ5riv54-K55GagAMAiAMBkAMAmAMXoAMBqgMuGhMzODc5MDM4Njg5MTExODEyNzY3KgdydWJpY29uOg4yMjQ5OjUzMzc4MTk0MsAD2ATIAwDYA42RVeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xMzOoBACyBA8IABABGNgFIFooADAAOAK4BADABPL0uSLIBADaBAIIAeAEAfAEAIgFAZgFAKAFmZPG_ojo_thGwAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFpMke-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_aBhYKEAAJPxUBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgH4PYF0gcNCREnASYM2gcGCAUJ8G7gBwDqBwIIAPAHoyCKCEcKQwAAAYv6M67INdUdIr6Bqp8P8fJzf4MA8nyuwlJD8NBNCMXHqRhZPgHIJNnBqrv23IRK_4y6X6niITa5JBocdBvIopMQAZUIAACAP5gIAcAI6hDSCAkI____PxAAGAA.&s=98d039f174de73165fd2944bb85abe2c0a51f73a&type=nv&nvt=5&jm=1003&sid=5073649821559241344&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27175875&sw=1600&sh=1200&pw=0&ph=0&ww=0&wh=0&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:55 GMT
an-x-request-uuid
18647f5e-3817-4064-901e-18fa8d54ef09
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame 42B8 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=69427185;click=https://hal900017.redintelligence.net/c/pzmvtsrrijn2efq?tprd=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
c9b3df2175f6b51e8c7ca74de67d096dad198f28de115078f9332fa3fb379ab5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 10:42:02 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 18 Nov 2023 15:27:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7DFE 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BSF9gj8VeZaSfBaSJ9u8Phoq3iAwAAAAAOAHgBAI&bg=!ZmWlZSrNAAZxrfrxUa07ADQBe5WfON1SAonKw6E3Y1ihijFtXv1jJFnZOJSLBYGXk5dhwzvA6GZ6FX7BsgKlb4KoHNwbAgAAALNSAAAAA2gBB5kDZsqKZKW7yM3MRn1hcZbTPmmr_3BUs7NEWfuCp4IOSjBTVj3KvAh4VEwGIuzc-sYgP1GLZkv_Ll5usg_c1Yrti8oevH0zPTJQOZiAg3t6e7-dqDCw6-Nokij4V_iYJyRkrEmklWH8UXC-y_YZAz4kn_KFI-ByeU-CGidcUuPUcQuOGXIdiT1z5hkF8Nx42w_H90tTJFUXwqpFtT5AeAVsczc8S5iSj7RH1g7KNogBcFgMCecOAN0Q_q-DtXb4CHx1peJ8vHTu0OqBC6nraPtLZAvukxnj0WuRNoLgxnTVFbvswWqra1QmThBl3TV7nNOGzCJLrq0Xk3Th7EycNJh8yJltMq4tx8l0rQLrGYAkK15fObPXmi_4nisYrOQJu_lHLO9lbf2TLrNJdsH5DwOzmXIvKvkT8KUfv9Ls6RChtPiF_qj6ATK02qtoUDwo3ulaYCNSLCRXLBSGeh-eie8Fq93Is4tUKFl79zhzh8rxbPLsW0y0215JOx6b-5e50A3e36LQs4yHUC5-MkzIRQZIRNBqFtfD4JAiBaq7QSDAPgn0fHQ99HBrHyJvN_9ZCXohIjRZdMzuGVabdddtzALfdfo5HgucvpwVnDhycVx8AbZdNZlyjDiwqi2OE_tBePHnNSP7BtfkGHPr4exvhb4gAUBi6miaMv81_bpj8QVNkpUWbXEjAzq-gfU3J6fbfdF67F3ngblrOGCaK8xERx8aH7lkfMAIPaQXXOnAb66-IUS-eVAV96yar66_9hWMwtotjX0D5Mhvg1MmYQ-0UkbBdUBi-lf3pjsPkWYvyu1Sy_yULJgKEe7yUVwkewAuCwTkYq1hUVPSNBGlq3xs2alN1k6byFN4blvF927m9bB5FTd0fiVGBES5pfNRCeLlIvS1Gr7EA9pFKDJ3ijH2oi2iOOUgJR6GVq4zWPjbOXcFe60tL2dJ2kW5qhl9Zsak8vId-AbaIwjU-P1IfPC22NXKcEbU3E03ruRDxJrVasGbneM_cbOsX4Uh6uF9B6hkTTjlGWLWDkM9CoUiAqtZqhzNcbUn7U17pSCSuwskN-jnDY19pcFvhgLOY1H7Jn6aLaeCiESFTPREucO60Xu7pWYA29e4P7toYKck7FptNgK0EwDT_01JssFGUvbfkirLY9Ul8GSc6xrC6w
Requested by
Host: 2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfserve/ Frame 42B8 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=69427185;click=https://hal900017.redintelligence.net/c/pzmvtsrrijn2efq?tprd=;js=1;adfxid=1x;5122;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;cmpgpp=;cmpgpp_sid=;fd=0|0&CREFURL=https%3A%2F%2Fskypost.ulifestyle.com.hk
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
342d4b1d3850e680bd6148ad9c140c4fdb1a3260f8beef144ec6e751dbd99e83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:55 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1932
expires
-1
truncated
/ Frame 42B8 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
stats
gw.geoedge.be/api/ Frame CFE2 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gw.geoedge.be/api/stats
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/e6a81302-2eca-46b7-8e3a-9fc5c5bcd84c/grumi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223d:2a00:10:43f:4352:ad61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 03:22:55 GMT
via
1.1 68eb499493257a6d0620a0f6abdc78ca.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
content-length
0
x-amz-cf-id
eiXHMu3j4xSxzLZw19kAhSDWLwGcRrqTID5faiPleNmk58xxEKCkQw==
x-cache
Miss from cloudfront
Standard
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 42B8 		91 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
80958b705988fc97f2179c7a83acfc7353d1145e50ffd2680bbe3e08254708c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
content-encoding
gzip
last-modified
Fri, 17 Nov 2023 10:42:02 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Sat, 18 Nov 2023 15:27:20 GMT
/
track.adform.net/csimpr/ Frame 42B8 		35 B
601 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=69427185&csi=Y1u0LXwCxRLqbub21NNt1CcXSQoPV9RW6qz3ddpFjcgJDwKV3Zer3GSlJSGhwD2_xjOn1vuE_RY2eppt4vRdcd6vWmW1dlSa0
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal900017.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:55 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://hal900017.redintelligence.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
13883523.js
s1.adform.net/Banners/Elements/Files/169192/13883523/ Frame E954 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/13883523.js?ADFassetID=13883523&bv=258
Requested by
Host: skypost.ulifestyle.com.hk
URL: https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
d325bb803508ac6f1621fb0c146c3335fc21955f1cec21dd275d09082a31c40b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
content-encoding
gzip
last-modified
Tue, 07 Nov 2023 10:00:31 GMT
server
nginx
x-amz-request-id
tx000001d6087b563597abf-00655712ff-3295cc06-default
etag
W/"6b2947fca138ab4e7b05caaf3f7f9f74"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
async_usersync
ib.adnxs.com/ Frame A45A 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=2725&pub_id=2192392&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=2725&pub_id=2192392
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:55 GMT
an-x-request-uuid
1e0645d8-ded3-4853-9ead-60b9249ae41f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
screen.css
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame E954 		1 KB
960 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/screen.css
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
13320bdfeae996f2492e02fb11715081b75a38637294875407b3e761a763ddb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
content-encoding
gzip
last-modified
Tue, 07 Nov 2023 10:00:32 GMT
server
nginx
x-amz-request-id
tx000000decbe7e2be9da5a-00655712ff-3295cc06-default
etag
W/"2adec2f1a53f84af8e31966b37a7996e"
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame E954 		30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js?bv=630
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
7a785e8b2ad30e6279397d656a61f70ad6341ee944c310df19593d8fabd79d9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
content-encoding
gzip
last-modified
Tue, 21 Nov 2023 08:14:37 GMT
server
nginx
x-amz-request-id
tx000003200605ea56ced66-00655c671a-32959ea8-default
etag
W/"d66b8df08256b7e89279e9f83d1d7c5e"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800
introfill.png
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame E954 		183 B
512 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/introfill.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
1ea1bea920eff31ce7a0b188ed36f593ac1a6c4204b715cf3f788da4837ee8ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
last-modified
Tue, 07 Nov 2023 10:00:32 GMT
server
nginx
x-amz-request-id
tx00000436ada0eaa79bf70-00655712ff-329552a5-default
etag
"c926f04900f0228cb7483b30965c72b5"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
183
disclaimer.png
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame E954 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/disclaimer.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b3221920f17047d3fc1c2035662aafe25cf33cf7a53539b662e1600e26389b29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
last-modified
Tue, 07 Nov 2023 10:00:31 GMT
server
nginx
x-amz-request-id
tx00000485e97a5d2f2d72a-00655712ff-329552a5-default
etag
"c876008ac86080df79e242e143b5c254"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1827
text1.png
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame E954 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/text1.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
79e51a1ddd6f26c846b07d8656529a95763214ff2c146a64c28ff06f37d8f9e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
last-modified
Tue, 07 Nov 2023 10:00:32 GMT
server
nginx
x-amz-request-id
tx00000ed2cfaae934b875b-00655712ff-329558a4-default
etag
"0cc17964bfe7c7c7e796b31129d21450"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
6339
text2.png
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame E954 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/text2.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b845429178a6769ad9ee3d87c76e68c56751c5abbb6f9ddea34233f15ec8e2d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
last-modified
Tue, 07 Nov 2023 10:00:32 GMT
server
nginx
x-amz-request-id
tx000001a8e9280222e7789-00655712ff-329552a5-default
etag
"3021cc843ecb1304d47efe39c9085e3e"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
3383
text3.png
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame E954 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/text3.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
446a667f4198c81a4cef67504a1681bb0e0bba3548b009cbe2a905486f9da736

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
last-modified
Tue, 07 Nov 2023 10:00:32 GMT
server
nginx
x-amz-request-id
tx0000041fe46be31b4f735-00655712ff-329558a4-default
etag
"fdd1b8e51836e94b14344af5bd2ff94d"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1259
logo.png
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame E954 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/logo.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f2d3b6a2a3445d6a847875ff4602632662c1f1bd34701c0a01af69df665caca3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
last-modified
Tue, 07 Nov 2023 10:00:32 GMT
server
nginx
x-amz-request-id
tx00000e311f1ba51e5c8d0-00655712ff-329558a4-default
etag
"d439d597d40b2ef2b5d132d67d0665f7"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2109
logoend.png
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame E954 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/logoend.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bb8c30d641cd7cbab0e6c70438976aec979c05d438ecbd82586b06b2c9479fd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
last-modified
Tue, 07 Nov 2023 10:00:32 GMT
server
nginx
x-amz-request-id
tx000008184e404711a458c-00655712ff-32959e94-default
etag
"1b6c18a42dec179f75b9726f0b62db0f"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
1685
date.png
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame E954 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/date.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
add3859e90da4199720a3123a57042750d07f825d0330887a8b85fb262a12089

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
last-modified
Tue, 07 Nov 2023 10:00:31 GMT
server
nginx
x-amz-request-id
tx00000d678dcb357e312de-00655712ff-3295cc06-default
etag
"ac9b9bdf2710d16033ba2e2a17a5d19b"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
2177
model.jpg
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame E954 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/model.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
62ba91bcbf4403efc35deb4443450ce793518486661f628c3260bb29d5d3444b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
last-modified
Tue, 07 Nov 2023 10:00:32 GMT
server
nginx
x-amz-request-id
tx00000bfc05c52dcdbfade-00655712ff-329558a4-default
etag
"d6e8bddea96a16549637601330e45dd7"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
49483
studio.jpg
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame E954 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/studio.jpg
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
f1afce9ae55246b7dfcea249c2aa3316672ed4d50fddd1a7b651e561c80565ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
last-modified
Tue, 07 Nov 2023 10:00:32 GMT
server
nginx
x-amz-request-id
tx00000fb3954017492e0c2-00655712ff-3295cc06-default
etag
"7e9afdb35635aa4357e5a279852778f4"
x-cache-status
STALE
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
48666
background.png
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame E954 		148 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/background.png
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a8be383cbb1a472f684d4f64314933807dc81f7263aac886ae651b67fbff109d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
last-modified
Tue, 07 Nov 2023 10:00:31 GMT
server
nginx
x-amz-request-id
tx000005fa984e166013667-00655712ff-329558a4-default
etag
"b2920d38504bc83680613909b4a7e380"
x-cache-status
STALE
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
accept-ranges
bytes
content-length
148
CSSPlugin.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/ Frame E954 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/plugins/CSSPlugin.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1036212
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13669
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-9833"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7SKQ5CCBDZOMKIE%2FWqVz0cU9AyUUBJrzAimoiQK9S8uwVzJYQB8e0PZU%2BjJNZeVTDbNac72VCWO44%2Fkud83gDw43GgFATh0pfSLSyENRf%2BR3Clr7zMUnewh2xcxby70iguqVkgUzyC0UUzi19o6Absa6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82a64a61ca203667-FRA
expires
Tue, 12 Nov 2024 03:22:55 GMT
EasePack.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/ Frame E954 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/easing/EasePack.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
867890
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1730
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-146f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wgjh5Kj1mtpqEOqS96X7MQdZ4f6WSHG%2F7WchdeMBXSK1I8%2Fvk7gSfGr4bECHYFc9RdBiIT9BmHl5SraB7NT4UX1U5AbfmL6KFZ5pIlYBxNAxljtRxl7cMCSSHuyTeJgSlexEPgYrRSoGH6HtBX3eay%2BC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82a64a61ca213667-FRA
expires
Tue, 12 Nov 2024 03:22:55 GMT
TweenLite.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/ Frame E954 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.0/TweenLite.min.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
859900
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8578
last-modified
Mon, 04 May 2020 16:10:25 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e71-697f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZCcyJcb75DW%2FtLmlryBkBPgA9eIdUEehJ7qv5%2FHKx98CbFe0gkQPNieSwR9LQEB2rEMsVB%2FMQbd6i42NM0BcszIpLWz8ye6jD0LzVgsnTy2FNynAw1o6%2FOUxLyc4pi4Ii451FDBr32VUhn1CEe9yNB6L"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82a64a61ca243667-FRA
expires
Tue, 12 Nov 2024 03:22:55 GMT
script.js
s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/ Frame E954 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/169192/13883523/bvpath_258/script.js
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.236/e/igSBggDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2967727053e62e755b40702f3825e45e7856ac6438e088ef984344e22044936b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900017.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
content-encoding
gzip
last-modified
Tue, 07 Nov 2023 10:00:32 GMT
server
nginx
x-amz-request-id
tx000008a8451f3403162dd-00655712ff-3295f919-default
etag
W/"91331674dfe1ca19501ea729f5fcea60"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
vevent
ams3-ib.adnxs.com/ Frame F66C 		0
699 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fskypost.ulifestyle.com.hk%2Farticle%2F3384147%2F%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A&e=wqT_3QKlBfBDpQIAAAMA1gAFAQiNi_uqBhDAlYOl-5mTyj8Ykt_U6bCHw_NuKjYJuB6F61G4zj8RuB6F61G4zj8ZAAAAgOtR8D8huB4JGwApESQQMQAAAOABLaAww9f6DDilFUCuS0i7A1AAWK7QoQFgAGiztyt4vfQFgAEBigEDVVNEkgUG9GkBmAHYBaABWqgBAbABALgBAcABBcgBAtABANgBAOABAPABANgC6hDgAp25XeoCPmh0dHBzOi8vc2t5cG9zdC51bGlmZXN0eWxlLmNvbS5oay9hcnRpY2xlLzMzODQxNDcv6aaZ5riv54-K55GagAMAiAMBkAMAmAMXoAMBqgMuGhM0NTgxMzcxMTc1OTE1MDE0ODQ4KgdydWJpY29uOg4yMjQ5OjUzMzc4MTk0MsAD2ATIAwDYA42RVeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBA8xNzguMTYyLjIwOS4xMzOoBACyBA8IABABGMoHIFooADAAOAK4BADABPL0uSLIBADaBAIIAeAEAfAEAIgFAZgFAKAF0LfC8Pq0wex6wAUAyQUAAAAAAADwP9IFCQkAAAAAAAAAANgFAeAFAfAFpMke-gUECAAQAJAGAJgGALgGAMEGAAAAAAAA8D_aBhYKEAAJPxUBdBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHvfQF0gcNCREnASYM2gcGCAUJ8G7gBwDqBwIIAPAHoyCKCEcKQwAAAYv6M67IP5RMz7SgysClh2n4W1ilVJl3NmueZIeplIRtPzhrz3OqPMz_8huUgSQB5Nub2sXqNE5WfN23yefMJC8QAZUIAACAP5gIAcAI6hDSCAkI____PxAAGAA.&s=898acc7011febcbc072f59a60b2a227300866e5a&type=pv&jm=1003|1030&px=0&py=0&bw=728&bh=90&sf=1&sid=5073649821559241344&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=27175875&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:55 GMT
an-x-request-uuid
9df559cd-dff0-4c53-820f-6ca912bc1430
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
178.162.209.133; 178.162.209.133; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
viewability
hal900021.redintelligence.net/ Frame 9C71 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900021.redintelligence.net/viewability?s=28959000007914310115215012517021&a=ba3891e9&vb=v
Requested by
Host: hal900021.redintelligence.net
URL: https://hal900021.redintelligence.net/request_content.php?s=28959000007914310115215012517021&a=75cc0569
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.238.55 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.55.238.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900021.redintelligence.net/request_content.php?s=28959000007914310115215012517021&a=75cc0569
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:55 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame F66C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1274657219501&version=m202309260101&ct=77&x=8&cor=6977125126271680000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F66C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst5jM-gAS216xnlA4V25a1UMDZIX_kJEQ0T6Sd7Wx9SxIbeJMCmRs-pdp4hRsL8PHYPPGXpfgBKSpTcN_16OtoX8iYckgyg6mnURSHXKe7H31gFI3rDxeUjl4cb&sig=Cg0ArKJSzPzjc8rAty7EEAE&id=lidar2&mcvt=1030&p=0,0,90,728&mtos=1030,1030,1030,1030,1030&tos=1030,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=3820307439&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700709774203&rpt=519&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: rumcdn.geoedge.be
URL: https://rumcdn.geoedge.be/33aa8a5b-8617-4942-aea1-0d5dd12cde22/grumi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:55 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/serving/unload/ Frame 9C71 		35 B
601 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=1733395365844718848@@69427189,5464464653523870783,100|1006|0|0|0|0|0|0|0||34|1|||||1|0|0|6n8-gE0P6wDxBx_RTJEBJzJpUhfsqnchfUZmq-A4hEVxxwcb_dZ1K_L_QlhaeLlf0|||11||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal900021.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://hal900021.redintelligence.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
putRecords
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.231.226.65 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-231-226-65.us-west-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-api-key
Access-Control-Request-Method
POST
Origin
https://skypost.ulifestyle.com.hk
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
date
Thu, 23 Nov 2023 03:22:56 GMT
x-amz-apigw-id
O1POpEJevHcEcYg=
x-amzn-requestid
6104fd88-fdaf-45e2-95be-2d83e7f4a05c
putRecords
prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/ 		146 B
373 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod.tahoe-analytics.publishers.advertising.a2z.com/logevent/putRecords?encoded=true
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.231.226.65 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-231-226-65.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
468b07e0336f2f65ba1d302adf3c64cfc9ad5d821908d339946291eb2c76c054

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
x-api-key
79db72eb0b5c7255afa54a253df24fb4a5ac916bf40b51c730df8850aa5665ca
Content-Type
application/json

Response headers

date
Thu, 23 Nov 2023 03:22:56 GMT
x-amzn-trace-id
Root=1-655ec590-394778ca08fcdc5b1e2e4dd1
x-amzn-requestid
b4c0d5d9-9e5f-40d0-8569-6023dd1f320d
access-control-allow-methods
*
content-type
application/json
access-control-allow-origin
*
x-amz-apigw-id
O1POrFQevHcEh6Q=
content-length
146
async_usersync
ib.adnxs.com/ Frame 1D5B 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=2725&pub_id=2192392&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=2725&pub_id=2192392
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:56 GMT
an-x-request-uuid
ade555ec-6152-43fe-8930-b24cf5f37c7e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CFE2 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6670571327945&version=m202309260101&ct=77&x=8&cor=14431015755630710000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:56 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
envelope
lexicon.33across.com/v1/ 		49 B
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lexicon.33across.com/v1/envelope?pid=0013300001cG13gAAC&gdpr=0&src=rtbpbjs&ver=7.54.5
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.193.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.193.244.35.bc.googleusercontent.com
Software
/
Resource Hash
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 03:22:56 GMT
via
1.1 google
vary
origin
content-type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
private, must-revalidate, max-age=28800
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49
/
id.a-mx.com/sync/ 		66 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.a-mx.com/sync/?tagId=&ref=null&u=https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A&tl=https://skypost.ulifestyle.com.hk/article/3384147/%E9%A6%99%E6%B8%AF%E7%8F%8A%E7%91%9A&nf=0&rt=true&v=7.54.5&av=2.0&vg=rtbpbjs&us_privacy=null&am=null&gdpr=0&gdpr_consent=
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
131.153.158.209 Amsterdam, Netherlands, ASN60558 (SECUREDSERVERS-EU, US),
Reverse DNS
Software
/
Resource Hash
7d4df7bf752ab59afd201711d458c31acd5651054bf5d5e76d19580594fbb346

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
date
Thu, 23 Nov 2023 03:22:56 GMT
access-control-allow-credentials
true
content-length
66
content-type
application/json
prebid
id5-sync.com/api/config/ 		135 B
426 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
f759cefc88a2c554f946a01dfe2df9521c5c213a63495dd0d2978adf78f171a8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
date
Thu, 23 Nov 2023 03:22:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		63 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
e622bc16087ef71252f92e4c6fe27345f73ffdb6324e5f1283ec3b2e48fa8e45

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 23 Nov 2023 03:22:57 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://skypost.ulifestyle.com.hk
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sat, 23 Dec 2023 03:22:57 GMT
usync.html
eus.rubiconproject.com/ Frame 3C95 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 03:22:56 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame D541 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO7Q43N&prvid=77&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3f444974beda618ad11ab53facf70433e3cc234e8b7c6b6c01e60a6971a98f18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8052
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 03:22:57 GMT
expires
Sat, 25 Nov 2023 03:22:57 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D03A 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156181
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=55972
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 03:22:56 GMT
expires
Thu, 23 Nov 2023 18:55:48 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 018D 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=55972
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 03:22:56 GMT
expires
Thu, 23 Nov 2023 18:55:48 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-all.html
adxbid.info/ Frame D73B 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:8513 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82a64a6a5e8f3a3e-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 03:22:57 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z201FszGgjoOH3zrDy1UC8b%2FRHecn5jn1RrYN501f1a6CBTdDMJ6f5rR4w8MXJIplVdwAow3KlHId5u8eZyHxCmScQEKWmOGUXoIHsiTGl6h%2FLuuM3XPNbC%2FB%2FaOb6i%2BrL8H%2FA4RSwCp6w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
sync.html
cdn.aralego.net/ucfad/cookie/ Frame 1B44 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
915
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
82a64a6a5dc830c3-FRA
content-encoding
br
content-type
text/html
date
Thu, 23 Nov 2023 03:22:57 GMT
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yIUB1LQcm8Tjk82awAFdW9B1a2vgmSKrRczlkZsKM%2F3fC2gQBZ7gOPeBLwC5MwfHkCeKV2hR%2F7fgqxoS0gmKKxK6t6kGIQxHOcQS4LmUIwQW0H5KTuJ3q5yLzuUasPzYvtAf97olSNif1WxqyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sspmatch-iframe
ads.betweendigital.com/ Frame 12C9 		846 B
1016 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/sspmatch-iframe
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
44d38c8e43376bc7968ca9431c1ead70eb9addb2822b9932251e552b8fab6122

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
846
content-type
text/html
/
onetag-sys.com/usync/ Frame 9BAD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
/
ssc-cms.33across.com/ps/ Frame 9C5F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0010b00002T3JniAAF&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.22 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip22.67-202-105.static.steadfastdns.net
Software
33XP005 /
Resource Hash

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Thu, 23 Nov 2023 03:22:56 GMT
server
33XP005
x-33x-status
2000208
/
onetag-sys.com/usync/ Frame 6502 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1700709771558
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
/
csync.smilewanted.com/ Frame 60B7 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b996fdc66d9abf1696965fbb8afdcb5b7b9aea5219da13e11d11512f3a101c

Request headers

Referer
https://skypost.ulifestyle.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82a64a6a389465b0-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 03:22:57 GMT
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 3C95 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
110cc45a86a31a5f20d26a85ac76a5fe104679a252808455075fa55390f63993

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:56 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 21:12:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=64184
Connection
keep-alive
Content-Length
13229
Expires
Thu, 23 Nov 2023 21:12:40 GMT
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
284 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
82479b21329ff01c7a23c63063cbe4bd005beeb5669c3fb2afa0da8b82101398
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
date
Thu, 23 Nov 2023 03:22:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame D03A 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=43640237&p=156181&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156181
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:55 GMT
content-length
0
984.json
id5-sync.com/g/v2/ 		251 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/984.json
Requested by
Host: rtbpass.andbeyond.media
URL: https://rtbpass.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
fd7ff74970247f3058badaed32d03b62b1d8ed8fd5bca2848cc8d55f00bfc641
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://skypost.ulifestyle.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://skypost.ulifestyle.com.hk
date
Thu, 23 Nov 2023 03:22:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
khaos.json
token.rubiconproject.com/ Frame 3C95 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
idsync
sync.aralego.com/ Frame 1B44 		35 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:57 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
getuid
eb2.3lift.com/ Frame D73B 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
x.bidswitch.net/ Frame 12C9 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=between
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.95.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-95-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
match
ads.betweendigital.com/ Frame 12C9
Redirect Chain
  • https://ads.adlook.me/csync?pid=btw&uid=bdd746a0-3761-5347-bd5f-654dd801a0c6&url=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D128%26external_user_id%3D%7BuserId%7D
  • https://ads.betweendigital.com/match?bidder_id=128&external_user_id=c35ec95f65804c109a2a3f1f973fb0fb
68 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.betweendigital.com/match?bidder_id=128&external_user_id=c35ec95f65804c109a2a3f1f973fb0fb
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png

Redirect headers

location
https://ads.betweendigital.com/match?bidder_id=128&external_user_id=c35ec95f65804c109a2a3f1f973fb0fb
date
Thu, 23 Nov 2023 03:22:56 GMT
server
Microsoft-IIS/10.0
btw
sync.dmp.otm-r.com/match/ Frame 12C9 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/btw?id=bdd746a0-3761-5347-bd5f-654dd801a0c6
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
194.55.244.181 Moscow, Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 23 Nov 2023 03:22:57 GMT
server
nginx/1.23.2
sync
vid.vidoomy.com/ Frame 2959 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D261%26external_user_id%3D{{VID}}
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768

Request headers

Referer
https://ads.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Thu, 23 Nov 2023 03:22:57 GMT
etag
W/"64abbb76-c2af"
last-modified
Mon, 10 Jul 2023 08:04:06 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-age
328427
x-77-cache
HIT
x-77-nzt
EQwBnJIhiAH36wIFAA
x-77-nzt-ray
f6587a1db81e227691c55e654fe46705
x-77-pop
frankfurtDE
x-accel-date
1700381350
x-accel-expires
@1701418150
x-age-lb
328427
x-cache-lb
HIT
bidder_18.html
cache.betweendigital.com/code/ Frame 4ACA 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cache.betweendigital.com/code/bidder_18.html?USER_ID=bdd746a0-3761-5347-bd5f-654dd801a0c6&CACHEBUSTER=528852
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.236.118.210 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software
nginx /
Resource Hash
0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878

Request headers

Referer
https://ads.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Thu, 23 Nov 2023 03:22:57 GMT
etag
W/"638623e5-e7e"
last-modified
Tue, 29 Nov 2022 15:23:17 GMT
server
nginx
x-cdn-edge-cache
HIT
x-cdn-edge-id
311
x-cdn-request-id
5793fcf5a9c7a315ee11c4b38c819427
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame 60B7 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1990297
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
82a64a6ae8e565b0-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
setuid
user-sync.adxpremium.services/ Frame D73B
Redirect Chain
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=ef5c97d7a18e92db0aeb60901392f0ca092c2cab518510a5a60df3835cbf0ade
86 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=ef5c97d7a18e92db0aeb60901392f0ca092c2cab518510a5a60df3835cbf0ade
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:58 GMT
content-length
86
content-type
image/png

Redirect headers

Location
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=ef5c97d7a18e92db0aeb60901392f0ca092c2cab518510a5a60df3835cbf0ade
Pragma
no-cache
Date
Thu, 23 Nov 2023 03:22:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Transfer-Encoding
chunked
Expires
0
drop_cookie_sw.php
csync.smilewanted.com/ Frame 4A8B 		0
319 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82a64a6b893f65b0-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 03:22:57 GMT
server
cloudflare
vary
Accept-Encoding
getuid
sync.smartadserver.com/ Frame D282
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Thu, 23 Nov 2023 03:22:56 GMT

Redirect headers

cache-control
no-cache,no-store
content-length
0
date
Thu, 23 Nov 2023 03:22:56 GMT
location
https://sync.smartadserver.com:443/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
pragma
no-cache
urlsvid.json
vpaid.vidoomy.com/sync/ Frame 2959 		1 KB
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D261%26external_user_id%3D{{VID}}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 23 Nov 2023 03:22:57 GMT
content-encoding
gzip
x-age-lb
328666
x-77-cache
HIT
x-accel-date
1700381111
x-77-nzt
EQwBnJIhiAH32gMFAA
x-accel-expires
@1701417911
x-77-age
328666
x-cache-lb
HIT
last-modified
Mon, 10 Jul 2023 08:02:46 GMT
server
CDN77-Turbo
etag
W/"64abbb26-479"
x-77-nzt-ray
f6587a1de013d2ab91c55e65fc41b212
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://vid.vidoomy.com
access-control-allow-credentials
true
7991369511556427666
csync.smilewanted.com/set_partner_userid_get/appnexus/ Frame 5909
Redirect Chain
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/7991369511556427666
0
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/appnexus/7991369511556427666
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82a64a6bf97365b0-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 03:22:57 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
ff76eb6d-ab03-4efd-b966-ca4249203d9d
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Thu, 23 Nov 2023 03:22:57 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/appnexus/7991369511556427666
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
178.162.209.133; 178.162.209.133; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
sync.php
pixel.rubiconproject.com/exchange/ Frame 97FF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
Expires
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
4b510f0cc5fcbc9800016ef543086418
cm-notify
creativecdn.com/ Frame 8B22
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=vidoomy
  • https://creativecdn.com/cm-notify?pi=vidoomy&tc=1
42 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://creativecdn.com/cm-notify?pi=vidoomy&tc=1
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D261%26external_user_id%3D{{VID}}
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
42
content-type
image/gif
date
Thu, 23 Nov 2023 03:22:57 GMT Thu, 23 Nov 2023 03:22:57 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache

Redirect headers

content-length
0
date
Thu, 23 Nov 2023 03:22:57 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://creativecdn.com/cm-notify?pi=vidoomy&tc=1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 5199 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156498&gdpr=0&gdpr_consent=&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%28PM_UID%29%26vid%3D3ced02bbfa54884d803382ed9c503c87%26dspid%3Dpubmatic
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D261%26external_user_id%3D{{VID}}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=55971
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 03:22:57 GMT
expires
Thu, 23 Nov 2023 18:55:48 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pbscookie
a.vidoomy.com/api/rtbserver/ Frame 2959
Redirect Chain
  • https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D$%7BUID%7D%26vid%3D3ced02bbfa54884d803382ed9c503c87%26dspid%3Dopenx
  • https://a.vidoomy.com/api/rtbserver/pbscookie?uid=fdfb4bb9-ae6d-4488-97d3-926bc2c600a5&vid=3ced02bbfa54884d803382ed9c503c87&dspid=openx
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=fdfb4bb9-ae6d-4488-97d3-926bc2c600a5&vid=3ced02bbfa54884d803382ed9c503c87&dspid=openx
Requested by
Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-iframe
Protocol
HTTP/1.1
Server
212.36.83.246 Sant Vicenç dels Horts, Spain, ASN15699 (AS_ADAM Adam Datacenter, ES),
Reverse DNS
lb2.vdmy.dtic.es
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:57 GMT
Server
nginx
Access-Control-Allow-Methods
HEAD,GET,POST,PUT,DELETE,PATCH,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-VD-C
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:57 GMT
via
1.1 google
content-type
text/html; charset=utf-8
location
https://a.vidoomy.com/api/rtbserver/pbscookie?uid=fdfb4bb9-ae6d-4488-97d3-926bc2c600a5&vid=3ced02bbfa54884d803382ed9c503c87&dspid=openx
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
166
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 4633 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=55971
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 03:22:57 GMT
expires
Thu, 23 Nov 2023 18:55:48 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
server_match
ice.360yield.com/ Frame 4076 		43 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.19.208.136 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-208-136.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-length
43
content-type
image/gif
date
Thu, 23 Nov 2023 03:22:57 GMT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
616f06e0-2797-49ff-ba2a-95923d216a5a
csync.smilewanted.com/set_partner_userid_get/openx/ Frame 6BFC
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
  • https://csync.smilewanted.com/set_partner_userid_get/openx/616f06e0-2797-49ff-ba2a-95923d216a5a
0
402 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/openx/616f06e0-2797-49ff-ba2a-95923d216a5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82a64a6d5a3965b0-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 03:22:57 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Thu, 23 Nov 2023 03:22:57 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/openx/616f06e0-2797-49ff-ba2a-95923d216a5a
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
x.bidswitch.net/ Frame 4ACA 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=between
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=bdd746a0-3761-5347-bd5f-654dd801a0c6&CACHEBUSTER=528852
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.95.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-95-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:57 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pixel
ap.lijit.com/ Frame EB66 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Thu, 23 Nov 2023 03:22:57 GMT
X-Sovrn-Pod
ad_ap5ams1
991508d4-89af-11ee-bbb1-002590c82437
an.yandex.ru/mapuid/adsniperis/ Frame 4ACA
Redirect Chain
  • https://sync.bumlam.com/?src=aid0
  • https://sync.bumlam.com/?src=aid0&s_data=CAIQARiRi_uqBqIBEJkVCNSJrxHuu7EAJZDIJDc*
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=991508d4-89af-11ee-bbb1-002590c82437
  • https://x01.aidata.io/0.gif?pid=ADSNIPER&id=991508d4-89af-11ee-bbb1-002590c82437&bounce=1
  • https://sync.bumlam.com/?src=aid1&uid=Xn3G7KlJ3ZG9S%2FKtwA%2B3iA&
  • https://an.yandex.ru/mapuid/adsniperis/991508d4-89af-11ee-bbb1-002590c82437
  • https://an.yandex.ru/mapuid/adsniperis/991508d4-89af-11ee-bbb1-002590c82437?redir-setuniq=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/mapuid/adsniperis/991508d4-89af-11ee-bbb1-002590c82437?redir-setuniq=1
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:58 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 23 Nov 2023 03:22:58 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
content-type
image/gif; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 23 Nov 2023 03:22:58 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:57 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Thu, 23 Nov 2023 03:22:57 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
location
https://an.yandex.ru/mapuid/adsniperis/991508d4-89af-11ee-bbb1-002590c82437?redir-setuniq=1
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Thu, 23 Nov 2023 03:22:57 GMT
1733395365844718848
csync.smilewanted.com/set_partner_userid_get/adform/ Frame 3536
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/1733395365844718848
0
440 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/1733395365844718848
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82a64a6dea9165b0-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 03:22:57 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Thu, 23 Nov 2023 03:22:57 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/1733395365844718848
server
nginx
/
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame 1933
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
0
138 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82a64a707beb65b0-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 03:22:58 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Content-Type
text/html; charset=utf-8
Date
Thu, 23 Nov 2023 03:22:57 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma
no-cache
O9PgoLLdutX1EnVaEu_zbQIZvLhh2P0J6W8kHUk7-m8
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame 6494
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/O9PgoLLdutX1EnVaEu_zbQIZvLhh2P0J6W8kHUk7-m8?pi=smilewanted
0
728 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/O9PgoLLdutX1EnVaEu_zbQIZvLhh2P0J6W8kHUk7-m8?pi=smilewanted
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.69.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82a64a6e7ad065b0-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 23 Nov 2023 03:22:57 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 23 Nov 2023 03:22:57 GMT Thu, 23 Nov 2023 03:22:57 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/O9PgoLLdutX1EnVaEu_zbQIZvLhh2P0J6W8kHUk7-m8?pi=smilewanted
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame FBBB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=bdd746a0-3761-5347-bd5f-654dd801a0c6&CACHEBUSTER=528852
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://cache.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 23 Nov 2023 03:22:58 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 23 Nov 2023 03:22:58 GMT
location
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
server
AkamaiGHost
sync
vid.vidoomy.com/ Frame 349F 		49 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
date
Thu, 23 Nov 2023 03:22:58 GMT
etag
W/"64abbb76-c2af"
last-modified
Mon, 10 Jul 2023 08:04:06 GMT
server
CDN77-Turbo
vary
Accept-Encoding
x-77-age
328436
x-77-cache
HIT
x-77-nzt
EQwBnJIhiAH39AIFAA
x-77-nzt-ray
f6587a1db81e227692c55e65dd941003
x-77-pop
frankfurtDE
x-accel-date
1700381342
x-accel-expires
@1701418142
x-age-lb
328436
x-cache-lb
HIT
usync.js
eus.rubiconproject.com/ Frame FBBB 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
110cc45a86a31a5f20d26a85ac76a5fe104679a252808455075fa55390f63993

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Thu, 23 Nov 2023 03:22:58 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2023 21:12:51 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=64182
Connection
keep-alive
Content-Length
13229
Expires
Thu, 23 Nov 2023 21:12:40 GMT
setuid
user-sync.adxpremium.services/ Frame D73B
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=194962&limit=50&cb=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dix%26uid%3D
  • https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZV7FjXUo5XrhCi9yEsUUZwAA%265125
86 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZV7FjXUo5XrhCi9yEsUUZwAA%265125
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:58 GMT
content-length
86
content-type
image/png

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:58 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkqcuzcsQYL10a88ZI03PpqJ7%2Fc2%2FdKOM1MBwIOonCMizwRsl4RnyH0CEyfX1dak3yZ1W3St4PHlYyGaQsHrqs1qKkgBr6U149kM11F%2FGO9mWPoj7iiqFDJ86032kWkuAk30jiSo"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://user-sync.adxpremium.services/setuid?bidder=ix&uid=ZV7FjXUo5XrhCi9yEsUUZwAA%265125
cache-control
no-cache
cf-ray
82a64a713b9b6927-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
khaos.json
token.rubiconproject.com/ Frame FBBB 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
528852
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame 4ACA
Redirect Chain
  • https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/528852
  • https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/528852
43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/528852
Protocol
H2
Server
2001:6d0:4001::226 , Russian Federation, ASN52016 (ADFACT, RU),
Reverse DNS
Software
ms-counter-4.0.4/1.22.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:58 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
ms-counter-4.0.4/1.22.1
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
43
expires
Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:58 GMT
strict-transport-security
max-age=2678400
server
ms-counter-4.0.4/1.22.1
content-type
image/gif
location
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/528852
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin
*
content-length
0
expires
Thu, 01 Jan 1970 00:00:01 GMT
urlsvid.json
vpaid.vidoomy.com/sync/ Frame 349F 		1 KB
858 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vpaid.vidoomy.com/sync/urlsvid.json
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Thu, 23 Nov 2023 03:22:58 GMT
content-encoding
gzip
x-age-lb
328667
x-77-cache
HIT
x-accel-date
1700381111
x-77-nzt
EQwBnJIhiAH32wMFAA
x-accel-expires
@1701417911
x-77-age
328667
x-cache-lb
HIT
last-modified
Mon, 10 Jul 2023 08:02:46 GMT
server
CDN77-Turbo
etag
W/"64abbb26-479"
x-77-nzt-ray
f6587a1de013d2ab92c55e6546aaa00a
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://vid.vidoomy.com
access-control-allow-credentials
true
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A84B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?limit=50&predirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dpubmatic%26uid%3D
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://adxbid.info/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=55970
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 03:22:58 GMT
expires
Thu, 23 Nov 2023 18:55:48 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pixel
ap.lijit.com/ Frame D73B 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsovrn%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 23 Nov 2023 03:22:58 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
x.bidswitch.net/ Frame 4ACA 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=429&user_id=bdd746a0-3761-5347-bd5f-654dd801a0c6&expires=60
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.95.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-95-101.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cache.betweendigital.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:58 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
/
onetag-sys.com/usync/ Frame 3275 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5d1628750185ace
Requested by
Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=bdd746a0-3761-5347-bd5f-654dd801a0c6&CACHEBUSTER=528852
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://cache.betweendigital.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-store
strict-transport-security
max-age=15552000
sync.php
pixel.rubiconproject.com/exchange/ Frame D73B 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-lupon&limit=50
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
user-sync.adxpremium.services/ Frame D73B
Redirect Chain
  • https://cm.adform.net/cookie?limit=50&redirect_url=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dadform%26uid%3D%24UID
  • https://user-sync.adxpremium.services/setuid?bidder=adform&uid=1733395365844718848
86 B
808 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=1733395365844718848
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
209.192.201.180 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:58 GMT
content-length
86
content-type
image/png

Redirect headers

location
https://user-sync.adxpremium.services/setuid?bidder=adform&uid=1733395365844718848
date
Thu, 23 Nov 2023 03:22:58 GMT
server
nginx
content-length
0
content-type
text/plain
/
track.adform.net/serving/unload/ Frame 0294 		35 B
601 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=1733395365844718848@@69427185,1883876773100042321,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|62GmLHc6bEpcPlakbYq96TJpUhfsqnchtrra7ftlRmPo2m-nk46PRvL_QlhaeLlf0|||11||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal900021.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://hal900021.redintelligence.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 4B8B 		35 B
601 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=1733395365844718848@@69427184,5920228560131508713,0|0|0|0|0|0|0|0|0||0|1|||||1|0|0|GIILogWyeHrxBx_RTJEBJzJpUhfsqnchfUZmq-A4hEW53mFK-WowvfL_QlhaeLlf0|||11||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal900029.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://hal900029.redintelligence.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
match
ads.betweendigital.com/ Frame 2959 		68 B
598 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/match?bidder_id=261&external_user_id=3ced02bbfa54884d803382ed9c503c87
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D261%26external_user_id%3D{{VID}}
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
68
content-type
image/png
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A5A6 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156498&gdpr=0&gdpr_consent=&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%28PM_UID%29%26vid%3D3ced02bbfa54884d803382ed9c503c87%26dspid%3Dpubmatic
Requested by
Host: vid.vidoomy.com
URL: https://vid.vidoomy.com/sync?limit=50&redirect=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dvidoomy%26uid%3D%7B%7BVID%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://vid.vidoomy.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=55969
content-encoding
gzip
content-length
5622
content-type
text/html
date
Thu, 23 Nov 2023 03:22:59 GMT
expires
Thu, 23 Nov 2023 18:55:48 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 349F 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?gdpr=0&gdpr_consent=&nid=120&redir=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%7BuserId%7D%26vid%3D3ced02bbfa54884d803382ed9c503c87%26dspid%3DCEN
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 -, , ASN (),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Thu, 23 Nov 2023 03:22:59 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 349F 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-vidoomy&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://vid.vidoomy.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
PugMaster
image6.pubmatic.com/AdServer/ Frame A5A6 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=59085113&p=156498&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156498&gdpr=0&gdpr_consent=&userIdMacro=(PM_UID)&predirect=https%3A%2F%2Fa.vidoomy.com%2Fapi%2Frtbserver%2Fpbscookie%3Fuid%3D%28PM_UID%29%26vid%3D3ced02bbfa54884d803382ed9c503c87%26dspid%3Dpubmatic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:22:58 GMT
content-length
0
/
track.adform.net/serving/unload/ Frame 9C71 		35 B
601 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=1733395365844718848@@69427189,5464464653523870783,100|4700|0|0|0|0|0|0|0||160|1|||||1|0|0|6n8-gE0P6wDxBx_RTJEBJzJpUhfsqnchfUZmq-A4hEVxxwcb_dZ1K_L_QlhaeLlf0|||01||0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.28 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hal900021.redintelligence.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 23 Nov 2023 03:22:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://hal900021.redintelligence.net
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1

Verdicts & Comments Add Verdict or Comment

931 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| documentPictureInPicture function| $ function| jQuery function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| TapListener function| imagesLoaded function| getAuthor function| getGaTags function| getSectionName function| getPubDate function| getSubSectionId function| getPageUrl function| getClickUrl function| getHeadline function| getAdhocTagStr function| getCategory function| getPageViewGa4Model function| getScreen function| videoTracking function| relatedArticleGa4 function| socialShareGa4 function| infiniteScrollGa4 function| imageGalleryGa4 function| searchGa4 function| openInAppGa4 function| initMenuBarGa4Tracker function| initSectionBarGa4Tracker function| initHomeSliderTracker function| themeTapGa4 function| sendGa4Event function| sendGa4EventForMeasurementId function| myFunction object| dataLayer object| _comscore function| fbq function| _fbq function| Cookies string| contextPath string| websitePath undefined| ULVID undefined| GVID undefined| SGVID string| contentImport string| contentType object| formalTagGA string| formalTagGAStr object| formalTagDFP string| gaTags object| gaTagsArr object| keywords string| sectionName string| subSectionId string| pubDate string| articleTitle string| channelCode string| matomoDimension2 object| matomoDimension3 string| currentPage function| mainSendGa4 function| getCookie object| html5 object| Modernizr function| yepnope string| articleId string| dfpSectionId object| SectionNameCode string| environment string| metaTitle string| metaDescription string| metaKeyword string| ogTitle string| ogDescription string| ogUrl string| ogImageUrl string| prefix string| subSectionName string| previousURL object| moreNews number| moreNewsShownCount object| moreNewsArticleId object| moreNewsLinkList object| moreNewsArticleHeadlineList number| nextPageNum string| articleIsPaid string| facebook_share_link string| existTitle string| dataOrding string| title object| articleMap object| OGMap string| prevUrl number| scroll_position undefined| scroll_direction string| matomositeurl string| matomoSiteId string| previewCode object| googletag string| currentURL string| type object| gptAdSlots string| audience number| startBrowserWidth function| adsRefresh function| adsResize function| loadTopBanner function| setTopBanner function| loadRefreshAd object| COMSCORE object| ns_p object| FB object| ggeac object| google_tag_data object| google_js_reporting_queue function| postscribe object| google_tag_manager_external object| google_tag_manager object| GooglebQhCsO function| moveUpCookiesBarIfNeed function| agreeCookies object| bootstrap function| autoComplete function| Popper object| jQuery11130173823210140998 function| Waypoint string| GoogleAnalyticsObject function| ga object| App string| waypointContextKey object| __buffer object| lazySizesConfig object| lazySizes object| gaGlobal object| gaplugins object| gaData undefined| google_measure_js_timing number| google_unique_id object| pbjs function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_oa object| sync16589_xa object| sync16589_ya function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_J function| sync16589_K function| sync16589_L function| sync16589_la function| sync16589_ma function| sync16589_na function| sync16589_M function| sync16589_N function| sync16589_pa function| sync16589_O function| sync16589_qa function| sync16589_ra function| sync16589_sa function| sync16589_P function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_wa function| sync16589_Q function| sync16589_R function| sync16589_za function| sync16589_S function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_Aa function| sync16589_W function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Ea function| sync16589_Ba function| sync16589_1 function| sync16589_Da function| sync16589_Ca function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Ga function| sync16589_Ha function| sync16589_Ja function| sync16589_Fa function| sync16589_7 function| sync16589_Ia function| sync16589_La function| sync16589_Ka function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_Pa function| sync16589_$ function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa function| sync16589_Ta object| lotame_sync_16589 object| regeneratorRuntime object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_144 object| Criteo object| Criteo_identitytag_144 object| __uid2SecureSignalProvider object| __uid2 object| ox_esp object| _paq object| toastr function| initialize function| searchPress function| searchAPI function| initDocumnet function| cancelUnread function| copyUrl function| showPhotoSwipe function| loadImage function| loadAd function| loadTopBannerDFP function| loadFullScreenDFP function| PhotoSwipe function| PhotoSwipeUI_Default function| UpdateTableHeaders number| lastScrollTop function| FontFaceObserver function| InfiniteScroll object| vttjs function| WebVTT function| videojs object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog function| videojsContribAds object| videojsIma object| customPlayers object| CustomVideoPlayers boolean| customPlayersScanned boolean| processingMA boolean| needToProcessMAAgain number| MAProcessCount function| piwikMediaAnalyticsAsyncInit function| matomoMediaAnalyticsAsyncInit function| scanForCustomPlayers function| initAll function| setCookie boolean| first number| count boolean| changeActive function| checkScrollPosition function| isScrolledIntoView boolean| scrollToNext boolean| scrollingNow function| toNextArticle function| checkVideoPlayerScroll number| lastKnownScrollPosition function| autoPlayVideoHandler function| socialShare function| shareOverrideOGMeta number| time_interval number| geopercent number| geoedge number| min_view_andbeyond number| min_view number| timebased_refresh_andbeyond number| hijackabm number| unfilledabm object| andbeyondnewarray number| residual number| residual2 number| refresh_andbeyond number| number number| refresh number| iframes string| machine_rules object| label_adapter_video object| label_adapter_display object| config_rtb object| adapter_rtb_new string| home_country object| adunit_network function| getQueryString_val_new string| sitemainurlandbyeond undefined| andbeyondhttp function| getQueryString_val object| andbeyondoverlay object| myElementrtbtracker string| urlpub object| observ object| slot_vis object| start_time object| total_vis string| country_rtb1 string| city_rtb string| city_ip string| city_region string| Countrytimezone number| timedate1 number| andstatus300 number| andstatus3001 number| prebid_active number| newtestunitcount number| adlooksstatus number| adlooksstatus1 number| adloox_fraud number| andbeyondadult number| newunitcallback string| timezonename object| block_url number| width number| height number| size3001status number| size3002status number| size3003status number| size3004status number| size3005status number| size3006status number| size3007status number| size3008status number| size3009status number| size30010status number| size30011status number| size30012status number| size30013status number| size30014status number| size30015status number| size6001status number| size6002status number| size6003status number| size6004status number| size7281status number| size7282status number| size7283status number| size7284status number| size7285status number| size9701status number| size9702status number| size9703status number| size9704status number| size9705status number| size9702501status number| size9702502status number| size9702503status number| size9702504status number| size9702505status number| size1601status number| size1602status number| size1201status number| size1202status number| size3201status number| size3202status number| size3203status number| size3204status number| size3205status number| size1001status number| size1002status number| size1003status number| size1004status number| size1005status object| label_adapter number| tier2 number| tier3 number| globalandbeyond number| factor_internal number| timebased number| timebased_refresh number| timer_refresh number| factor_visible number| factor_tier1 number| factor_tier2 string| factor_tier1_text string| factor_tier2_text string| no_refresh boolean| detectPartial number| highcpm number| highcpm1 number| windowwandtest number| strategy number| myVar number| randomval1 number| network1 number| network2 number| percent1 number| namemc number| windowwidth2 number| PREBID_TIMEOUT_NEW number| floor number| ref object| rtbpbjs object| activeadunit object| divandbeyond number| andbeyondtotalSeconds number| andbeyondtotalSeconds1 undefined| andbeyondtimestop boolean| idleStates object| idleTimers object| a9slots object| and_geo_block number| localandbeyond string| url1 string| country function| adloox_pubint_timeout object| debug undefined| adunitmock undefined| adUnitsfirst undefined| adUnitsvideo number| globalinterval3 number| windowwidth number| global_refresh number| newid number| flag2 number| refresh_time1 number| refresh_time number| refresh_time2 number| hijackinterval3 object| andbeyondpv number| windowwidth1 string| urlmob22 string| urlmob1 number| randomvaldatatest number| globalcount number| globalinterval function| bidder_restrict function| callnative function| encodenativeurl function| callvideo function| calcTime function| isInteger function| myTimer function| isVisible function| bidadjust1 function| refreshbidpageview function| andbeyonddisps function| addListenerMulti function| blackbox function| refreshBid1rtb function| refreshBid2 object| aff_var number| floorlogic object| bidder_allowed_native object| bidder_allowed_video object| apstag number| current_time object| adloox_pubint object| ignore number| refreshval number| number5 function| createCookie function| pad function| getDateString function| getAISID function| setAISID function| getAudience function| setAudience object| grumi object| _aps boolean| apstagLOADED object| apscustom object| rtbpbjsChunk object| _rtbpbjsGlobals object| ADAGIO object| invibes object| mnet string| nobidVersion object| nobid object| lotame_sync_16576 function| ha function| sync16576_aa function| sync16576_c undefined| sync16576_d undefined| sync16576_ba undefined| sync16576_e function| sync16576_f object| sync16576_h function| sync16576_ca function| sync16576_j function| sync16576_da object| sync16576_ object| sync16576_ga object| sync16576_v object| sync16576_oa object| sync16576_xa object| sync16576_ya function| sync16576_a function| sync16576_b function| sync16576_g function| sync16576_i function| sync16576_k function| sync16576_l function| sync16576_m function| sync16576_n function| sync16576_o function| sync16576_p function| sync16576_q function| sync16576_r function| sync16576_fa function| sync16576_ea function| sync16576_s function| sync16576_t function| sync16576_u function| sync16576_w function| sync16576_ha function| sync16576_ia function| sync16576_y function| sync16576_ja function| sync16576_z function| sync16576_A function| sync16576_x function| sync16576_B function| sync16576_ka function| sync16576_C function| sync16576_D function| sync16576_E function| sync16576_F function| sync16576_G function| sync16576_H function| sync16576_I function| sync16576_J function| sync16576_K function| sync16576_L function| sync16576_la function| sync16576_ma function| sync16576_na function| sync16576_M function| sync16576_N function| sync16576_pa function| sync16576_O function| sync16576_qa function| sync16576_ra function| sync16576_sa function| sync16576_P function| sync16576_ta function| sync16576_ua function| sync16576_va function| sync16576_wa function| sync16576_Q function| sync16576_R function| sync16576_za function| sync16576_S function| sync16576_T function| sync16576_U function| sync16576_V function| sync16576_Aa function| sync16576_W function| sync16576_X function| sync16576_Y function| sync16576_Z function| sync16576__ function| sync16576_0 function| sync16576_Ea function| sync16576_Ba function| sync16576_1 function| sync16576_Da function| sync16576_Ca function| sync16576_2 function| sync16576_3 function| sync16576_4 function| sync16576_5 function| sync16576_Ga function| sync16576_Ha function| sync16576_Ja function| sync16576_Fa function| sync16576_7 function| sync16576_Ia function| sync16576_La function| sync16576_Ka function| sync16576_8 function| sync16576_6 function| sync16576_9 function| sync16576_Ma function| sync16576_Na function| sync16576_Oa function| sync16576_Pa function| sync16576_$ function| sync16576_Qa function| sync16576_Ra function| sync16576_Sa function| sync16576_Ta object| ID5 object| __id5_instances object| hadron boolean| __halo_loaded__ undefined| title6 object| PublisherCommonId number| iframe1 string| iframeid string| size number| flag string| temp number| size300 number| size250 number| size600 number| size728 number| size160 number| size120 number| size970 number| size90 number| size320 number| size50 number| size336 number| size280 number| size100 number| sizehp11 number| sizehp12 number| sizehp13 number| sizehp18 number| sizehp14 number| sizehp15 number| sizehp16 number| sizehp17 number| sizehp19 number| sizehp22 number| sizehp21 number| sizehp1200 number| sizehp20 number| sizehp7 number| hijack string| h2 object| json object| test string| d1 string| a1 string| c1 string| v1 string| s1 string| h1 string| si1 number| d string| timezone number| current_hour2 number| nextactive string| adunit3 string| adunit2 number| countdivgptad152090982909831 number| tempval number| strategy2 number| success number| flag4 number| status970new number| statusdivgptad152090982909831new number| stat string| id2 string| andbeyonddivdivgptad152090982909831 number| andbeyondwidthdivgptad152090982909831 number| andbeyondheightdivgptad152090982909831 number| countandbeyond9701 number| activeandbeyond9701 number| passiveandbeyond9701 number| time_refreshunitandbeyond9701 number| nextnumberandbeyond9701 number| counterefreshandbeyond9701 object| startdate number| mseconds number| crontime object| timerefreshand number| status_bad object| id1 number| aff number| len string| pos1 string| text number| width1 number| height1 number| width2 object| andbeyond9701 number| strategy2andbeyond9701 number| strategy2widthandbeyond9701 number| strategy2heightandbeyond9701 number| strategy2typeandbeyond9701 number| strategy2counterandbeyond9701 string| adunit2andbeyond9701 string| zonename object| labelnew string| device object| restrict_bidder object| temp_ar undefined| temp_ar_new object| temp_ar_new1 string| keyname_new string| label_temp object| keyname_temp number| m string| temp_val number| tempnetwork object| temp_net number| videoa9flag number| widthidandbeyond9701 number| heightidandbeyond9701 string| temp_caps number| flagvideo number| VIDEOFLAGandbeyond9701 undefined| title9 undefined| title7 undefined| title8 undefined| title10 object| sas object| apntag object| _ADAGIO string| mediaType object| au string| slotElement number| countdivgptad152090982909821 number| status300new number| statusdivgptad152090982909821new string| andbeyonddivdivgptad152090982909821 number| andbeyondwidthdivgptad152090982909821 number| andbeyondheightdivgptad152090982909821 number| countandbeyond3001 number| activeandbeyond3001 number| passiveandbeyond3001 number| time_refreshunitandbeyond3001 number| nextnumberandbeyond3001 number| counterefreshandbeyond3001 object| endate object| andbeyond3001 number| strategy2andbeyond3001 number| strategy2widthandbeyond3001 number| strategy2heightandbeyond3001 number| strategy2typeandbeyond3001 number| strategy2counterandbeyond3001 string| adunit2andbeyond3001 number| widthidandbeyond3001 number| heightidandbeyond3001 number| VIDEOFLAGandbeyond3001 object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log number| videoflag string| idnew12 string| context object| videocode number| videounit string| contextvideounit number| timeflag string| idnew2 number| knew number| j number| newidflag string| vs3 number| nextpassive number| time_refreshunit number| nextnumber number| pos number| passivedivgptad152090982909811 number| activedivgptad152090982909811 number| time_refreshunitdivgptad152090982909811 number| nextnumberdivgptad152090982909811 number| newflag number| diff number| flagnewone number| passivedivgptad15209098290984 number| activedivgptad15209098290984 number| time_refreshunitdivgptad15209098290984 number| nextnumberdivgptad15209098290984 number| passivedivgptad152090982909812 number| activedivgptad152090982909812 number| time_refreshunitdivgptad152090982909812 number| nextnumberdivgptad152090982909812 number| passivedivgptad152090982909821 number| activedivgptad152090982909821 number| time_refreshunitdivgptad152090982909821 number| nextnumberdivgptad152090982909821 number| passivedivgptad152090982909831 number| activedivgptad152090982909831 number| time_refreshunitdivgptad152090982909831 number| nextnumberdivgptad152090982909831 number| passivedivgptad152090982909822 number| activedivgptad152090982909822 number| time_refreshunitdivgptad152090982909822 number| nextnumberdivgptad152090982909822 number| passivedivgptad152090982909832 number| activedivgptad152090982909832 number| time_refreshunitdivgptad152090982909832 number| nextnumberdivgptad152090982909832 number| passivelightboxdfp number| activelightboxdfp number| time_refreshunitlightboxdfp number| nextnumberlightboxdfp object| andbeyond30015 number| flag_active number| visible object| ONFOCUS object| GoogleGcLKhOms number| passiveandbeyond30015 number| activeandbeyond30015 number| time_refreshunitandbeyond30015 number| nextnumberandbeyond30015 number| countdivgptad152090982909811 number| statusdivgptad152090982909811new string| andbeyonddivdivgptad152090982909811 number| andbeyondwidthdivgptad152090982909811 number| andbeyondheightdivgptad152090982909811 number| countandbeyond9702 number| activeandbeyond9702 number| passiveandbeyond9702 number| time_refreshunitandbeyond9702 number| nextnumberandbeyond9702 number| counterefreshandbeyond9702 object| andbeyond9702 number| strategy2andbeyond9702 number| strategy2widthandbeyond9702 number| strategy2heightandbeyond9702 number| strategy2typeandbeyond9702 number| strategy2counterandbeyond9702 string| adunit2andbeyond9702 number| widthidandbeyond9702 number| heightidandbeyond9702 number| VIDEOFLAGandbeyond9702 number| countlightboxdfp number| status728new number| statuslightboxdfpnew string| andbeyonddivlightboxdfp number| andbeyondwidthlightboxdfp number| andbeyondheightlightboxdfp number| countandbeyond7281 number| activeandbeyond7281 number| passiveandbeyond7281 number| time_refreshunitandbeyond7281 number| nextnumberandbeyond7281 number| counterefreshandbeyond7281 object| andbeyond7281 number| strategy2andbeyond7281 number| strategy2widthandbeyond7281 number| strategy2heightandbeyond7281 number| strategy2typeandbeyond7281 number| strategy2counterandbeyond7281 string| adunit2andbeyond7281 number| widthidandbeyond7281 number| heightidandbeyond7281 number| VIDEOFLAGandbeyond7281 object| google_image_requests object| criteo_pubtag_prebid_136 object| Criteo_prebid_136

73 Cookies

Domain/Path Name / Value
skypost.ulifestyle.com.hk/ Name: BIGipServerpool_http_skypost_prod
Value: 3774982336.27680.0000
.ulifestyle.com.hk/ Name: _fbp
Value: fb.2.1700709770243.1749936114
.ulifestyle.com.hk/ Name: _ga_S71J3438QJ
Value: GS1.1.1700709770.1.0.1700709770.0.0.0
.ulifestyle.com.hk/ Name: _ga
Value: GA1.3.95362296.1700709770
.ulifestyle.com.hk/ Name: _gid
Value: GA1.3.1034550624.1700709770
.ulifestyle.com.hk/ Name: _gat_UA-45611067-1
Value: 1
.ulifestyle.com.hk/ Name: lotame_domain_check
Value: ulifestyle.com.hk
.criteo.com/ Name: uid
Value: 07c7e78a-26e5-4fef-872a-ec64e9d4f894
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.openx.net/ Name: i
Value: 1789fb2f-be75-4896-a689-9a9627baf1d5|1700709770
.doubleclick.net/ Name: IDE
Value: AHWqTUmj-t1g7RcPJJpwGA9Wug4ZASAGyPeMwwy0jTTDlW9lxot1mYU7CXjnl0A3vrk
.ulifestyle.com.hk/ Name: __gads
Value: ID=d99d1b6563fc9bfc:T=1700709770:RT=1700709770:S=ALNI_MYDU_TML-Ek6t8eK8e6Boe8HJL4LQ
.ulifestyle.com.hk/ Name: __gpi
Value: UID=00000cd89979a03b:T=1700709770:RT=1700709770:S=ALNI_MaarDuukHbRQr1v6TQrHobzRdUQBg
skypost.ulifestyle.com.hk/ Name: _rtbpbjs_userid_consent_data
Value: 3524755945110770
.ulifestyle.com.hk/ Name: _sharedID
Value: 44601fed-0484-4e06-81c4-7b85af44d44d
skypost.ulifestyle.com.hk/ Name: ucf_uid
Value: 25d79635-eb14-494a-b0f1-d2c0b49dffa2
prebid.a-mo.net/ Name: _Amc_b
Value: 0
.script.ac/ Name: __cf_bm
Value: PC13.GQ70TffX2PR5r51Q2pbgHrWj_9UvATXXLtr0PA-1700709771-0-AbowApXxHTaiSaHvGVkuEt6EOEbni8d3ShDa+6VoBXOoLsyRb4KgQNmpLXU7G4b3+5LGyh2bH+vGDEIgxgoahlQ=
.rubiconproject.com/ Name: khaos
Value: LPAMOQBC-L-GFOQ
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qoTfB1vNHqbcC+IXqvPVzt4X6LBWwGzep2k2NKlEueGiCN9+pZ3S3kf6Xbl6rnF+7hFprODm7hvUbIhQldn3Dnk6fKss1Ny+tQzw/HwJr6y/yGROcaEBfnhvsVAPbIH/+Hc6UO785F0Pw==
.adnxs.com/ Name: uuid2
Value: 7991369511556427666
skypost.ulifestyle.com.hk/ Name: _pk_id.3.97dc
Value: 6a8dea4e2c47d8ed.1700709772.
skypost.ulifestyle.com.hk/ Name: _pk_ses.3.97dc
Value: 1
viselb01.hket.com/ Name: _AISID_
Value: 20231123112251A57EE70E1DDD833A45452DAD226A66F3
.ulifestyle.com.hk/ Name: _AISID_
Value: 20231123112251A57EE70E1DDD833A45452DAD226A66F3
.betweendigital.com/ Name: dc
Value: was1
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.betweendigital.com/ Name: tuuid
Value: bdd746a0-3761-5347-bd5f-654dd801a0c6
.doubleclick.net/ Name: APC
Value: AfxxVi4cmF-y_sqPjdLKVDdfOBM-K2qiHxOQpUmMNDCP-Z0QSXI0lg
.adtelligent.com/ Name: vmuid
Value: ede0b672c2d525c2
.doubleclick.net/ Name: ar_debug
Value: 1
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 0fb644940d822e10
ads.us.e-planning.net/ Name: CT
Value: 1
.bing.com/ Name: MUID
Value: 363A5271146568B607D341A31565697D
.turn.com/ Name: uid
Value: 9174116025982367635
.adtelligent.com/ Name: a754412
Value: 0000EEA
.adtelligent.com/ Name: a751004
Value: 7991369511556427666
.adtelligent.com/ Name: a733849
Value: 7991369511556427666
.adtelligent.com/ Name: a584890
Value: 7991369511556427666
.adtelligent.com/ Name: a297253
Value: 7991369511556427666
.adform.net/ Name: C
Value: 1
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ac98bcf3-e919-4e26-b540-51c6d66e7382-003%22%2C%22nxtrdr%22%3Afalse%7D
.prebid.a-mo.net/ Name: __amc
Value: 5_1700709771_1700709773
.adform.net/ Name: uid
Value: 1733395365844718848
.adform.net/ Name: TPC
Value: 1700709773399
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ac98bcf3-e919-4e26-b540-51c6d66e7382-003%22%7D
.adtelligent.com/ Name: a541630
Value: RX-ac98bcf3-e919-4e26-b540-51c6d66e7382-003
.adnxs.com/ Name: icu
Value: ChgIlJ91EAoYASABKAEwjIv7qgY4AUABSAEKGQiI6IUBEAoYAyADKAMwjYv7qgY4A0ADSAMQjYv7qgYYAw..
.casalemedia.com/ Name: CMID
Value: ZV7FjXUo5XrhCi9yEsUUZwAA
.casalemedia.com/ Name: CMPS
Value: 5125
.casalemedia.com/ Name: CMPRO
Value: 5125
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C$Ql>..J!]tbPl1M>e)ZlrFUfJ+tGXxp?LYQGv:xWc#F9%s*Mui<uKCO?x_=[D(rtA3>%nugO%v4VB%no.`*B2_k
.ulifestyle.com.hk/ Name: cto_bundle
Value: A0li_19WJTJGOEVKc1hQZVRxSHRYNEFDWUJQS2tKVnpyWHMlMkI3TER3ck00TWdUbHRxSHdQZkJYdzA3YjBLRTkwcm1oc3htSWhDbUJBUkclMkZyaDdPaWNGRklzblh4Q1dwT0diM3JFUVdLcTMxcHY5MGxuTHNVcm85QkxvUUtOZkVCJTJGbmdCTERjTXElMkYlMkJlV0VieVVPSCUyQkxVSnk5SWVwTnFHYzZUNHI2NVlNRDZ1Ulp5VHg1YyUzRA
.ads.pubmatic.com/ Name: KCCH
Value: YES
ads.adlook.me/ Name: adlm_userId
Value: c35ec95f65804c109a2a3f1f973fb0fb
ads.adlook.me/ Name: adlk_cmatch
Value: btw%3Abdd746a0-3761-5347-bd5f-654dd801a0c6
.betweendigital.com/ Name: ut
Value: ZV7FkQAETZDYKEj_Y8OdAFtPJIlvDBrlV-vtIg==
.creativecdn.com/ Name: u
Value: vwgwKfuDsK90bvUwPOEg
.creativecdn.com/ Name: g
Value: vwgwKfuDsK90bvUwPOEg_1700709777391
.creativecdn.com/ Name: ts
Value: 1700709777
.aralego.com/ Name: gdpr
Value: 1
.aralego.com/ Name: sspid
Value: e13220c0-d222-3202-9fc7-3a04e7df32bd
.as.ck-ie.com/ Name: CID
Value: effd5dadbacdd0470c5a9f29333d5ec2a6931f0f
.bumlam.com/ Name: suuid3
Value: IiQ5OTE1MDhkNC04OWFmLTExZWUtYmJiMS0wMDI1OTBjODI0Mzc*
.smilewanted.com/ Name: sw_user_params_infos
Value: IHul%2But7MDOck7CaChiyLNPJuOf8ma2ebusziOjKFwrBLJnTRYoWHmlRYpwYvky8BWi0U1tJpF5MK7hdshN90fdDD6MzjqcGXTDS1vV5WTe2j%2FgaueLIQroPYBp6eSNQJGppPVhuSdTFOjX3kh30y07NQmHzHpDL%2B9X2%2BB9PTp8Q0FbqiB69yJNJ6ToPfiISgxslMUDj5bi7TsQLSIRjYGQ4VeW2yr4w02w7wCD2AISr2KEg4nZE986weYOKpv4E0BEiPdVHg4jXcbqggez3FMmrYule%2Fgh3%2Fjcxu091Lp81R2jt8IT%2Bct05cuhP1iIOw8TLgLMaiox2SzEXw86mTpJARVRaf48mB6LnEdYCRc0j0s1OhiPgg1wmQjtqQxWIJCOZhyyTbuzC8Uh9htvDCw%3D%3D
.aidata.io/ Name: __upin
Value: Xn3G7KlJ3ZG9S/KtwA+3iA
.aidata.io/ Name: __upints
Value: 1700709777
x01.aidata.io/ Name: adsnpr
Value: 1
.yandex.ru/ Name: yuidss
Value: 6624123141700709777
.yandex.ru/ Name: yandexuid
Value: 6624123141700709777
.tns-counter.ru/ Name: guid
Value: F4216828655EC592X1700709778
.adxpremium.services/ Name: uids
Value: eyJ0ZW1wVUlEcyI6eyJhZGZvcm0iOnsidWlkIjoiMTczMzM5NTM2NTg0NDcxODg0OCIsImV4cGlyZXMiOiIyMDIzLTEyLTA3VDA0OjIyOjU4Ljg2NTM4NjA2OCswMTowMCJ9LCJpeCI6eyJ1aWQiOiJaVjdGalhVbzVYcmhDaTl5RXNVVVp3QUFcdTAwMjY1MTI1IiwiZXhwaXJlcyI6IjIwMjMtMTItMDdUMDQ6MjI6NTguNjI3NTA2MzkrMDE6MDAifSwic21hcnR5YWRzIjp7InVpZCI6ImVmNWM5N2Q3YTE4ZTkyZGIwYWViNjA5MDEzOTJmMGNhMDkyYzJjYWI1MTg1MTBhNWE2MGRmMzgzNWNiZjBhZGUiLCJleHBpcmVzIjoiMjAyMy0xMi0wN1QwNDoyMjo1OC4yNzkzMDA1NzcrMDE6MDAifX0sImJkYXkiOiIyMDIzLTExLTIzVDA0OjIyOjU4LjI3OTMwMDA2NSswMTowMCJ9

4 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/safeframe/1-0-40/html/fake_image.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://s.console.adtarget.com.tr/sync/?aid=755289&gdpr_source=none&refer=https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Message:
Failed to load resource: the server responded with a status of 451 (Unavailable For Legal Reasons)
network error URL: https://s.adtelligent.com/sync/?aid=651796&gdpr_source=none&refer=https://2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com/
Message:
Failed to load resource: the server responded with a status of 451 (Unavailable For Legal Reasons)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0; includeSubDomains max-age=0 ; includeSubDomains
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2c235d32b49c7a332692bd863d4eb840.safeframe.googlesyndication.com
59362a77c0aa6d870809addf552816bc.safeframe.googlesyndication.com
a.ad.gt
a.teads.tv
a.vidoomy.com
aax.amazon-adsystem.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ad.yieldlab.net
ads.adlook.me
ads.betweendigital.com
ads.pubmatic.com
ads.us.e-planning.net
ads54.adtelligent.com
adsdk.microsoft.com
adxbid.info
ajax.googleapis.com
ams3-ib.adnxs.com
an.yandex.ru
ap.lijit.com
as.ck-ie.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon-fra2.rubiconproject.com
beauty.ulifestyle.com.hk
bidder.criteo.com
c.amazon-adsystem.com
cache.betweendigital.com
cadmus.script.ac
cdn.adnxs.com
cdn.aralego.net
cdn.hadronid.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cdnjs.cloudflare.com
cm.adform.net
cm.g.doubleclick.net
config.aps.amazon-adsystem.com
connect.facebook.net
contextual.media.net
creativecdn.com
csync.smilewanted.com
data00.adlooxtracking.com
dsum-sec.casalemedia.com
dw.hketgroup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fra1-ib.adnxs.com
ghb.adtelligent.com
ghb1.adtelligent.com
ghb2.adtelligent.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
googleads.github.io
grid.bidswitch.net
gum.criteo.com
gw.geoedge.be
hal9000.redintelligence.net
hal900017.redintelligence.net
hal900021.redintelligence.net
hal900029.redintelligence.net
hb.aralego.com
hbopenbid.pubmatic.com
hbx.media.net
i.clean.gg
ib.adnxs.com
ice.360yield.com
id.a-mx.com
id.hadron.ad.gt
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
j.adlooxtracking.com
lb.eu-1-id5-sync.com
lexicon.33across.com
match.adsrvr.org
mp.4dex.io
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.adlooxtracking.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
prebid.a-mo.net
prebid.andbeyond.media
prebid.media.net
prebid.smilewanted.com
prg-apac.smartadserver.com
prod.tahoe-analytics.publishers.advertising.a2z.com
region1.google-analytics.com
resource01-proxy.ulifestyle.com.hk
rtb.adpone.com
rtb.adxpremium.services
rtb.openx.net
rtbdemand.apiip.net
rtbpass.andbeyond.media
rumcdn.geoedge.be
s.adtelligent.com
s.console.adtarget.com.tr
s1.adform.net
sb.scorecardresearch.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
skypost.ulifestyle.com.hk
ssc-cms.33across.com
ssum.casalemedia.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
sync.1rx.io
sync.adtelligent.com
sync.aralego.com
sync.bumlam.com
sync.dmp.otm-r.com
sync.smartadserver.com
sync.targeting.unrulymedia.com
sync.teads.tv
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
u.openx.net
us-u.openx.net
user-sync.adxpremium.services
vid.vidoomy.com
viselb01.hket.com
vpaid.vidoomy.com
wrappers.geoedge.be
www.bing.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
104.18.36.155
104.22.69.131
108.138.1.25
108.138.9.235
118.143.30.151
118.143.30.166
13.215.0.207
131.153.158.209
141.95.98.64
142.250.185.130
142.250.186.166
144.76.104.53
144.76.238.55
145.40.97.66
15.197.193.217
151.101.129.108
151.101.193.108
151.101.195.52
151.236.118.210
159.69.70.9
16.163.169.164
162.19.138.116
18.198.246.226
18.245.60.76
18.66.112.106
184.30.16.195
184.30.17.243
184.30.20.22
184.30.21.51
185.106.140.18
185.184.8.90
185.64.189.112
185.64.191.210
185.83.71.234
185.86.139.102
185.86.139.58
185.89.210.20
185.89.210.212
192.96.203.13
193.3.178.4
194.55.244.181
198.47.127.19
2.16.97.41
2.18.160.23
2.23.78.67
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2001:6d0:4001::226
209.192.201.180
212.36.83.246
216.52.2.48
23.201.255.110
2600:9000:223d:2a00:10:43f:4352:ad61
2600:9000:2240:2e00:2:d490:4d80:93a1
2600:9000:2250:2400:a:e047:753:a221
2600:9000:2491:9a00:4:b37b:9440:93a1
2602:803:c003:200::51
2602:803:c004:200::154
2606:4700:10::6816:34ad
2606:4700:10::6816:3556
2606:4700:10::6816:4192
2606:4700:10::6816:545
2606:4700:10::ac43:17ea
2606:4700:20::681a:567
2606:4700:20::681a:a19
2606:4700:20::ac43:4bf1
2606:4700:4400::ac40:994e
2606:4700::6810:5514
2606:4700::6811:180e
2606:4700::6812:1691
2606:4700:e2::ac40:8513
2606:50c0:8001::153
2620:1ec:46::45
2a00:1450:4001:809::2001
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::200a
2a00:1450:4001:827::2004
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2008
2a00:1450:400c:c06::9b
2a01:4f8:242:57ce::2
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:f500:6::216:5bd4
2a02:6b8::90
2a02:6ea0:c700::17
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a06:98c1:3120::3
2a0c:5c87:5237::2
2a0c:5c87:5239::2
2a0c:5c87:5241::2
3.127.95.101
31.172.81.159
34.102.146.192
34.107.231.31
34.120.107.143
34.120.63.153
34.95.69.49
35.227.252.103
35.241.31.249
35.244.159.8
35.244.193.51
37.157.4.28
37.157.5.71
37.252.171.53
44.231.226.65
46.228.174.117
5.200.43.243
51.38.120.206
52.19.208.136
52.48.81.28
65.9.66.104
65.9.66.75
67.202.105.22
69.173.144.165
70.42.32.31
76.223.111.18
8.2.110.113
88.99.219.174
89.108.119.28
95.101.149.233
96.46.186.57
98.98.134.241
99.86.4.128
002d2171a43d4e05579e2db6040c5d7d6d274fa2bb94f802ff861ad59418f6e0
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
0273be73e95a39baf357cb835560edd63cabcd9f3d36c31e4df2afb3850afbe6
029799b41b6f65997ee2bd3b29e68457bff53c5c2fc1ee4026441e79522953eb
02c59db0731b0bc5227b6f889af4785ed5fbd85dce45c8436a1b084917926b4e
05898c09177167ca418f3a10ad616c62df32d73534991f7d3f81106f91412d40
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06c892a75aec057a1be47de0096ffd1c92f8333770440f6d956842d936952bf8
0771c19c407aac665a7b2c8eecf0709b0990dfd62358a4dc9f373fbf56404878
07890ffc57807cc06abe9b7de4172a47c4a80dbdeb02eecab7f84011d0771a21
08036b12f5e6064f2ec22561fb51e498309d0b3101422707dd12bb8ff17c23b3
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
086691700a9c65149e633342fc9492e9a3ac65e68244f050d296c8cd1004cda9
0964abb17f49c813923e9a3f0f18523d79d83a8ea3e1e29f07b3c3e2d5fc8ffa
0aeb1decdb629f8f24ae2e1d8143a5a18bfc58eb703d0d3092fa42b8553ebe89
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dc263d082aeb5d24a27f0aa073bdcbe4c53447206b651e9f157cc550520cdd2
0e66f2b77c627e68cbb02aba29dab4ce4b2fa721284a4c651207d06b143bbef7
0fa1b03ec2913e314e77600cd518cb679b567dd36e7d0fb943293ce784115329
110cc45a86a31a5f20d26a85ac76a5fe104679a252808455075fa55390f63993
12d807fa508444da8401a9e0889821ae894e35bccfea991748db1fde0f6935ee
12db6710704be359f07f6c1e2bcb3955a3fd0ed332d59586cb0c38c6858c7312
13320bdfeae996f2492e02fb11715081b75a38637294875407b3e761a763ddb8
134364b437a1aefa3b7d7a4ef36b295bedf271a1bca2a87524913e733256ec07
14597c12750ea6b0b8c8850329a57f144bb2eb672d1877e7821775f08a2b3601
14c52b4f1daa1aa3a92d960a311d4518da07e80b7b1a443d3f1a55c0968c99a0
14cd90dc210dc1bbfc534d5306028e3720dae279385da08eeb52f6d6ec131539
167bb06303fb9d90039331f95011a134c69d73deece55d000a722a71d5db1068
171b8a155daf4a0a555e47444a8fa64d018040a3af097fb9dd9e23b7d591cc2b
175fbcebe8029e8cf3317e975e780e0f3c87636872b9cb7f1b8088eda78e0be1
179b15acd8ca0536aa7e1ae6f4ce41fbb98e38c422de982b5667a7ab74b1c677
17c893ad6bb1638d92c2c1ce6880e1cca66643833e6e0181d757e408bb02369d
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1ade89ad9704a077e9296a84bb7b84528d0872c4d291f7352fbf7dd87b34c604
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1d1291048a328ae3397677304ea025819c3e555cf5d4bf9fd09d6937515468ff
1d2686d2f2f97b8b72e5b7557cf090bafb1a214ea40dcb23e3f5f168cb7394e3
1e62bf3991551fdbcb9d0855ed93536078ad9754e9c2354e5c40623369d6ee5b
1ea1bea920eff31ce7a0b188ed36f593ac1a6c4204b715cf3f788da4837ee8ee
1ee8ec3167fd87372533a7cc8a396d5c5044c5244b03e29d6f83c9a86a581bac
1f730486c300f81a8d7ed7ae6f664f0eaddba52e7ea6da8752e0e990d336b1b6
2106ee53574ad968420d53c9f003456544987d87c7cf42d310d6c86c4dc6f72d
221486151b152d32029a30f831ee232e832e37bf800e185c09d329a11877f354
22a1257891d7523261ed7426751d43a5dfeb83e2211aed3b71f085b5a45149ed
230f83090079e9718f73d7a9e7e3da305a1adea0d51ec771eab6dcee48e6beb9
23e6ff9c64368e7bf2923ce774ba68129d7533523280a225a4c41d33ef7cbf6d
24f3dba78c31c5d70638101d559216361f0a1b8e2ce168a784a57bafdc971f86
265088dac706e7d3a7200e6c83b6714dfaf3f445eb35db0977f16dc3ca4beab2
27d92130c0321dad5a03760fd5ac98a3d04ed4c94d88418fe6d50da1f7fc5cbe
289b2fe8a78f869951e8b5208875d4b3608d09113490e99fe3353312a96493ba
2967727053e62e755b40702f3825e45e7856ac6438e088ef984344e22044936b
296b3d8e9fa36733999a69d6e630bc6361ea23dada8c98a0e48d34ba7f7d0ed2
29713a046e7f0e61220813ddd475ede4aaaf8545dea6d6fc7324baa2e5f5630a
29a3e90558a8c3081d5cfab8aea09d0e507abfaba3a202613e080d486deed0c6
29c9be7ac04f77d01cc90b118d52545b326d67928cc5d903f2c164fbbe9d50cd
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b6b53229fd9528d67b19f000808a41a7531aeb6f4e1f3da7b15e98e3926ad2d
2c1627bb9a605508d14cf51ebecee8952541cf1449a9d3f1b36caac1a16af641
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e744a66257c7c975261db63da2cc0b344ff2a82621849aea8c8c7019337df51
2f71ffc212772a83f001af8427b24971df177941530fa601407e24ea298d4daa
30049b3a8c465a40678568180556a1a0c7db59a6ab0eb3f00aa5fcc2f047508b
30eabcc9d1eed3e9c7e8da61b10e876fc049dc80193c1071e7edcfd0cb2b780b
313d7bad01577d169a368d471264cd2228b145a183fba42679f41e1d2b2a9f27
31e290b06113d4b8c9b95fe634c5081ab12b98f9af10a964c123ad27d016b404
323dc26f8ee0afc0d832dbf81b96ac54e90a27a9a1b957ad0b7720f48e16a0b6
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33b330a25abb736e839db1436956557f8df2513a3a2ed53cafb266b439c72c31
33db671a3f0a17f4336ad2a1e76e25b7384f15e376f3e95839b3f4b26bfb4f94
342d4b1d3850e680bd6148ad9c140c4fdb1a3260f8beef144ec6e751dbd99e83
348c5b8358bc319c37e0d1a41bae3a5da2c0f374f503bb3826011073fa46928f
34956363f00922beb753859cb7dd0cf747f7ddd404bc740ff5a271bd9296bcc7
3579b5f61efadbc1ef7cee42628caac5ad2e314a6e2c2ff67bd89c4bf97be93d
368daab67b1a5b2b2802edbbac79a2aa4ba992a2ebf9c67b98ad784d8004018c
36abcc22b21374ae58cb45bf18c9836e2b680d63424d4eabfebcd255c7db9822
36d67cab17e2369e83e4b4fa172034fe367c8ce161938c54117d0049292997b8
37275e1fc5b5794b30a813f92291a5ab070b71df748575bc21655c847f9de9e1
376d6333bbcb039779f9d30a7db1c8f66f928dc72bd2db76d62349b4b079e8de
37bc930c63149650677d732eea9526432bd8494c55737f45c98e7f8ad7c1e7ff
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
38f1048becbf634666bdf693feb407fa12dc03c59a7e354b5a25a78db8a06353
3cd3e231c218db08c50e1985e14dde445be53587951bd3b03b4b3428aefe955e
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3da787ac4910d66de14aa1da8a7b7acc0cf386b7a3dea3a27af958672cd689c9
3dad89bd01783443195a892365b91096da2f6ebb36b2169ab32af37344c82f1f
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3eba1618e517859a3a40090fc5d76616f90ccdd2202f90b446ce9cea11a2ee8f
3f444974beda618ad11ab53facf70433e3cc234e8b7c6b6c01e60a6971a98f18
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
404be4aca6eccc834ab17055a0b98cf1bcfedc54cdb385cf021793641f5afe59
405d9f2df1b22f4f56eca675991ff612eebe09f1814636c8087b272dabad04e2
4355bd391f06e884efb380a5897adb6927b0cd84dc1096719f5c553b0ddcb88b
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4415c20c8d063d287564718a849a6a844cb1b47ab029adf0c45d4ee33f9ff6b2
446a667f4198c81a4cef67504a1681bb0e0bba3548b009cbe2a905486f9da736
44d18febe35cb8ac1fb4f8844ca2228cf1f7dd452d044ba1fba77c28e0180e71
44d38c8e43376bc7968ca9431c1ead70eb9addb2822b9932251e552b8fab6122
457b9b529dcddccad8ec9362d757b4556b85d4a58f220116d63053dd65c932a2
465ea8540e3d971cbde4003ae2bd35407799dfb45d756e58cb5ea199b76554eb
46644aaad8843319dedfa3158c5aec8b184fc8b9d617c198d5cd6160df96b014
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
468b07e0336f2f65ba1d302adf3c64cfc9ad5d821908d339946291eb2c76c054
4a32283aaba0418ac1b0953af32fbe71948d43e7cdc08abeca552a9373809087
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c5deb0904f253c7bd6b52af0d31a8e7c6238937164d87f008026d79c416be6a
4c8fe936e012d2d229577704c34c41a451d7a98aa5c2566ea5c3930aa7e3f40f
4c9b3c6e66b9aa9863afbd80737217835fe23954441a6e19cd68b8949ff1f4b0
4cd9d7fe6bef9e82616b20d2c4a7a9842652ed469b704922e4c682f209754768
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e26774c8b30fc06ede8cef9ee5f20d4f450103149a820b45de770ff1bba8ceb
4e6b1060a3c5b759851db2f01e2adf23dd572f4b9e163f9db8c1c9f8e606aa6a
4e7e1c16e351e7bfc80cddef9f98e99113ddb0d1e201be00d53955fe62f0e523
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
542f3942e813d1ceb95e66669082a2242e16f5bb79d3cbaf7d9225c8dbeb69c4
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55235a5c4a15bb1ca9d9d93b9ad4a6ffcb22fc63bf60aa4054f64fb9e0f626c6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
567a4b8851b5e75837cffcc8761e804b601aca1f655bbe88394ca9e4e00e1562
58731c790dda2344ce5c8624304a666109685afdb7c7afebe91be0878c04fe9c
58a190b59bc5893fa1f777d2908275417cfb88b820fd3ca445e39daef5c75ec2
591cdb9ff82d46b2c77dd3c4a260bc38b0e03d2303f86f3ac7805c3efe958109
592b1627edb42210d91ebe730f62069cb082f04dd25c4a63da955ac597b8c432
59fcb8680bd348b267ce55ee0bec307ef332749fd3cb621060f6ece9471ce6e9
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
61496aa1a9c3d26cfc292b41fc451a597a47468117c1fb258226a57296390433
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
625a9658a316b6dbba0c0c403181aeaff4e3b7ee48309f50a88f9445ab09d02e
62ba91bcbf4403efc35deb4443450ce793518486661f628c3260bb29d5d3444b
63c910a82d2153ab1072197d4d1ec4803534509f18601b7eaf96cd363736ca9c
63d8d638dec00fe4f552b8cbcf287532c1fbd482b59b5471e268fdc7054612ff
65f969e065de909cb9642a0a669a156ffc1f14b2c5405f50b21ae4b3b3dc9e02
660dc0188eace48376ad5612eaddd6e8767dcfa7c718763a9bbea64240c4c6b2
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67172680649ba6635cfd212de449379353aac8085e681d279c4c8383875d0b18
698d5df68d6a11f141e23862c8ca6da810e401d3084441ab5a662a1077725daf
6a7617bd8b5dca30224acbfed56b2e3aabf2c6fb6f83b70c875f57ef0ad76bd4
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bee2907714effdf2cbcf57a7c1863465c0d070d310d911ec064358fe1e38ed0
6cedae426a644c22aecb56ceada2f2abfbe8252d105bde348f9821b0c9b3aeda
6cf78fe6a8c78cc6924428dabd506a14966dcfc57a2ebcb7524edf93119f081f
6d81b675349fb20e513851f5676ea7c44cdfc98a193d636323f32aba90e00201
6e2a76138f083849e39f8d2d1c6d881bcc895298cace4f2f11c8d7b2a02ca27e
6e6de1ef238a3329acb31016abc8dfbdab5b085ef3516884ca7555e4e67f9bfd
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
6f69db702fbdeba145dd2c840f15e8d9faa96cbdb154ca40d52272d7b42cb4e8
6f7d9ab7e42461cab5d8406139bd8353e20887a1a4ac00425ee5bc9ac2c2b35d
6fa07a907599fc242e3a606054fd52050005caa4609e55e6c1f2a7a8d30e39ba
7041b1fd49fbbf4c98023ebc17d4cfa3111def4311b3b060f916de12ef2ba6b9
70e166b1b965e929f57322d0f3f852976912ddb24f95d3216d3aa377d81e2f6c
713b8d605d9725a62dfff943e853161569f900a8620e254b47977245a21171f3
71fc7a9e6cfbe62e1e13cef84f6a3da37d124b5b288b5004325661bb4196ddf9
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
741f40e06eb266d4d32e3090335553cb5e35d39665585657e754d0697a62ce09
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74a4bbcf759335d2abbfcff4d9d7c950b5dff849d914b902d65daae2f0ecda5c
74b4cec3d2eb241fefcbf81f477e5580fbbbedfebe07b4d54262f11e5f39d782
75d1bad12957d3102a1f45e6f6c8e77d9c38f5b89cc3decbed2255b2e062ee09
7713183ba1a38b1ea2be2d5f7d3d49dab7b8d468cf78a603e6517ffbd1f33d59
778226065a9d1a1143cdf6ca00554eab008d3868996bb06f5900371146b715db
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
7935c83a94610a08661ea3542a9e2e53eda077b11a16a262fd08cd1ffccb3f0b
79b754061ea6d9ed7d152a9a3831040697bcb5d3e070dc3d807c01a948376105
79e51a1ddd6f26c846b07d8656529a95763214ff2c146a64c28ff06f37d8f9e0
7a785e8b2ad30e6279397d656a61f70ad6341ee944c310df19593d8fabd79d9f
7aa4efac2e732b308af59d7b8debb27dd2c07ec78a6d7e50b7287187312ce026
7bd3b7fa97bb7735ef19c9a9ba9f8a64dc3f580f79ea69151e970c79f6945924
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
7d4df7bf752ab59afd201711d458c31acd5651054bf5d5e76d19580594fbb346
7e209423d67d7aca5b1cdfb262ae43ba4ed5c044a3cad2c578a7ef03915eef28
7e5b4dd28e58e76dbe83eb2b357fdad7e54b85a9def9bf953063d5970a91ee6a
7efc28fcaef9caed6747a43bb0c2ffdb48645c989190f443b37330fff85dd08f
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
8083a510108bfa2848c613baf8f1823af26a8dab1bb0907b8b0a06aebac5f226
80958b705988fc97f2179c7a83acfc7353d1145e50ffd2680bbe3e08254708c2
80c3268005aa7ea79445da7db8c7d532073d8b20864d376bedf41fce04c5bbdd
814e5ac4790a94009e57962b967630e797288b10c22a99b5007152922c62bada
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82479b21329ff01c7a23c63063cbe4bd005beeb5669c3fb2afa0da8b82101398
8264bf30b0dfc41d19bf53d2c63a8fc9326b427cf3ea9cd9b6be2696fc55b118
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
82a2ad7bb2666262cf73fefc2aaeb775065c6c19ac308ca028583b5298a57618
82e3d92275a73b7d10f1b1db5a8d1b372f9bef00af3116b07c64b355fbba6779
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
836a4c4652ed7b5e462cb50d7b9c45e727f3a0d3e488866ca5ee1c075f07f36e
84547a6105692fea5837b1651f6b179964ffe8343bebcc25361b0a6fa2e8e74a
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f62a9eaeb4e885739c5c33d4b5b479880f4b11bd3bfc322194fd80af4dbd64
85a704d0c88181ee8e32180ece55d67ae133ec87ac25949203e9fc9421628c9c
86e11bf83948069ce4d328ca366e2fc8314d093d1029cc50706ada08439e3e16
871ca577af93c4d834f8b2994a59ba092b267b5b5a1ed3f62598be4c010dee1f
88389fd24957a4486254f999972cfaa9721c31699bfa7e3003582572146c72bd
88482abc9062de636b1f0345a30a113baa960c95ecad5ccd68dcdd24d3e61578
8934b8eaad0f0c45e00dc686a235a2bbab2ef3a5f608432fdfe162c3615a7f36
8961af6e5dda83ddd1bfa5c376582c69501bea006aa200df07651d9cf352a2c6
89afdc7fe233e76817f80a51e7535910ab2e26207c03c926445fe0d9e6eb1132
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a5ffa7018399654da2edd4b433c80a3b97d086deac04e285e6da64a6eb2ef50
8a97d1c31cbf9d25cbe029b6fdbf4b5da90076692e05cdfd9fe4c40d1325e69a
8c7a896dc17a31632c176055c8c12292ea2f7734f12c216e10c46c4e22306ed6
8d1edcfc7cc1f7bdc817b465496ba9fc6b9a17888a6714c7bc0a2843465aae35
8d446f31f0d0cf042915c362bb6104ce3dad68c2c6b2d229afb609e9bb52ac23
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8e7c0b0b1c36228ba736e564a00405f72bf3b6bcfe6ac826cde2b6b9c14e55ea
90fe5297dc1c317831e03caa6c2d9dfef0208050e632b50bd865782b08147d2b
915acac60a9d3a9958f6f694627cb4e9544a8fc4b6f6682e39403351f47f1d7c
9187ba048e965aab532234ce6ed0e7aa70ab24676c118485f0c5a56cdd135f66
920a235b5d9a35945fd350f7e15b099376bfe989b25b8fd994d6a21800332c49
92df7257fe7419c603a77c761dca5040f9709e9b7a10aff316c9cbe52687417a
9489e5f11a42e488563cf12b61d78263103700eb19080b97128e49e214b90090
953a10758050b38f4a96c3672ef06affcb792176bc3bc457ffbd38d8ef193b1d
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96847f55cc527fe6d00a127ff2ac2b9b7012fd07cf034bed1e214956560d4c4a
991b917b4aba06237bd7131dfbb029798c98fd4241cf366a91914f911a669075
99c4977a696a30402208dfd301527aa731afb4c22613f748a516be8bfb1462f7
9b64b0ee7f30a386bf838a308feb90a73327fd94c6260788280b5a03a056cdf2
9caea9b15fdb674a6de13762e5434fb4e510aac8013f9977fbe40225c039f17a
9f7a97ee90e3bf0d416db4ef3985282a52d6b13b41d8b0d89a22f4baef188198
9fdb69e7e1ea61be2e37d528e724f3756f79446902b89f4e8db5fff26e48d032
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1760175c4829fcfa5c9961a397a8414bb3e0f06588f9b6e2514c2f46c8fc849
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a2b996fdc66d9abf1696965fbb8afdcb5b7b9aea5219da13e11d11512f3a101c
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a6185609835a581b28e6d651df223a3458b64f732623accc9ef1ddb404f2befe
a61ca2cb7c77299959a5d21d96023b4d44ae106071ef64cd2416cc9953ae1895
a6bb08a5e63caa34a8b3e515b8d9c54006aa42674b139d945b55d83850ca87b2
a796397d457dfba0f0ba74e2ea9c974dcf4afcc5dc6833236fe5a806d3e35bd2
a8be383cbb1a472f684d4f64314933807dc81f7263aac886ae651b67fbff109d
a999db52b0dbdbbb664ad9db1e747ac1aa6071fb0032b3c1b3f9386fdaa03d4f
aa50ddbbbe806d87737618e1fcb47c57a45ca450290ef4a1d6e07773fb036fb0
ac2a80a1ba5aa5672593236085bc91663e4de6e4b63131085d0b78d1353c31e1
ac396b2da65963f1c8d7b064cdc5760e0dd023e2120eff8494d099523a434550
adb8a23c40c051fa009635c795d0c498fd1a85f4cfb05fafcded5d631a8ff675
add3859e90da4199720a3123a57042750d07f825d0330887a8b85fb262a12089
ae6e1907b40fb8c0202e2d1cc00c53c3eaa391577691a86858e81cba2360a5ec
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0472a3f1e3690d27e55c538fcbb9aad5a347bf67964db23bf26affcffd0c035
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b05155416aa1689236072fb1338ceaefc9809a849bda6588965f5979e8a01aa8
b0902b81e94b6897f5fb84ac00b890253e072a6ae2c88ddd4cc64c229d8e794b
b09771fabe52bf60b39f7d8fca97f19fac900951bfffdaad1e7ace151fa82482
b09e392e6dbf849518e28b0fc0cd8e57b80d3b80a4702597d7214a90f94784fc
b1311b082b4aea926da094ddd2685db21e91124f0aa059967253f716067393b9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16d509bb6b3deef1c00b6248347968aa2e30b77cbaf9393c151684c9fa86010
b1ae991c28fca9bd42a593edfe73f33389cc97355e39dbf2c714138f08e0a65c
b1cdc0cf76bdaac07b1471ef56a34299aab7a6bc923b56fe7a36d86e81af8c0b
b1daecc7b0b9751a330e055cf22a23bb1d6889b303324c4a35ca0f688dcc1170
b1fa3db14d5339f07b2876a6728e1ef8e90fff70b25e8681f7162f20dce25027
b2603db612734d1b3e45ac63a591710f57a02fe3319bd3ca88d318fb2de9beca
b26e332ef609c32b216d7f4382cefece45ce43738278d72a9ab033a7c4394a11
b3221920f17047d3fc1c2035662aafe25cf33cf7a53539b662e1600e26389b29
b3846c3ea537df021d93646abd748e8e887baebe99cd85f8b487d85e0bbcda0a
b3d01e3942c44e6e1ac35484c39053cf5b434f8b0c4f4d2a9cd88181ee742a93
b5a046ab6554193a0a28f5358b21f0d9fab74dad235399b4c0438e2120d32438
b5a81c61d16220db2e7a15044715f1a2b9aad4cb449ce6c7d0674d93dafe3eb6
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b6fb18d41f4b9311818d70e6360c82b665ee4f91c1919864b944bef4dbb4c2fa
b845429178a6769ad9ee3d87c76e68c56751c5abbb6f9ddea34233f15ec8e2d8
b889f2c4db3c69233af59e1f97936cd0b6e8c8f93cc4da72d7dbd2eca6d1f5af
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb7c1f4e79ae1ad744f90254c0809a21f7f1af7f1c1513a72ce4b03bcb22236d
bb8c30d641cd7cbab0e6c70438976aec979c05d438ecbd82586b06b2c9479fd4
bbe846e8f5d97eea93082f92a464b92e784a9184cbd9c968b3b6632778068d4b
bcd730937eeac76804b3b4781e93a1fd5a286b7a8fd264e31a6689b44ffac9b3
bdec07be87624bf832e58245e2271d99614d6e7aa53ca93be3a5dc1dc31a30e8
be23569a73bc0e573dee6b6357ba6a92fd8e2d72196a8e2f6af6075018d6f352
bf703d837e57eb052a5c46857c403b146016c528668431a67ac6a43e9239ba56
c120371acb29bac61a92ec2ab37fbd4aaa61e80b3772e598a0b69d5920f1141f
c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1
c2b77642f39477b49659afff1b91b1fe79ee17709151e47a97814552a455d5b2
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3186217ff9c790be8a33ae12258d890a2c0bd71ce9dd4cff81011a09fbb97c5
c35f3652c78bac5f88f72e52b9b5555f0758152c2517da0904eadf8c0b880a84
c3cf14a803d7fdc8803ae641ea1b53695020ada8223bcd512e60db52e118f88c
c41dda83d3d2bb2daf3ef795cb9de8f40a77314351a45fee41b9426762511fe9
c459aba722553c161b36ae97e149e3c1935d4a989a80cd9fd98b2b9419ab4696
c4d5ad77746a43cc1676c326895402cc114de12d95933c21232f464d11554039
c5a6bde4e360dfba28ef07c5c0eb4472d77732aab25df5f27a4cccedd5afbbd3
c86d792f85479bc941b4eb8e817e461f88e5b57097f65c48529b509857bda2ea
c9b3df2175f6b51e8c7ca74de67d096dad198f28de115078f9332fa3fb379ab5
ca91b3677496e8f1e4704305b85507390b8314a46c17cad6f3ec03d4c08c470c
cace4c826223e764f2556cb22cf365dda4449c3b886f19a34ee8a3499b8a86d0
cad7ae6fedb8a4e8995da0b3858c27428768d0078d56359a2d2e26331e613a66
cbf2228ab439f89b83feb79ea549213521a81212fde9ff67f9c73d002d586198
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9
cccc31c44e52e0936cdc1fb8b7d0848f577730b6e364623f50e6f37c3dea517c
ccf7b12ecc8e9e8ffdde253ba24560e0b8742463ad4868c7659fc90968ffcb3a
cd8f0f9aae01baf9559b5da01df40a472f7650065c58da90cc14b6f4f71d96a9
ce9c8b94d88bbe9b2ba922e1d21042f8b21e143e731fd88a80d472fb4e33f79a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf940bd2489897434455528323cf66c4e3aecd5eea963f1d99d96acd452d6dd4
cfe5c19542eb1b014038f9579ef0b190098bd0a7f7398d670230ae8e3a3508d0
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d0a54f0a71b126db19c931486888bb2a09c639a6ddd4b9d7d4fd027cc058152a
d0d2e098cd489ef7bc528c86de8ab5c51b5d6cdf9b76a8b08766036992f0d2f4
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d325bb803508ac6f1621fb0c146c3335fc21955f1cec21dd275d09082a31c40b
d3a7f90c98e8671fad20b48df345749b75e18c4deea652d1c456441e29afded1
d46491a15a9c3b82a70c1f7d90ddb72da09ce6a1eb29e22530e81f08a9d55320
d5d43209904eaf07e008f99cb33f081d9d77e06718e8b4ebeac92c7dbce93de4
d5e9cf649cab38d3eb06bb8d698d63b7ba5f21ce4522ad15aacc1e4c00cc62ca
d6ae1c5098bdfb081fd5af77fdc4fc796b3b527f709df92f981b8047be5f0e08
d75ac38662a824dec53df44ffdc6ff0449331959e68161e1145a3d6c0f544ce2
d8ae2cda39264b831ea5c4440e1df3be6944b2aeaf54fbfc41b6696e3624f0cf
d8dc9ff3be784339ada63c195eeb154457467685b060cb84175ec0e097f17232
dc2daaaf4aedb4c54424c6dc28ef35ca8d13287d8803e9a85f82fc94b2eaa5e3
dde6cbe139a1b61c30c174967db2c281b294f7818c5709a4585e5a893227bf5a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df10add3a056e9782c3cd7aa922faeb823b115c6d5d268d0ce5b6ce9f6103f5d
e0b721b3033feded8115fcffaecc8ba00e76acd075d840a41c44099447d98628
e0e0b37dbd0c68559d6f6f2895422cc9efdeb440f489cb66564637adc5178b31
e3824ff763de92e188d1ed35a8dacb6ff87177a7fc4c5aeb1beb873ad697c51a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e622bc16087ef71252f92e4c6fe27345f73ffdb6324e5f1283ec3b2e48fa8e45
e68247c8b25bfdb37ff78838c59a4debe84e279e27e1c98b2fdbe76a98b2eeda
e68caa042eb189685ee212820ee248d9b243e81a988c152ffed9771a81bea357
e6e6033ad63c37062d521d6b4579b08a5261f44ccbae8f662b362e9d32e1d9b1
e74b5d34704bcfe22e395df1e49182a98672e93828b1a420f72381b887f5f610
e82857f2c6dd45cf085dcec7fe5623a0350da2f98f49ad67290741697ab2e110
e841e017de0b064cb9e6aeb8b441052b38bad5a8ea76059de0a63c178ee5b956
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8a09c943e2d1e2d0af21727f888631df112989530c4238d98bc48122335ebc2
e90c2ee0d7e40dc5a12e34504a594435ccdb539a6db516339b051ed442f8a667
e9ce486b1b192d6f873475440598b5459986647368e95983222ef97778748abc
ea1298e995f4c8c2b97929c800db9461b4a6b7136812c94806d0b3db16c61735
ea3706d378876502dd0bb83b7ccdad0a882add917edf35e8d5877c716d904ed9
eb15de27a65d5dc8f363dd918e3fec8e621f50d84686fb2900d3c438808b92f8
eb3e12c73e4969480d831a6485ecba955dd90f44708f117e1cdc8decdca49610
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebba50e2ef23dabbf49374fef663c02de4428fd7d2b5fc16f99c5f6f71669135
ec31ec6e18cb5dd6174da8e4ae3c0f46f01afdcaa41c4f18f0eb585079a67c92
ed3dc50aa8e28ea856d113dfbd2bd12dbb09ceb4381f2bdf8dba7b14b2a00108
ed98a9fd70610c22cdd4a6da17ff6dfb02c695950cba255336333ae5d8973825
ed9a874e8b47ce191a4ad064ef65d58049f95cbb3654bc91176f87cdf08691f0
ee1eeb344d406067fa6041e23d522bd188eb3c24229006b4cda83797ff7fceb7
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0889f69a457b96d82e906ee9a3626961e347163b00e1fbd59b544e9aa07cc65
f0da4334e68369f50115c56d60be133870c6c1ada928aca7d16d28bfd3e20e54
f16e2534268cb1b33c00c914327a4d429ae66fd71cacddb1ad198221cc5a6440
f19d6e2a9a17bde8ae849c50bcbb6002579413a95b9a811f0e70e2da13c52454
f1afce9ae55246b7dfcea249c2aa3316672ed4d50fddd1a7b651e561c80565ef
f2d3b6a2a3445d6a847875ff4602632662c1f1bd34701c0a01af69df665caca3
f31fb542f10d1e3a7c13e8d89df964c8f59bf3b177362f9c37af35e37dba822a
f33d44c838ce9fbc809a221232ab7242e84f6ada2de091476353608c5ddd78ed
f414e3c1d1c10accc9c96990cc048fd4099cf51f40b83ca5309156272d0b8c42
f46fcb084eab72269483b74e8a2fc1738936373909c6c31774c5cdaf90fa6f7c
f48f869351e83d4560d4feb1ec75cbf662184a580ea4c8b5d2987e49f4f8df42
f759cefc88a2c554f946a01dfe2df9521c5c213a63495dd0d2978adf78f171a8
f7b95b66cf6a110f6182b6df6de99195e5af09f40bc04913aacad1679f4af4ae
f8c3f5777e6a2c2d7880f4e65a161b625c760fb388617eef3c31fec531db913b
f8d8c225b88ae3d0c58f0e0f099e2c1beb1a9938f4045466cdd0255cf5b92fec
f9465a31e6f0419ff8a04bf1047a3c4e32f1fa28a6f3739155613d013a3aa362
f986725e5e85fbc6951ae5313acb970aca6a369dcf031d38d0d7a93cb9c73b97
fb71b2536fbce123e9c15210c23cc0770bb48c42ac882c179a58af406fc96b49
fb7ae0f257f7da390f8c60998add4e543e1a56d4d5a22a1a494365b4fb8b5315
fd7ff74970247f3058badaed32d03b62b1d8ed8fd5bca2848cc8d55f00bfc641
fdfd4928ea6d4ac57cfef13e5190cca59317d6afc36d4d43db908106a51a5f2b
fe1c6ec36843f2bc07356bfe20b6206fe0b30bad494da069987ae174aeb0864d
febc26d7172e39981b96cb0c1656d2e5367f70dcb732906c16b50f82b8380d49