beyondhallyu.com Open in urlscan Pro
185.119.173.134  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. http://beyondhallyu.com/gamest/ HTTP 302
   http://beyondhallyu.com/gamest/HomeLogin HTTP 301
   http://beyondhallyu.com/gamest/HomeLogin/ Page URL
   

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

• http://www.youtube.com/iframe_api HTTP 301
• https://www.youtube.com/iframe_api

Request Chain 54

• http://www.facebook.com/plugins/likebox.php?href=http://facebook.com/beyondhallyu&width=285&%20%20%20%20colorscheme=light&show_faces=true&border_color&stream=false&header=false&%20%20%20%20height=258 HTTP 307
• https://www.facebook.com/plugins/likebox.php?href=http://facebook.com/beyondhallyu&width=285&%20%20%20%20colorscheme=light&show_faces=true&border_color&stream=false&header=false&%20%20%20%20height=258

Request Chain 56

• http://beyondhallyu.disqus.com/count.js HTTP 301
• https://beyondhallyu.disqus.com/count.js

Request Chain 111

• https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJ1KVhwGPnCe2wGHYJ7dWdJh0H2avVae6_D9FnGuUjWak15k7ak_9Dl_tZ_XUxnKED7ngd3K0QGb40Kden5QwT_4GAORAc&google_gid=CAESEBGlQP8Dk5jRZv4jFX3AAYA&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVMtSEBnQUFBRGtLS1M1RA&google_push=AYg5qPJ1KVhwGPnCe2wGHYJ7dWdJh0H2avVae6_D9FnGuUjWak15k7ak_9Dl_tZ_XUxnKED7ngd3K0QGb40Kden5QwT_4GAORAc

Request Chain 112

• https://d.agkn.com/pixel/2175/?google_gid=CAESEJkCImE9p54KDXzh8yp2g2A&google_cver=1&google_push=AYg5qPLNIV0nOS189Ex1TmIZN5EmOO7dM0pmcz0isiOcyKNzD2um6HgO2PKDWInCjIPZpSegWZ5VNZLJF3D_9a2uZjwcvL71Sbhe HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLNIV0nOS189Ex1TmIZN5EmOO7dM0pmcz0isiOcyKNzD2um6HgO2PKDWInCjIPZpSegWZ5VNZLJF3D_9a2uZjwcvL71Sbhe&google_hm=Q0FFU0VKa0NJbUU5cDU0S0RYemg4eXAyZzJB

Request Chain 113

• https://rtb.openx.net/sync/dds?google_gid=CAESEFoVFeNiWI56PdVYytMhbCw&google_cver=1&google_push=AYg5qPKRbSF8oU-SquWBbkTJPrfEHZGX_B8cqrRbcEhF0VYDTYMsFnBOW_s_znWP5Jk_y8FlQhIpoTtEc_z4agpUZR60BxArr4E HTTP 302
• https://rtb.openx.net/sync/dds?google_gid=CAESEFoVFeNiWI56PdVYytMhbCw&google_cver=1&google_push=AYg5qPKRbSF8oU-SquWBbkTJPrfEHZGX_B8cqrRbcEhF0VYDTYMsFnBOW_s_znWP5Jk_y8FlQhIpoTtEc_z4agpUZR60BxArr4E&ox_sc=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKRbSF8oU-SquWBbkTJPrfEHZGX_B8cqrRbcEhF0VYDTYMsFnBOW_s_znWP5Jk_y8FlQhIpoTtEc_z4agpUZR60BxArr4E&google_hm=6bCYhGluwbQZvfaWDGEhrw==

Request Chain 114

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECESIMXb8BBJSOMIfHSipWE&google_cver=1&google_push=AYg5qPLKZtS_E8hGx7Aw0Ywa3E95-VYuDjpemWxLTzb4HRT_34slyvksBT9kZPAuHTipJmPp5OkfKNjvga_mKuUcHRfehMGRdkMa HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iQTvWEBuSZ-ujJDG40uj0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLKZtS_E8hGx7Aw0Ywa3E95-VYuDjpemWxLTzb4HRT_34slyvksBT9kZPAuHTipJmPp5OkfKNjvga_mKuUcHRfehMGRdkMa

Request Chain 115

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA1bvzohjwU5PHGfZdw8qsU&google_cver=1&google_push=AYg5qPI13dhHhKlt95vH7XJDI0jp7WLUqsdtlbp2ltTld5gE0cM3K4wheKcXBPCGXBffBlnmaLinF0VXPVKfzPq1MrSCIOD9t-qz HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxVUIwSkstMVQtNFNBNw==&google_push=AYg5qPI13dhHhKlt95vH7XJDI0jp7WLUqsdtlbp2ltTld5gE0cM3K4wheKcXBPCGXBffBlnmaLinF0VXPVKfzPq1MrSCIOD9t-qz

Request Chain 116

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAgaC0YlpArPot HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAgaC0YlpArPot&s=184023&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAgaC0YlpArPot&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAgaC0YlpArPot&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAgaC0YlpArPot&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAgaC0YlpArPot&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAgaC0YlpArPot&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAgaC0YlpArPot&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAgaC0YlpArPot&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAgaC0YlpArPot&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAgaC0YlpArPot&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAgaC0YlpArPot&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAgaC0YlpArPot&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAgaC0YlpArPot&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAgaC0YlpArPot&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAgaC0YlpArPot&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAgaC0YlpArPot&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAgaC0YlpArPot&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAgaC0YlpArPot&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAgaC0YlpArPot&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAgaC0YlpArPot&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1

Request Chain 127

• https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIHEOWHiMhG-ybQ0GjagYPTHteZNp21zRdj5S_C8kdfbM5yBZWOz9UgRLLsKTSHm8jDgR79-hFCYfeBytPsZwB09zd56Vg&google_gid=CAESEBGlQP8Dk5jRZv4jFX3AAYA&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVMtSEBnQUFCQy1pQm1yYg&google_push=AYg5qPIHEOWHiMhG-ybQ0GjagYPTHteZNp21zRdj5S_C8kdfbM5yBZWOz9UgRLLsKTSHm8jDgR79-hFCYfeBytPsZwB09zd56Vg

Request Chain 128

• https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJ2W2aNH4MqCWwz820VPPJPXw69RCTPMq9oB0GvvcixS-GM-4Mc5UI7AWc_ebZ-h_iSjgn4EDCan-_K1Mes0QkxaMrbUFO3&google_gid=CAESENuSO2eXfI8dNPZTDUTLRek&google_cver=1 HTTP 307
• https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPuPv4kGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBKMlcyYU5INE1xQ1d3ejgyMFZQUEpQWHc2OVJDVFBNcTlvQjBHdnZjaXhTLUdNLTRNYzVVSTdBV2NfZWJaLWhfaVNqZ240RURDYW4tX0sxTWVzMFFreGFNcmJVRk8z HTTP 307
• https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMGhjZjZkY2dMVjZlbVdub3VGa2kxUnZSdnVNOVNhdXZrU3dZNU91ZkJzRQ==&google_push

Request Chain 129

• https://rtb.openx.net/sync/dds?google_gid=CAESEFoVFeNiWI56PdVYytMhbCw&google_cver=1&google_push=AYg5qPIG67NogyMS-qe0Ldo6To8_knseCtQHQYsxEy9zhIgq8fR0eeJkCwgd1SJYmxo_A7ccIYGKiBqTeXuh40C-J8Q5pG1yUl8 HTTP 302
• https://rtb.openx.net/sync/dds?google_gid=CAESEFoVFeNiWI56PdVYytMhbCw&google_cver=1&google_push=AYg5qPIG67NogyMS-qe0Ldo6To8_knseCtQHQYsxEy9zhIgq8fR0eeJkCwgd1SJYmxo_A7ccIYGKiBqTeXuh40C-J8Q5pG1yUl8&ox_sc=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIG67NogyMS-qe0Ldo6To8_knseCtQHQYsxEy9zhIgq8fR0eeJkCwgd1SJYmxo_A7ccIYGKiBqTeXuh40C-J8Q5pG1yUl8&google_hm=6bCYhGluwbQZvfaWDGEhrw==

Request Chain 130

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECESIMXb8BBJSOMIfHSipWE&google_cver=1&google_push=AYg5qPJlhG_82cOoo_LO5CbG6vOMcYMIEApJs6JzPEDhijg8JazUVlxHYTKQMM6ZBv5dNe7rUEvnvYLfJT0DfNSZ4DrQKzt8HFz4 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iQTvWEBuSZ-ujJDG40uj0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJlhG_82cOoo_LO5CbG6vOMcYMIEApJs6JzPEDhijg8JazUVlxHYTKQMM6ZBv5dNe7rUEvnvYLfJT0DfNSZ4DrQKzt8HFz4

Request Chain 131

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo2ni0_Gw9dfPqL-rJr9NF48DHrsKtNS4-prW6yz9YuKOEff4et HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo2ni0_Gw9dfPqL-rJr9NF48DHrsKtNS4-prW6yz9YuKOEff4et&s=184023&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo2ni0_Gw9dfPqL-rJr9NF48DHrsKtNS4-prW6yz9YuKOEff4et&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo2ni0_Gw9dfPqL-rJr9NF48DHrsKtNS4-prW6yz9YuKOEff4et&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo2ni0_Gw9dfPqL-rJr9NF48DHrsKtNS4-prW6yz9YuKOEff4et&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo2ni0_Gw9dfPqL-rJr9NF48DHrsKtNS4-prW6yz9YuKOEff4et&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo2ni0_Gw9dfPqL-rJr9NF48DHrsKtNS4-prW6yz9YuKOEff4et&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo2ni0_Gw9dfPqL-rJr9NF48DHrsKtNS4-prW6yz9YuKOEff4et&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo2ni0_Gw9dfPqL-rJr9NF48DHrsKtNS4-prW6yz9YuKOEff4et&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo2ni0_Gw9dfPqL-rJr9NF48DHrsKtNS4-prW6yz9YuKOEff4et&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo2ni0_Gw9dfPqL-rJr9NF48DHrsKtNS4-prW6yz9YuKOEff4et&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo2ni0_Gw9dfPqL-rJr9NF48DHrsKtNS4-prW6yz9YuKOEff4et&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo2ni0_Gw9dfPqL-rJr9NF48DHrsKtNS4-prW6yz9YuKOEff4et&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo2ni0_Gw9dfPqL-rJr9NF48DHrsKtNS4-prW6yz9YuKOEff4et&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo2ni0_Gw9dfPqL-rJr9NF48DHrsKtNS4-prW6yz9YuKOEff4et&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo2ni0_Gw9dfPqL-rJr9NF48DHrsKtNS4-prW6yz9YuKOEff4et&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo2ni0_Gw9dfPqL-rJr9NF48DHrsKtNS4-prW6yz9YuKOEff4et&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo2ni0_Gw9dfPqL-rJr9NF48DHrsKtNS4-prW6yz9YuKOEff4et&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo2ni0_Gw9dfPqL-rJr9NF48DHrsKtNS4-prW6yz9YuKOEff4et&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo2ni0_Gw9dfPqL-rJr9NF48DHrsKtNS4-prW6yz9YuKOEff4et&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo2ni0_Gw9dfPqL-rJr9NF48DHrsKtNS4-prW6yz9YuKOEff4et&google_cver=1

Request Chain 144

• https://d.agkn.com/pixel/2175/?google_gid=CAESEJkCImE9p54KDXzh8yp2g2A&google_cver=1&google_push=AYg5qPKwyhgjvJ6i10AuvViaH3xyQL9EOH5sDVl_T8tKp-4d7Z75tT330iI4C08UThQdkeWSNwf_5WNsjRlnXlie23xdxrE7B8gwmFhTthSwVyd1dW8OSWd8HGw-2aLDo8tFRc-f73CCMk4 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKwyhgjvJ6i10AuvViaH3xyQL9EOH5sDVl_T8tKp-4d7Z75tT330iI4C08UThQdkeWSNwf_5WNsjRlnXlie23xdxrE7B8gwmFhTthSwVyd1dW8OSWd8HGw-2aLDo8tFRc-f73CCMk4&google_hm=Q0FFU0VKa0NJbUU5cDU0S0RYemg4eXAyZzJB

Request Chain 146

• https://rtb.openx.net/sync/dds?google_gid=CAESEFoVFeNiWI56PdVYytMhbCw&google_cver=1&google_push=AYg5qPIATLhAVzRGqoX5dxk06IvoyeslCu45SVWl2sOAbIj5JdeCfbu4h2TQ5MrDOPh327BUoqh8xgnqLQc3p-70i6Sy0Cv4WKKD4K0XJDcsUQjUEmpMhzLJYNkk8GtvBW9xBnzYQXD6Zig HTTP 302
• https://rtb.openx.net/sync/dds?google_gid=CAESEFoVFeNiWI56PdVYytMhbCw&google_cver=1&google_push=AYg5qPIATLhAVzRGqoX5dxk06IvoyeslCu45SVWl2sOAbIj5JdeCfbu4h2TQ5MrDOPh327BUoqh8xgnqLQc3p-70i6Sy0Cv4WKKD4K0XJDcsUQjUEmpMhzLJYNkk8GtvBW9xBnzYQXD6Zig&ox_sc=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIATLhAVzRGqoX5dxk06IvoyeslCu45SVWl2sOAbIj5JdeCfbu4h2TQ5MrDOPh327BUoqh8xgnqLQc3p-70i6Sy0Cv4WKKD4K0XJDcsUQjUEmpMhzLJYNkk8GtvBW9xBnzYQXD6Zig&google_hm=6bCYhGluwbQZvfaWDGEhrw==

Request Chain 147

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECESIMXb8BBJSOMIfHSipWE&google_cver=1&google_push=AYg5qPIxIzHBst7ctkx31VYmv3ysmMZ4l_0iLMYPwkaGRtYeEw8cIHE2aiFt_zoKid0etgYDxL5oilSA6uPGMOAIL3CEAwrI_Ycnz6Xcenu_0d56dVAw24FgzZTORsQpCduWVVHLmpr8T-E HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iQTvWEBuSZ-ujJDG40uj0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIxIzHBst7ctkx31VYmv3ysmMZ4l_0iLMYPwkaGRtYeEw8cIHE2aiFt_zoKid0etgYDxL5oilSA6uPGMOAIL3CEAwrI_Ycnz6Xcenu_0d56dVAw24FgzZTORsQpCduWVVHLmpr8T-E

Request Chain 148

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA1bvzohjwU5PHGfZdw8qsU&google_cver=1&google_push=AYg5qPL9MiDajPm-FKc8oEkdqr9S5ClT5wj08lIVY-u0P_URfMu6hkrMrSRbAsBmMft9Tajt9nakh-JwIvq0oFB3_MoRjU-rzx5-WsHMyp-88SAw2rsw54N0SqXWhnjZO3MzLvnZ2FtHCQk HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxVUIwTFAtMTgtSTk3Rw==&google_push=AYg5qPL9MiDajPm-FKc8oEkdqr9S5ClT5wj08lIVY-u0P_URfMu6hkrMrSRbAsBmMft9Tajt9nakh-JwIvq0oFB3_MoRjU-rzx5-WsHMyp-88SAw2rsw54N0SqXWhnjZO3MzLvnZ2FtHCQk

Request Chain 149

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7QUxn3LnO43xnYzytMQEwA_a6tMAIq0ElYoQpqRkQKN7_je5jmZJ4Ng2PnWseH1w4dFUgnP1JOlEZXHzXjM4wr0lg1PbY HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7QUxn3LnO43xnYzytMQEwA_a6tMAIq0ElYoQpqRkQKN7_je5jmZJ4Ng2PnWseH1w4dFUgnP1JOlEZXHzXjM4wr0lg1PbY&s=184023&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7QUxn3LnO43xnYzytMQEwA_a6tMAIq0ElYoQpqRkQKN7_je5jmZJ4Ng2PnWseH1w4dFUgnP1JOlEZXHzXjM4wr0lg1PbY&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7QUxn3LnO43xnYzytMQEwA_a6tMAIq0ElYoQpqRkQKN7_je5jmZJ4Ng2PnWseH1w4dFUgnP1JOlEZXHzXjM4wr0lg1PbY&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7QUxn3LnO43xnYzytMQEwA_a6tMAIq0ElYoQpqRkQKN7_je5jmZJ4Ng2PnWseH1w4dFUgnP1JOlEZXHzXjM4wr0lg1PbY&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7QUxn3LnO43xnYzytMQEwA_a6tMAIq0ElYoQpqRkQKN7_je5jmZJ4Ng2PnWseH1w4dFUgnP1JOlEZXHzXjM4wr0lg1PbY&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7QUxn3LnO43xnYzytMQEwA_a6tMAIq0ElYoQpqRkQKN7_je5jmZJ4Ng2PnWseH1w4dFUgnP1JOlEZXHzXjM4wr0lg1PbY&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7QUxn3LnO43xnYzytMQEwA_a6tMAIq0ElYoQpqRkQKN7_je5jmZJ4Ng2PnWseH1w4dFUgnP1JOlEZXHzXjM4wr0lg1PbY&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7QUxn3LnO43xnYzytMQEwA_a6tMAIq0ElYoQpqRkQKN7_je5jmZJ4Ng2PnWseH1w4dFUgnP1JOlEZXHzXjM4wr0lg1PbY&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7QUxn3LnO43xnYzytMQEwA_a6tMAIq0ElYoQpqRkQKN7_je5jmZJ4Ng2PnWseH1w4dFUgnP1JOlEZXHzXjM4wr0lg1PbY&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7QUxn3LnO43xnYzytMQEwA_a6tMAIq0ElYoQpqRkQKN7_je5jmZJ4Ng2PnWseH1w4dFUgnP1JOlEZXHzXjM4wr0lg1PbY&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7QUxn3LnO43xnYzytMQEwA_a6tMAIq0ElYoQpqRkQKN7_je5jmZJ4Ng2PnWseH1w4dFUgnP1JOlEZXHzXjM4wr0lg1PbY&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7QUxn3LnO43xnYzytMQEwA_a6tMAIq0ElYoQpqRkQKN7_je5jmZJ4Ng2PnWseH1w4dFUgnP1JOlEZXHzXjM4wr0lg1PbY&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7QUxn3LnO43xnYzytMQEwA_a6tMAIq0ElYoQpqRkQKN7_je5jmZJ4Ng2PnWseH1w4dFUgnP1JOlEZXHzXjM4wr0lg1PbY&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7QUxn3LnO43xnYzytMQEwA_a6tMAIq0ElYoQpqRkQKN7_je5jmZJ4Ng2PnWseH1w4dFUgnP1JOlEZXHzXjM4wr0lg1PbY&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7QUxn3LnO43xnYzytMQEwA_a6tMAIq0ElYoQpqRkQKN7_je5jmZJ4Ng2PnWseH1w4dFUgnP1JOlEZXHzXjM4wr0lg1PbY&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7QUxn3LnO43xnYzytMQEwA_a6tMAIq0ElYoQpqRkQKN7_je5jmZJ4Ng2PnWseH1w4dFUgnP1JOlEZXHzXjM4wr0lg1PbY&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7QUxn3LnO43xnYzytMQEwA_a6tMAIq0ElYoQpqRkQKN7_je5jmZJ4Ng2PnWseH1w4dFUgnP1JOlEZXHzXjM4wr0lg1PbY&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7QUxn3LnO43xnYzytMQEwA_a6tMAIq0ElYoQpqRkQKN7_je5jmZJ4Ng2PnWseH1w4dFUgnP1JOlEZXHzXjM4wr0lg1PbY&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7QUxn3LnO43xnYzytMQEwA_a6tMAIq0ElYoQpqRkQKN7_je5jmZJ4Ng2PnWseH1w4dFUgnP1JOlEZXHzXjM4wr0lg1PbY&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7QUxn3LnO43xnYzytMQEwA_a6tMAIq0ElYoQpqRkQKN7_je5jmZJ4Ng2PnWseH1w4dFUgnP1JOlEZXHzXjM4wr0lg1PbY&google_cver=1

Request Chain 150

• https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEICCUNpmjHew4PnXWIwvrIk&google_cver=1&google_push=AYg5qPIRZjqVoEjGJfoOXsLHCu_YqWcjX5dwlhHFQSZyqZXtchgm5RyDmZvjlkaV5i1IO-3HRYKXB6jUz4mUo4Y3omu97qUlMOb0cLO8-j0h3HtKI-ON4VnW0CnPHp7v1Cul02gUwGyCbCY HTTP 301
• https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIRZjqVoEjGJfoOXsLHCu_YqWcjX5dwlhHFQSZyqZXtchgm5RyDmZvjlkaV5i1IO-3HRYKXB6jUz4mUo4Y3omu97qUlMOb0cLO8-j0h3HtKI-ON4VnW0C&google_hm= HTTP 302
• https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5

Request Chain 153

• https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLGMH_FlFSBb6ya81ucdmZrs4c7uJe7AOUkqALwNz9NOYpiskAoCNMXEe_x2L-eetmTgKz2YqyJAXTQ1Ql-rrbRkHY9-IDCCwSz5yG1SVvQeJiYa8GXpHWTu9kYcljdCwXi_K3OP9g&google_gid=CAESEL8dxQKe6wkxdWvvAQ5b1tg&google_cver=1 HTTP 302
• https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLGMH_FlFSBb6ya81ucdmZrs4c7uJe7AOUkqALwNz9NOYpiskAoCNMXEe_x2L-eetmTgKz2YqyJAXTQ1Ql-rrbRkHY9-IDCCwSz5yG1SVvQeJiYa8GXpHWTu9kYcljdCwXi_K3OP9g&google_gid=CAESEL8dxQKe6wkxdWvvAQ5b1tg&google_cver=1&rd=Y HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA5MDExODM1NDAwMDA0MDQ2MzMwMTM4NQ%3D%3D&google_push=AYg5qPLGMH_FlFSBb6ya81ucdmZrs4c7uJe7AOUkqALwNz9NOYpiskAoCNMXEe_x2L-eetmTgKz2YqyJAXTQ1Ql-rrbRkHY9-IDCCwSz5yG1SVvQeJiYa8GXpHWTu9kYcljdCwXi_K3OP9g

Request Chain 154

• https://rtb.openx.net/sync/dds?google_gid=CAESEFoVFeNiWI56PdVYytMhbCw&google_cver=1&google_push=AYg5qPJYJMfaTrSJHssCaQER78hNKOQyRGgc_VHQxFi6KUKXr96eH3wBNihdtUt1RSYhZfk0NBU2vpMUURtkdRU_jsDGfEORri6QMi_rIoB_ks814oBKhfC0bDkaEwT1n-olnyxUCQN6qpE HTTP 302
• https://rtb.openx.net/sync/dds?google_gid=CAESEFoVFeNiWI56PdVYytMhbCw&google_cver=1&google_push=AYg5qPJYJMfaTrSJHssCaQER78hNKOQyRGgc_VHQxFi6KUKXr96eH3wBNihdtUt1RSYhZfk0NBU2vpMUURtkdRU_jsDGfEORri6QMi_rIoB_ks814oBKhfC0bDkaEwT1n-olnyxUCQN6qpE&ox_sc=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJYJMfaTrSJHssCaQER78hNKOQyRGgc_VHQxFi6KUKXr96eH3wBNihdtUt1RSYhZfk0NBU2vpMUURtkdRU_jsDGfEORri6QMi_rIoB_ks814oBKhfC0bDkaEwT1n-olnyxUCQN6qpE&google_hm=6bCYhGluwbQZvfaWDGEhrw==

Request Chain 155

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECESIMXb8BBJSOMIfHSipWE&google_cver=1&google_push=AYg5qPKUnHDAIgaNQb2TT38RloJdkxnqcN_u018qXuDZXQdAivD6e-lJpTr-cTJdei3bAUnkGXxg1eu6lCa_MOS1G0vuQkeodORewRONqHjhnu0GcqtdUV6nku0ra1bnviRUxJdTTLseUDE HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iQTvWEBuSZ-ujJDG40uj0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKUnHDAIgaNQb2TT38RloJdkxnqcN_u018qXuDZXQdAivD6e-lJpTr-cTJdei3bAUnkGXxg1eu6lCa_MOS1G0vuQkeodORewRONqHjhnu0GcqtdUV6nku0ra1bnviRUxJdTTLseUDE

Request Chain 156

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA1bvzohjwU5PHGfZdw8qsU&google_cver=1&google_push=AYg5qPIT8BTDr_nGNKPItterZrKiaCaSMWTteid3yYpvyDNT8CYcgwbfg0RTQ1kvdXGZLxW3f6920Xfk_MW1VQ80mFry94hRqxfjNiO-uiu6sAiS-zupxroUj4ONFTo493gnQdvYUppf9zI HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxVUIwTlotUy1EVkIz&google_push=AYg5qPIT8BTDr_nGNKPItterZrKiaCaSMWTteid3yYpvyDNT8CYcgwbfg0RTQ1kvdXGZLxW3f6920Xfk_MW1VQ80mFry94hRqxfjNiO-uiu6sAiS-zupxroUj4ONFTo493gnQdvYUppf9zI

Request Chain 157

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thXFAYQeIxPLUeZ8kO_05A-YwlbTSssF128n4e0r_4-eosP85DuWdmXOKFGTsumvtFPxqn6mLIx1ukI088Vvdf0YwUx9629oLwLcksrsv3r2I HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thXFAYQeIxPLUeZ8kO_05A-YwlbTSssF128n4e0r_4-eosP85DuWdmXOKFGTsumvtFPxqn6mLIx1ukI088Vvdf0YwUx9629oLwLcksrsv3r2I&s=184023&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thXFAYQeIxPLUeZ8kO_05A-YwlbTSssF128n4e0r_4-eosP85DuWdmXOKFGTsumvtFPxqn6mLIx1ukI088Vvdf0YwUx9629oLwLcksrsv3r2I HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thXFAYQeIxPLUeZ8kO_05A-YwlbTSssF128n4e0r_4-eosP85DuWdmXOKFGTsumvtFPxqn6mLIx1ukI088Vvdf0YwUx9629oLwLcksrsv3r2I HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thXFAYQeIxPLUeZ8kO_05A-YwlbTSssF128n4e0r_4-eosP85DuWdmXOKFGTsumvtFPxqn6mLIx1ukI088Vvdf0YwUx9629oLwLcksrsv3r2I HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thXFAYQeIxPLUeZ8kO_05A-YwlbTSssF128n4e0r_4-eosP85DuWdmXOKFGTsumvtFPxqn6mLIx1ukI088Vvdf0YwUx9629oLwLcksrsv3r2I HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thXFAYQeIxPLUeZ8kO_05A-YwlbTSssF128n4e0r_4-eosP85DuWdmXOKFGTsumvtFPxqn6mLIx1ukI088Vvdf0YwUx9629oLwLcksrsv3r2I HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thXFAYQeIxPLUeZ8kO_05A-YwlbTSssF128n4e0r_4-eosP85DuWdmXOKFGTsumvtFPxqn6mLIx1ukI088Vvdf0YwUx9629oLwLcksrsv3r2I HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thXFAYQeIxPLUeZ8kO_05A-YwlbTSssF128n4e0r_4-eosP85DuWdmXOKFGTsumvtFPxqn6mLIx1ukI088Vvdf0YwUx9629oLwLcksrsv3r2I HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thXFAYQeIxPLUeZ8kO_05A-YwlbTSssF128n4e0r_4-eosP85DuWdmXOKFGTsumvtFPxqn6mLIx1ukI088Vvdf0YwUx9629oLwLcksrsv3r2I HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thXFAYQeIxPLUeZ8kO_05A-YwlbTSssF128n4e0r_4-eosP85DuWdmXOKFGTsumvtFPxqn6mLIx1ukI088Vvdf0YwUx9629oLwLcksrsv3r2I HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thXFAYQeIxPLUeZ8kO_05A-YwlbTSssF128n4e0r_4-eosP85DuWdmXOKFGTsumvtFPxqn6mLIx1ukI088Vvdf0YwUx9629oLwLcksrsv3r2I HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thXFAYQeIxPLUeZ8kO_05A-YwlbTSssF128n4e0r_4-eosP85DuWdmXOKFGTsumvtFPxqn6mLIx1ukI088Vvdf0YwUx9629oLwLcksrsv3r2I HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thXFAYQeIxPLUeZ8kO_05A-YwlbTSssF128n4e0r_4-eosP85DuWdmXOKFGTsumvtFPxqn6mLIx1ukI088Vvdf0YwUx9629oLwLcksrsv3r2I HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thXFAYQeIxPLUeZ8kO_05A-YwlbTSssF128n4e0r_4-eosP85DuWdmXOKFGTsumvtFPxqn6mLIx1ukI088Vvdf0YwUx9629oLwLcksrsv3r2I HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thXFAYQeIxPLUeZ8kO_05A-YwlbTSssF128n4e0r_4-eosP85DuWdmXOKFGTsumvtFPxqn6mLIx1ukI088Vvdf0YwUx9629oLwLcksrsv3r2I HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thXFAYQeIxPLUeZ8kO_05A-YwlbTSssF128n4e0r_4-eosP85DuWdmXOKFGTsumvtFPxqn6mLIx1ukI088Vvdf0YwUx9629oLwLcksrsv3r2I HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thXFAYQeIxPLUeZ8kO_05A-YwlbTSssF128n4e0r_4-eosP85DuWdmXOKFGTsumvtFPxqn6mLIx1ukI088Vvdf0YwUx9629oLwLcksrsv3r2I HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thXFAYQeIxPLUeZ8kO_05A-YwlbTSssF128n4e0r_4-eosP85DuWdmXOKFGTsumvtFPxqn6mLIx1ukI088Vvdf0YwUx9629oLwLcksrsv3r2I HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thXFAYQeIxPLUeZ8kO_05A-YwlbTSssF128n4e0r_4-eosP85DuWdmXOKFGTsumvtFPxqn6mLIx1ukI088Vvdf0YwUx9629oLwLcksrsv3r2I HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thXFAYQeIxPLUeZ8kO_05A-YwlbTSssF128n4e0r_4-eosP85DuWdmXOKFGTsumvtFPxqn6mLIx1ukI088Vvdf0YwUx9629oLwLcksrsv3r2I

Request Chain 158

• https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEICCUNpmjHew4PnXWIwvrIk&google_cver=1&google_push=AYg5qPIRbgnoe2FnFrFLASirwJ5k6dPGc5UOKF3F7oGjNvoqAZ3Kh7SXi_zhM-SN5WtSVNG2HHz2eLapUBgEizkIWRY2Z72Lcj6B7YnSAtoDTKNx4Bhq2t9VFSKU1x0nV-N0WQefNhYM5QnV HTTP 301
• https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIRbgnoe2FnFrFLASirwJ5k6dPGc5UOKF3F7oGjNvoqAZ3Kh7SXi_zhM-SN5WtSVNG2HHz2eLapUBgEizkIWRY2Z72Lcj6B7YnSAtoDTKNx4Bhq2t9VFS&google_hm= HTTP 302
• https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5

Request Chain 168

• https://d.agkn.com/pixel/2175/?google_gid=CAESEJkCImE9p54KDXzh8yp2g2A&google_cver=1&google_push=AYg5qPLtDYU2z5E5TG5oBJ9YiwgADMY0azsf5xvwtBBiD-yf28UmcoyUhulSVQBnytcIrIbRdvkS6AbPUXmqFyD7vZb6gk79p-s HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLtDYU2z5E5TG5oBJ9YiwgADMY0azsf5xvwtBBiD-yf28UmcoyUhulSVQBnytcIrIbRdvkS6AbPUXmqFyD7vZb6gk79p-s&google_hm=Q0FFU0VKa0NJbUU5cDU0S0RYemg4eXAyZzJB

Request Chain 169

• https://rtb.openx.net/sync/dds?google_gid=CAESEFoVFeNiWI56PdVYytMhbCw&google_cver=1&google_push=AYg5qPINAbEwQRDGEowk65CFWJIX9jTWFP-6_HZdv09R2cSEhuRfI1R_jlZQrtrhBTrQ_OWzQ19UPJ2vKPy-tMDnlUMGufJygiQ HTTP 302
• https://rtb.openx.net/sync/dds?google_gid=CAESEFoVFeNiWI56PdVYytMhbCw&google_cver=1&google_push=AYg5qPINAbEwQRDGEowk65CFWJIX9jTWFP-6_HZdv09R2cSEhuRfI1R_jlZQrtrhBTrQ_OWzQ19UPJ2vKPy-tMDnlUMGufJygiQ&ox_sc=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPINAbEwQRDGEowk65CFWJIX9jTWFP-6_HZdv09R2cSEhuRfI1R_jlZQrtrhBTrQ_OWzQ19UPJ2vKPy-tMDnlUMGufJygiQ&google_hm=6bCYhGluwbQZvfaWDGEhrw==

Request Chain 170

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECESIMXb8BBJSOMIfHSipWE&google_cver=1&google_push=AYg5qPLGBKqP2RgRjoobZZxCxRe_R3EVlDvUcKxCDzD39xgc4BpZXLezon1pbC9wo2n-ypUVmELfdxnQ3b6m2A-krpy3qnOcFA HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iQTvWEBuSZ-ujJDG40uj0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLGBKqP2RgRjoobZZxCxRe_R3EVlDvUcKxCDzD39xgc4BpZXLezon1pbC9wo2n-ypUVmELfdxnQ3b6m2A-krpy3qnOcFA

Request Chain 171

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA1bvzohjwU5PHGfZdw8qsU&google_cver=1&google_push=AYg5qPKmA-8x7RG0c151EK6VLQ7Jgb3vu4i-pRjfYEaTcJXkHcMIAapBQAGnSwom-LrKseoscej9PZTKgqzVWdNIwM6NscClZw HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxVUIwUEotMjEtNEFaUA==&google_push=AYg5qPKmA-8x7RG0c151EK6VLQ7Jgb3vu4i-pRjfYEaTcJXkHcMIAapBQAGnSwom-LrKseoscej9PZTKgqzVWdNIwM6NscClZw

Request Chain 172

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGDltFUHcOQ HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGDltFUHcOQ&s=184023&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGDltFUHcOQ&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGDltFUHcOQ&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGDltFUHcOQ&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGDltFUHcOQ&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGDltFUHcOQ&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGDltFUHcOQ&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGDltFUHcOQ&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGDltFUHcOQ&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGDltFUHcOQ&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGDltFUHcOQ&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGDltFUHcOQ&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGDltFUHcOQ&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGDltFUHcOQ&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGDltFUHcOQ&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGDltFUHcOQ&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGDltFUHcOQ&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGDltFUHcOQ&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGDltFUHcOQ&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGDltFUHcOQ&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1

Request Chain 173

• https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEICCUNpmjHew4PnXWIwvrIk&google_cver=1&google_push=AYg5qPLtzqcG-oje2gJe-z3s_rwd8W_01eVOKJCzw5NYslXCNdgYb8k_JMld5PqJSZLnbQHTgBnJCLaTD0CjInF2RbMM6tKa3vSA HTTP 301
• https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLtzqcG-oje2gJe-z3s_rwd8W_01eVOKJCzw5NYslXCNdgYb8k_JMld5PqJSZLnbQHTgBnJCLaTD0CjInF2RbMM6tKa3vSA&google_hm= HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLtzqcG-oje2gJe-z3s_rwd8W_01eVOKJCzw5NYslXCNdgYb8k_JMld5PqJSZLnbQHTgBnJCLaTD0CjInF2RbMM6tKa3vSA&google_hm=&google_tc=

Request Chain 224

• https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__asuidIOeiVsbvCo8PnUJ4H5u1neOJuM8AL3aXasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKz8xam13vICFdkz4Aod8MAKog;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__asuidIOeiVsbvCo8PnUJ4H5u1neOJuM8AL3aXasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__asuidIOeiVsbvCo8PnUJ4H5u1neOJuM8AL3aXasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630521339_67d90630-0b53-11ec-b04d-692d0ef87526

Request Chain 234

• https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidxab-IzyrCsTfxTmqu2VYgJsXsAP7fK9sasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKiBxqm13vICFYLSdwodRYgGcA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidxab-IzyrCsTfxTmqu2VYgJsXsAP7fK9sasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidxab-IzyrCsTfxTmqu2VYgJsXsAP7fK9sasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630521339_6804d121-0b53-11ec-b04d-692d0ef87526

Request Chain 244

• https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__asuidMInmF05_CaZFcRpKv2H_2EewNtCCUBaNasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CNiBxqm13vICFVRN4AodE8kL9w;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__asuidMInmF05_CaZFcRpKv2H_2EewNtCCUBaNasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__asuidMInmF05_CaZFcRpKv2H_2EewNtCCUBaNasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630521339_67fabf00-0b53-11ec-9917-692d0f70657e

Request Chain 254

• https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidYE_QH4q1sR6ldDPdlFwgUNsyoQ5Ywyrkasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CML_xam13vICFVqy3godw0MCow;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidYE_QH4q1sR6ldDPdlFwgUNsyoQ5Ywyrkasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidYE_QH4q1sR6ldDPdlFwgUNsyoQ5Ywyrkasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630521339_67e56241-0b53-11ec-bb85-692d07ad2270

Request Chain 264

• https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CPL_xam13vICFRI34AodzAIGdA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
• https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630521339_67f05ec0-0b53-11ec-bb85-692d07ad2270

Request Chain 265

• https://syndication.twitter.com/i/jot HTTP 302
• https://platform.twitter.com/jot.html

274 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set / Show response beyondhallyu.com/gamest/HomeLogin/ Redirect Chain http://beyondhallyu.com/gamest/ http://beyondhallyu.com/gamest/HomeLogin http://beyondhallyu.com/gamest/HomeLogin/	17 KB 17 KB	126ms 65ms	Document text/html	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Full URL http://beyondhallyu.com/gamest/HomeLogin/ Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash e8f4e88035bc4e7828828998800c05e4022ed6f67b7eafa5053b3b2852d36e30 Request headers Host beyondhallyu.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:33 GMT Server Apache Last-Modified Wed, 01 Sep 2021 17:00:37 GMT ETag "291dcf67-4375-5caf20160b604" Accept-Ranges bytes Content-Length 17269 Content-Type text/html X-Cache MISS from lin-10-170-0-112.gridhost.co.uk X-Cache-Lookup MISS from lin-10-170-0-112.gridhost.co.uk:3128 Connection close Set-Cookie DYNSRV=lin-10-170-0-112; path=/ Redirect headers Date Wed, 01 Sep 2021 18:35:33 GMT Server Apache Location http://beyondhallyu.com/gamest/HomeLogin/ Content-Length 249 Content-Type text/html; charset=iso-8859-1 X-Cache MISS from lin-10-170-0-14.gridhost.co.uk X-Cache-Lookup MISS from lin-10-170-0-14.gridhost.co.uk:3128 Connection close
GET H2	200	okta-sign-in.min.js Show response ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.1/js/	1 MB 394 KB	196ms 95ms	Script application/javascript	18.66.112.61 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.1/js/okta-sign-in.min.js Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.61 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 976d97e25fc4e18765ea00409bde55568473af3af80afed08cf6a4097dafefde Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 30 Aug 2021 07:08:08 GMT content-encoding gzip vary Accept-Encoding age 214045 x-cache Hit from cloudfront access-control-allow-origin * last-modified Tue, 20 Oct 2020 20:31:34 GMT server nginx etag W/"d10e6f90c2e3f9cbbbf40dcd6456d5eb" strict-transport-security max-age=315360000; includeSubDomains content-type application/javascript via 1.1 91dc0292eef4e22508a3ae73fe64bbf5.cloudfront.net (CloudFront) cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" x-amz-cf-pop FRA56-P5 x-amz-cf-id m8RDulRc8C_xWU-Gq-1HngP2gxbWOUDpxGsjKaHloF0hPjSa6Tvd3A== expires Tue, 30 Aug 2022 07:08:08 GMT
GET H2	200	okta-sign-in.min.css ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.1/css/	191 KB 34 KB	150ms 49ms	Stylesheet text/css	18.66.112.61 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.1/css/okta-sign-in.min.css Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.61 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash c39d078797265514dd92453bbf005eb4023fd97be240de15fa2b0a2f06502e7d Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 30 Aug 2021 07:08:08 GMT content-encoding gzip vary Accept-Encoding age 214045 x-cache Hit from cloudfront access-control-allow-origin * last-modified Tue, 20 Oct 2020 20:31:23 GMT server nginx etag W/"da950f0640177df2289efdce11791b9c" strict-transport-security max-age=315360000; includeSubDomains content-type text/css via 1.1 91dc0292eef4e22508a3ae73fe64bbf5.cloudfront.net (CloudFront) cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" x-amz-cf-pop FRA56-P5 x-amz-cf-id GGOfA0cCyLKaw_U4jp-dGL8NIR6UkRgzl7A3j3zxi6u3K2Lhoishyw== expires Tue, 30 Aug 2022 07:08:08 GMT
GET H2	200	loginpage-theme.7138a0eb969c6a25c2d39004ad54df8a.css ok2static.oktacdn.com/assets/loginpage/css/	2 KB 2 KB	145ms 45ms	Stylesheet text/css	18.66.112.30 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok2static.oktacdn.com/assets/loginpage/css/loginpage-theme.7138a0eb969c6a25c2d39004ad54df8a.css Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.30 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash f785f5556c21cf194c575f6e70688fdf527de0efdba9aed9c004f2f40010b2b3 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 30 Aug 2021 07:08:08 GMT content-encoding gzip vary Accept-Encoding age 214045 x-cache Hit from cloudfront access-control-allow-origin * last-modified Tue, 12 Nov 2019 22:30:30 GMT server nginx etag W/"7138a0eb969c6a25c2d39004ad54df8a" strict-transport-security max-age=315360000; includeSubDomains content-type text/css via 1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront) cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" x-amz-cf-pop FRA56-P5 x-amz-cf-id xJSsBOX1lSsPyBXBH-b_D925vlwQeXLUgKrwDVgFnV7KRo9BoqrGew== expires Tue, 30 Aug 2022 07:08:08 GMT
GET H/1.1	404 Not Found	initLoginPage.pack.007ca6bc5d1951a8780fd28c60794b98.js beyondhallyu.com/gamest/HomeLogin/files/	0 0	1849ms 1789ms	Script text/html	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Full URL http://beyondhallyu.com/gamest/HomeLogin/files/initLoginPage.pack.007ca6bc5d1951a8780fd28c60794b98.js Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/ Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / PHP/5.6.37 Resource Hash Request headers Pragma no-cache Origin http://beyondhallyu.com Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept */* Referer http://beyondhallyu.com/gamest/HomeLogin/ Cookie DYNSRV=lin-10-170-0-112 Connection keep-alive Cache-Control no-cache Origin http://beyondhallyu.com Referer http://beyondhallyu.com/gamest/HomeLogin/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Wed, 01 Sep 2021 18:35:33 GMT X-Cache-Lookup MISS from lin-10-170-0-112.gridhost.co.uk:3128 Server Apache X-Powered-By PHP/5.6.37 X-Pingback http://beyondhallyu.com/xmlrpc.php X-Cache MISS from lin-10-170-0-112.gridhost.co.uk Content-Type text/html; charset=UTF-8 Cache-Control no-cache, must-revalidate, max-age=0 Transfer-Encoding chunked Connection close Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	fs01fzuica2jvgnTX0x7 ok6static.oktacdn.com/fs/bco/1/	6 KB 7 KB	194ms 52ms	Image image/png	65.9.71.16 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ok6static.oktacdn.com/fs/bco/1/fs01fzuica2jvgnTX0x7 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.71.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 32dcb653c56905464ea8b0844490bf85ad56343c665d3e5d0d8e00142897ff9b Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Sat, 21 Aug 2021 17:09:48 GMT via 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront) age 955546 x-cache Hit from cloudfront content-length 6083 last-modified Wed, 07 Aug 2019 20:01:47 GMT server nginx etag "5ff3a7e014ffad4e6fe9e90d129b57f1" strict-transport-security max-age=315360000; includeSubDomains public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" access-control-allow-origin * cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 x-amz-cf-pop FRA56-C1 accept-ranges bytes content-type image/png x-amz-cf-id TcgW6HWzp4BEhJzgdnb1CtovZTyqs410U8jHfCYEfpN6kyHkdu4D1w== expires Sun, 21 Aug 2022 17:09:48 GMT
GET H/1.1	404 Not Found	Cookie set iframe.html Show response beyondhallyu.com/gamest/HomeLogin/files/ Frame F1E2	37 KB 38 KB	981ms 924ms	Document text/html	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Full URL http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/ Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / PHP/5.6.37 Resource Hash 1998c7a3174d9c1ab9b7ff949862eb77002ea673c3830b2f87ed73b5f374c56b Request headers Host beyondhallyu.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Referer http://beyondhallyu.com/gamest/HomeLogin/ Accept-Encoding gzip, deflate Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer http://beyondhallyu.com/gamest/HomeLogin/ Response headers Date Wed, 01 Sep 2021 18:35:35 GMT Server Apache X-Powered-By PHP/5.6.37 X-Pingback http://beyondhallyu.com/xmlrpc.php Expires Wed, 11 Jan 1984 05:00:00 GMT Cache-Control no-cache, must-revalidate, max-age=0 Pragma no-cache Content-Type text/html; charset=UTF-8 X-Cache MISS from lin-10-170-0-15.gridhost.co.uk X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Transfer-Encoding chunked Connection close Set-Cookie DYNSRV=lin-10-170-0-15; path=/
GET H2	200	default.png ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.1/img/security/	2 KB 3 KB	46ms 44ms	Image image/png	18.66.112.61 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.1/img/security/default.png Requested by Host: ok3static.oktacdn.com URL: https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.1/css/okta-sign-in.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.61 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash da75c3f3ce27c081541dfb59edd7e756fefe054a9e0e976356c4b0d3778bb434 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.1/css/okta-sign-in.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 15:53:30 GMT via 1.1 91dc0292eef4e22508a3ae73fe64bbf5.cloudfront.net (CloudFront) age 96125 x-cache Hit from cloudfront content-length 1800 last-modified Tue, 20 Oct 2020 20:31:32 GMT server nginx etag "04eeeba5b3538c4524d8e6828ba2c405" strict-transport-security max-age=315360000; includeSubDomains public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" access-control-allow-origin * cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 x-amz-cf-pop FRA56-P5 accept-ranges bytes content-type image/png x-amz-cf-id t110B7PPxqbd-xb4UUY0NABSoopmdlMUitEKyjCkS7sdtrqsRkbXUg== expires Wed, 31 Aug 2022 15:53:30 GMT
GET H2	200	checkbox-sign-in-widget.png ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.1/img/ui/forms/	3 KB 4 KB	43ms 43ms	Image image/png	18.66.112.61 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.1/img/ui/forms/checkbox-sign-in-widget.png Requested by Host: ok3static.oktacdn.com URL: https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.1/css/okta-sign-in.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.61 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 40810b0318131f9ba52c83a17e633a0ac476ade66ea8a914d6c4980571397665 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.1/css/okta-sign-in.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Tue, 31 Aug 2021 15:53:30 GMT via 1.1 91dc0292eef4e22508a3ae73fe64bbf5.cloudfront.net (CloudFront) age 96125 x-cache Hit from cloudfront content-length 3141 last-modified Tue, 20 Oct 2020 20:31:25 GMT server nginx etag "7846b2f8c6d0a7ca69fdd3d3c294e92d" strict-transport-security max-age=315360000; includeSubDomains public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" access-control-allow-origin * cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 x-amz-cf-pop FRA56-P5 accept-ranges bytes content-type image/png x-amz-cf-id SQ9yEw6eknF9U2VApUHUNiOsSBldToqE3B3MZe8gwClSNa7Spanw7g== expires Wed, 31 Aug 2022 15:53:30 GMT
GET H2	200	montserrat-light-webfont.woff ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.1/font/	22 KB 22 KB	155ms 53ms	Font application/font-woff	18.66.112.61 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.1/font/montserrat-light-webfont.woff Requested by Host: ok3static.oktacdn.com URL: https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.1/css/okta-sign-in.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.61 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash feb177fb563f478cb8ecade71caea5df5ad318ca161c71875114e504ce304ace Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Origin http://beyondhallyu.com Referer https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.1/css/okta-sign-in.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 30 Aug 2021 07:08:09 GMT via 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront) age 214046 x-cache Hit from cloudfront content-length 22112 last-modified Tue, 20 Oct 2020 20:31:24 GMT server nginx etag "6225f3ca44b83090833064727a09cc95" strict-transport-security max-age=315360000; includeSubDomains public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" access-control-allow-origin * cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 x-amz-cf-pop FRA56-P5 accept-ranges bytes content-type application/font-woff x-amz-cf-id P_L2uvyDoWtw0EiLDPJmIrOTeQVWL-UjSDIpdZcG9FD6YMH7uHfCBw== expires Tue, 30 Aug 2022 07:08:09 GMT
GET H2	200	montserrat-regular-webfont.woff ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.1/font/	21 KB 22 KB	181ms 94ms	Font application/font-woff	18.66.112.61 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.1/font/montserrat-regular-webfont.woff Requested by Host: ok3static.oktacdn.com URL: https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.1/css/okta-sign-in.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.61 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 1d5325892ecf2dc3abd0caf2a1ef4eabf2477e2937c9a372760fd2acae8fddf3 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Origin http://beyondhallyu.com Referer https://ok3static.oktacdn.com/assets/js/sdk/okta-signin-widget/4.5.1/css/okta-sign-in.min.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 30 Aug 2021 07:08:09 GMT via 1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront) age 214046 x-cache Hit from cloudfront content-length 21980 last-modified Tue, 20 Oct 2020 20:31:24 GMT server nginx etag "8f2822b73b5f9c106c6f2e0db820bcbb" strict-transport-security max-age=315360000; includeSubDomains public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" access-control-allow-origin * cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 x-amz-cf-pop FRA56-P5 accept-ranges bytes content-type application/font-woff x-amz-cf-id dNuREEs4reogTNISi6Fk-IvYVOsJ5nACE_m9iBf_8wIi601A5L5g8Q== expires Tue, 30 Aug 2022 07:08:09 GMT
GET H/1.1	200 OK	style.css beyondhallyu.com/wp-content/themes/100vjet/ Frame F1E2	67 KB 67 KB	157ms 104ms	Stylesheet text/css	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Full URL http://beyondhallyu.com/wp-content/themes/100vjet/style.css Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash bce132fa6ca628dcf308f04a4b65030c57181aef956b95917b938b83f234412a Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15 Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:36 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Sat, 20 Apr 2013 13:00:43 GMT Server Apache ETag "23a2a90-10afa-4daca6c61ff82" X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type text/css Connection close Accept-Ranges bytes Content-Length 68346
GET H/1.1	200 OK	responsive.css beyondhallyu.com/wp-content/themes/100vjet/css/ Frame F1E2	14 KB 14 KB	156ms 100ms	Stylesheet text/css	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Full URL http://beyondhallyu.com/wp-content/themes/100vjet/css/responsive.css Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash 49f463bffc871bc6e8a25d7a967c3fbc5b382aaa7b272dd37e0997eaaa6662d4 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15 Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:36 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Sat, 20 Apr 2013 13:00:44 GMT Server Apache ETag "11c695d-3747-4daca6c729161" X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type text/css Connection close Accept-Ranges bytes Content-Length 14151
GET H/1.1	200 OK	ts-fab.min.css beyondhallyu.com/wp-content/plugins/fancier-author-box/css/ Frame F1E2	4 KB 4 KB	157ms 101ms	Stylesheet text/css	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Full URL http://beyondhallyu.com/wp-content/plugins/fancier-author-box/css/ts-fab.min.css?ver=1.4 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash 994caad041756eb46d498767b20ce6b30f62cc9ad641e14af0f4d370b061c218 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15 Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:36 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Sat, 13 Jun 2015 21:49:54 GMT Server Apache ETag "12653c7d-e60-5186d347aa419" X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type text/css Connection close Accept-Ranges bytes Content-Length 3680
GET H/1.1	200 OK	css fonts.googleapis.com/ Frame F1E2	1 KB 977 B	20ms 17ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL http://fonts.googleapis.com/css?family=Acme%7CWaiting+for+the+Sunrise%7CAngkor%7Carial%7Carial%7Carial%7Carial%7Carial%7Carial%7Carial%7Carial%7Carial%7Carial%7Carial%7Carial%7Carial%7Carial&ver=4.2.30 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7cc628047c8f19e9e85c72f512f2016c3d86df37b0ec1a88d2074f792d5d29e0 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:36 GMT Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Wed, 01 Sep 2021 18:35:36 GMT Server ESF X-Frame-Options SAMEORIGIN Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * Cache-Control private, max-age=86400, stale-while-revalidate=604800 Transfer-Encoding chunked Cross-Origin-Resource-Policy cross-origin Timing-Allow-Origin * Link <http://fonts.gstatic.com>; rel=preconnect; crossorigin X-XSS-Protection 0 Expires Wed, 01 Sep 2021 18:35:36 GMT
GET H/1.1	200 OK	custom.php beyondhallyu.com/wp-content/themes/100vjet/css/ Frame F1E2	4 KB 5 KB	845ms 783ms	Stylesheet text/css	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Full URL http://beyondhallyu.com/wp-content/themes/100vjet/css/custom.php?ver=4.2.30 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash 392402bc809ec194951ad6069e7e6cbddeba1524ac8430108c1a077f3459c733 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15 Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:36 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Server Apache Connection close Transfer-Encoding chunked X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type text/css; charset: UTF-8;charset=UTF-8
GET H/1.1	200 OK	jetpack.css beyondhallyu.com/wp-content/plugins/jetpack/css/ Frame F1E2	51 KB 51 KB	159ms 97ms	Stylesheet text/css	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Full URL http://beyondhallyu.com/wp-content/plugins/jetpack/css/jetpack.css?ver=3.3.5 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash 705bd128e820db45ff069d720bfadf9102a8ae2d1666664aa17afc2d6830a522 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept text/css,*/*;q=0.1 Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15 Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:36 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Thu, 03 Jun 2021 18:07:35 GMT Server Apache ETag "23903062-cc22-5c3e07320b76d" X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type text/css Connection close Accept-Ranges bytes Content-Length 52258
GET H/1.1	200 OK	jquery.js Show response beyondhallyu.com/wp-includes/js/jquery/ Frame F1E2	94 KB 94 KB	212ms 58ms	Script application/javascript	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Full URL http://beyondhallyu.com/wp-includes/js/jquery/jquery.js?ver=1.11.2 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash 9b1b195900c079b2a8859cb8ded918d2e179c49fbb2a3aab3491e68d33fbaa54 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept */* Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15 Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:36 GMT X-Pad avoid browser bug X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Sun, 31 May 2015 08:13:23 GMT Server Apache ETag "3328fd3-176d0-5175c487a34f4" X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 95952
GET H/1.1	200 OK	jquery-migrate.min.js Show response beyondhallyu.com/wp-includes/js/jquery/ Frame F1E2	7 KB 7 KB	276ms 63ms	Script application/javascript	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Full URL http://beyondhallyu.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept */* Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15 Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:36 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Sat, 16 Nov 2013 13:53:53 GMT Server Apache ETag "469f233-1c20-4eb4ba52bf154" X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 7200
GET H/1.1	200 OK	ts-fab.min.js Show response beyondhallyu.com/wp-content/plugins/fancier-author-box/js/ Frame F1E2	498 B 866 B	332ms 73ms	Script application/javascript	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Full URL http://beyondhallyu.com/wp-content/plugins/fancier-author-box/js/ts-fab.min.js?ver=1.4 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash b584c8ad02d51cabe638f45eaa1b67e8a9008d6f0b0302c679fc9de904e44ebd Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept */* Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15 Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:36 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Sat, 13 Jun 2015 21:49:54 GMT Server Apache ETag "12653c47-1f2-5186d34774bd8" X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 498
GET H/1.1	200 OK	ytprefs.min.js Show response beyondhallyu.com/wp-content/plugins/youtube-embed-plus/scripts/ Frame F1E2	2 KB 3 KB	403ms 85ms	Script application/javascript	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Full URL http://beyondhallyu.com/wp-content/plugins/youtube-embed-plus/scripts/ytprefs.min.js?ver=4.2.30 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash 83b0ad3c7d06cf0a7466fa9cfb4bb1e644cfca09d2e7e347690b495dff41bb5e Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept */* Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15 Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:36 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Fri, 26 Dec 2014 17:05:57 GMT Server Apache ETag "e33de19-8e5-50b2189d62d49" X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 2277
GET H/1.1	200 OK	site-version-pride.png beyondhallyu.com/wp-content/uploads/2015/06/ Frame F1E2	8 KB 8 KB	113ms 59ms	Image image/png	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Show image Full URL http://beyondhallyu.com/wp-content/uploads/2015/06/site-version-pride.png Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash ae1a39883acdd4bcaa4c0b9e562d0d071ca202ff49d97555d3ae2ad7a59c64a4 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15; __utma=229246991.964598173.1630521337.1630521337.1630521337.1; __utmc=229246991; __utmz=229246991.1630521337.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=229246991.2.10.1630521337 Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:37 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Sat, 27 Jun 2015 21:04:49 GMT Server Apache ETag "148b9575-1ec2-519863505c770" X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type image/png Connection close Accept-Ranges bytes Content-Length 7874
GET H/1.1	200 OK	show_ads.js Show response pagead2.googlesyndication.com/pagead/ Frame F1E2	98 KB 35 KB	31ms 31ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://pagead2.googlesyndication.com/pagead/show_ads.js Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b27850e9bf45770196e2d2648f2781021792cdea5d05407566abb222972da5bf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Timing-Allow-Origin * Date Wed, 01 Sep 2021 18:35:36 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cafe ETag 1484597464187390499 Vary Accept-Encoding P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control private, max-age=3600 Cross-Origin-Resource-Policy cross-origin Content-Disposition attachment; filename="f.txt" Content-Type text/javascript; charset=UTF-8 Content-Length 35443 X-XSS-Protection 0 Expires Wed, 01 Sep 2021 18:35:36 GMT
GET H/1.1	200 OK	timthumb.php beyondhallyu.com/wp-content/themes/100vjet/inc/scripts/ Frame F1E2	2 KB 2 KB	378ms 317ms	Image image/jpeg	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Show image Full URL http://beyondhallyu.com/wp-content/themes/100vjet/inc/scripts/timthumb.php?src=http://beyondhallyu.com/wp-content/uploads/2013/04/infinite2.jpg&w=50&h=50&zc=0 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash 016349370b7f4c6aa39b8392e3b9ab7bcd5eb77588b498cd78f24976ce4a7514 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15; __utma=229246991.964598173.1630521337.1630521337.1630521337.1; __utmc=229246991; __utmz=229246991.1630521337.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=229246991.2.10.1630521337 Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:37 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Wed, 01 Sep 2021 18:35:37 GMT Server Apache X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type image/jpeg Cache-Control max-age=864000, must-revalidate Connection close Accept-Ranges none Content-Length 1637 Expires Sat, 11 Sep 2021 18:35:37 GMT
GET H/1.1	200 OK	timthumb.php beyondhallyu.com/wp-content/themes/100vjet/inc/scripts/ Frame F1E2	2 KB 2 KB	371ms 313ms	Image image/jpeg	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Show image Full URL http://beyondhallyu.com/wp-content/themes/100vjet/inc/scripts/timthumb.php?src=http://beyondhallyu.com/wp-content/uploads/2013/06/marry-a-korean.jpg&w=50&h=50&zc=0 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash 8735e81c250c3941811564c4859f02bafc0b4a068347dec736f32bea0c08bc8a Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15; __utma=229246991.964598173.1630521337.1630521337.1630521337.1; __utmc=229246991; __utmz=229246991.1630521337.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=229246991.2.10.1630521337 Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:37 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Wed, 01 Sep 2021 18:35:37 GMT Server Apache X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type image/jpeg Cache-Control max-age=864000, must-revalidate Connection close Accept-Ranges none Content-Length 1831 Expires Sat, 11 Sep 2021 18:35:37 GMT
GET H/1.1	200 OK	timthumb.php beyondhallyu.com/wp-content/themes/100vjet/inc/scripts/ Frame F1E2	2 KB 2 KB	309ms 252ms	Image image/jpeg	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Show image Full URL http://beyondhallyu.com/wp-content/themes/100vjet/inc/scripts/timthumb.php?src=http://beyondhallyu.com/wp-content/uploads/2016/03/12821464_1022594264474073_8415305118945427516_n-600x222.jpg&w=50&h=50&zc=0 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash faf738a51ddbb940e803c91ebefd9e35db8991df42e7db66dbdedb8498c2d58f Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15; __utma=229246991.964598173.1630521337.1630521337.1630521337.1; __utmc=229246991; __utmz=229246991.1630521337.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=229246991.2.10.1630521337 Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:37 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Wed, 01 Sep 2021 18:35:37 GMT Server Apache X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type image/jpeg Cache-Control max-age=864000, must-revalidate Connection close Accept-Ranges none Content-Length 1974 Expires Sat, 11 Sep 2021 18:35:37 GMT
GET H/1.1	200 OK	timthumb.php beyondhallyu.com/wp-content/themes/100vjet/inc/scripts/ Frame F1E2	2 KB 2 KB	302ms 244ms	Image image/jpeg	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Show image Full URL http://beyondhallyu.com/wp-content/themes/100vjet/inc/scripts/timthumb.php?src=http://beyondhallyu.com/wp-content/uploads/2014/03/cl-mtbd.jpg&w=50&h=50&zc=0 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash 4789fba8190907b0878b217e46ee3e9c129c6859b8653304efa8cb24e496e571 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15; __utma=229246991.964598173.1630521337.1630521337.1630521337.1; __utmc=229246991; __utmz=229246991.1630521337.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=229246991.2.10.1630521337 Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:37 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Wed, 01 Sep 2021 18:35:37 GMT Server Apache X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type image/jpeg Cache-Control max-age=864000, must-revalidate Connection close Accept-Ranges none Content-Length 2033 Expires Sat, 11 Sep 2021 18:35:37 GMT
GET H/1.1	200 OK	timthumb.php beyondhallyu.com/wp-content/themes/100vjet/inc/scripts/ Frame F1E2	2 KB 3 KB	310ms 253ms	Image image/jpeg	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Show image Full URL http://beyondhallyu.com/wp-content/themes/100vjet/inc/scripts/timthumb.php?src=http://beyondhallyu.com/wp-content/uploads/2013/05/imagesCATJFULQ.jpg&w=50&h=50&zc=0 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash 136ac1d55d4c72d4c6146c940fabf9b9fc38bd236a16ceab492a866c1f606095 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15; __utma=229246991.964598173.1630521337.1630521337.1630521337.1; __utmc=229246991; __utmz=229246991.1630521337.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=229246991.2.10.1630521337 Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:37 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Wed, 01 Sep 2021 18:35:37 GMT Server Apache X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type image/jpeg Cache-Control max-age=864000, must-revalidate Connection close Accept-Ranges none Content-Length 2289 Expires Sat, 11 Sep 2021 18:35:37 GMT
GET H/1.1	200 OK	timthumb.php beyondhallyu.com/wp-content/themes/100vjet/inc/scripts/ Frame F1E2	2 KB 3 KB	279ms 217ms	Image image/jpeg	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Show image Full URL http://beyondhallyu.com/wp-content/themes/100vjet/inc/scripts/timthumb.php?src=http://beyondhallyu.com/wp-content/uploads/2015/06/kcqf.jpg&w=50&h=50&zc=0 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash 4f880999631ae1585422e9d5c0c9ef3959701374c7447e61e2455ca4dea19711 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15; __utma=229246991.964598173.1630521337.1630521337.1630521337.1; __utmc=229246991; __utmz=229246991.1630521337.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=229246991.2.10.1630521337 Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:37 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Wed, 01 Sep 2021 18:35:37 GMT Server Apache X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type image/jpeg Cache-Control max-age=864000, must-revalidate Connection close Accept-Ranges none Content-Length 2242 Expires Sat, 11 Sep 2021 18:35:37 GMT
GET H/1.1	200 OK	timthumb.php beyondhallyu.com/wp-content/themes/100vjet/inc/scripts/ Frame F1E2	2 KB 2 KB	189ms 131ms	Image image/jpeg	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Show image Full URL http://beyondhallyu.com/wp-content/themes/100vjet/inc/scripts/timthumb.php?src=http://beyondhallyu.com/wp-content/uploads/2017/10/romeo-kid-600x302.jpg&w=50&h=50&zc=1 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash 5c644c8d86176407f54c6c99882c586aa7a9071ad88b655428b46eb2b78f55e3 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15; __utma=229246991.964598173.1630521337.1630521337.1630521337.1; __utmc=229246991; __utmz=229246991.1630521337.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=229246991.2.10.1630521337; __gads=ID=c11f03f9c064c89f-22411f716bca009a:T=1630521337:RT=1630521337:S=ALNI_MbSmn4XwolIrdLEYTp_IjAyFnXzAQ Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:38 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Wed, 01 Sep 2021 18:35:38 GMT Server Apache X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type image/jpeg Cache-Control max-age=864000, must-revalidate Connection close Accept-Ranges none Content-Length 2037 Expires Sat, 11 Sep 2021 18:35:38 GMT
GET H/1.1	200 OK	timthumb.php beyondhallyu.com/wp-content/themes/100vjet/inc/scripts/ Frame F1E2	2 KB 2 KB	226ms 167ms	Image image/jpeg	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Show image Full URL http://beyondhallyu.com/wp-content/themes/100vjet/inc/scripts/timthumb.php?src=http://beyondhallyu.com/wp-content/uploads/2017/09/zandari-bh-600x278.jpg&w=50&h=50&zc=1 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash 1eb65f481b5e94fb924ee116d51254858e8dcaba8a9ace3fb81ce2e5009b5fa2 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15; __utma=229246991.964598173.1630521337.1630521337.1630521337.1; __utmc=229246991; __utmz=229246991.1630521337.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=229246991.2.10.1630521337; __gads=ID=c11f03f9c064c89f-22411f716bca009a:T=1630521337:RT=1630521337:S=ALNI_MbSmn4XwolIrdLEYTp_IjAyFnXzAQ Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:38 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Wed, 01 Sep 2021 18:35:38 GMT Server Apache X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type image/jpeg Cache-Control max-age=864000, must-revalidate Connection close Accept-Ranges none Content-Length 2127 Expires Sat, 11 Sep 2021 18:35:38 GMT
GET H/1.1	200 OK	timthumb.php beyondhallyu.com/wp-content/themes/100vjet/inc/scripts/ Frame F1E2	2 KB 3 KB	230ms 173ms	Image image/jpeg	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Show image Full URL http://beyondhallyu.com/wp-content/themes/100vjet/inc/scripts/timthumb.php?src=http://beyondhallyu.com/wp-content/uploads/2017/09/red-velvet-600x255.jpg&w=50&h=50&zc=1 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash cafc971a2f703442107535caf62260fa18e821ebab19ca6c282183334c7fd82b Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15; __utma=229246991.964598173.1630521337.1630521337.1630521337.1; __utmc=229246991; __utmz=229246991.1630521337.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=229246991.2.10.1630521337; __gads=ID=c11f03f9c064c89f-22411f716bca009a:T=1630521337:RT=1630521337:S=ALNI_MbSmn4XwolIrdLEYTp_IjAyFnXzAQ Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:38 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Wed, 01 Sep 2021 18:35:38 GMT Server Apache X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type image/jpeg Cache-Control max-age=864000, must-revalidate Connection close Accept-Ranges none Content-Length 2238 Expires Sat, 11 Sep 2021 18:35:38 GMT
GET H/1.1	200 OK	timthumb.php beyondhallyu.com/wp-content/themes/100vjet/inc/scripts/ Frame F1E2	2 KB 2 KB	188ms 131ms	Image image/jpeg	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Show image Full URL http://beyondhallyu.com/wp-content/themes/100vjet/inc/scripts/timthumb.php?src=http://beyondhallyu.com/wp-content/uploads/2017/06/ef86a6a6bd8fa71940c959d5bca793f530e12170_hq-600x372.jpg&w=50&h=50&zc=1 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash 7c7c9fadab170490fbf9d1d3dad923098baea2a144f84aa9833c72fb3587aa54 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15; __utma=229246991.964598173.1630521337.1630521337.1630521337.1; __utmc=229246991; __utmz=229246991.1630521337.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=229246991.2.10.1630521337; __gads=ID=c11f03f9c064c89f-22411f716bca009a:T=1630521337:RT=1630521337:S=ALNI_MbSmn4XwolIrdLEYTp_IjAyFnXzAQ Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:38 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Wed, 01 Sep 2021 18:35:38 GMT Server Apache X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type image/jpeg Cache-Control max-age=864000, must-revalidate Connection close Accept-Ranges none Content-Length 1832 Expires Sat, 11 Sep 2021 18:35:38 GMT
GET H/1.1	200 OK	timthumb.php beyondhallyu.com/wp-content/themes/100vjet/inc/scripts/ Frame F1E2	2 KB 3 KB	1233ms 161ms	Image image/jpeg	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Show image Full URL http://beyondhallyu.com/wp-content/themes/100vjet/inc/scripts/timthumb.php?src=http://beyondhallyu.com/wp-content/uploads/2017/06/1491278688_4-600x364.jpg&w=50&h=50&zc=1 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash 51f1d4901fb4e7d4a4cb2a8f3a0a64d3e65a40b92a66b985db06191b95b73304 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15; __utma=229246991.964598173.1630521337.1630521337.1630521337.1; __utmc=229246991; __utmz=229246991.1630521337.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=229246991.2.10.1630521337; __gads=ID=c11f03f9c064c89f-22411f716bca009a:T=1630521337:RT=1630521337:S=ALNI_MbSmn4XwolIrdLEYTp_IjAyFnXzAQ Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:39 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Wed, 01 Sep 2021 18:35:39 GMT Server Apache X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type image/jpeg Cache-Control max-age=864000, must-revalidate Connection close Accept-Ranges none Content-Length 2231 Expires Sat, 11 Sep 2021 18:35:39 GMT
GET H/1.1	200 OK	timthumb.php beyondhallyu.com/wp-content/themes/100vjet/inc/scripts/ Frame F1E2	2 KB 3 KB	1260ms 173ms	Image image/jpeg	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Show image Full URL http://beyondhallyu.com/wp-content/themes/100vjet/inc/scripts/timthumb.php?src=http://beyondhallyu.com/wp-content/uploads/2017/05/bts-bbmas-600x399.jpg&w=50&h=50&zc=1 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash 6821b7d6bffe9afa5aab423a50db724c0b3d1bad8ec4ad6d5a36c5d104f18905 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15; __utma=229246991.964598173.1630521337.1630521337.1630521337.1; __utmc=229246991; __utmz=229246991.1630521337.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=229246991.2.10.1630521337; __gads=ID=c11f03f9c064c89f-22411f716bca009a:T=1630521337:RT=1630521337:S=ALNI_MbSmn4XwolIrdLEYTp_IjAyFnXzAQ Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:39 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Wed, 01 Sep 2021 18:35:39 GMT Server Apache X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type image/jpeg Cache-Control max-age=864000, must-revalidate Connection close Accept-Ranges none Content-Length 2343 Expires Sat, 11 Sep 2021 18:35:39 GMT
GET H/1.1	200 OK	fa53639fb65671789dae3975dc2037ed 0.gravatar.com/avatar/ Frame F1E2	1 KB 2 KB	13ms 5ms	Image image/jpeg	2a04:fa87:fffe::c000:4902 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL http://0.gravatar.com/avatar/fa53639fb65671789dae3975dc2037ed?s=50&d=mm&r=g Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 707a3f9a6fc5e63cd997c2e751a08e36caf4441e65b351b86c5de65fd832f063 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers X-nc HIT hhn 2 Date Wed, 01 Sep 2021 18:35:37 GMT Last-Modified Wed, 11 Jan 1984 08:00:00 GMT Server nginx Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=300 Content-Disposition inline; filename="fa53639fb65671789dae3975dc2037ed.png" Connection keep-alive Accept-Ranges bytes Link <https://www.gravatar.com/avatar/fa53639fb65671789dae3975dc2037ed?s=50&d=mm&r=g>; rel="canonical" Content-Length 1128 Expires Wed, 01 Sep 2021 18:40:37 GMT
GET H/1.1	200 OK	01cc3a3a74a349581cd2a8a8e85f5465 0.gravatar.com/avatar/ Frame F1E2	1 KB 2 KB	14ms 5ms	Image image/jpeg	2a04:fa87:fffe::c000:4902 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL http://0.gravatar.com/avatar/01cc3a3a74a349581cd2a8a8e85f5465?s=50&d=mm&r=g Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 707a3f9a6fc5e63cd997c2e751a08e36caf4441e65b351b86c5de65fd832f063 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers X-nc HIT hhn 1 Date Wed, 01 Sep 2021 18:35:37 GMT Last-Modified Wed, 11 Jan 1984 08:00:00 GMT Server nginx Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=300 Content-Disposition inline; filename="01cc3a3a74a349581cd2a8a8e85f5465.png" Connection keep-alive Accept-Ranges bytes Link <https://www.gravatar.com/avatar/01cc3a3a74a349581cd2a8a8e85f5465?s=50&d=mm&r=g>; rel="canonical" Content-Length 1128 Expires Wed, 01 Sep 2021 18:40:37 GMT
GET H/1.1	200 OK	e261d895225853ab3f081d49c62c4c67 2.gravatar.com/avatar/ Frame F1E2	1 KB 2 KB	13ms 5ms	Image image/jpeg	2a04:fa87:fffe::c000:4902 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL http://2.gravatar.com/avatar/e261d895225853ab3f081d49c62c4c67?s=50&d=mm&r=g Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 707a3f9a6fc5e63cd997c2e751a08e36caf4441e65b351b86c5de65fd832f063 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers X-nc HIT hhn 2 Date Wed, 01 Sep 2021 18:35:37 GMT Last-Modified Wed, 11 Jan 1984 08:00:00 GMT Server nginx Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=300 Content-Disposition inline; filename="e261d895225853ab3f081d49c62c4c67.png" Connection keep-alive Accept-Ranges bytes Link <https://www.gravatar.com/avatar/e261d895225853ab3f081d49c62c4c67?s=50&d=mm&r=g>; rel="canonical" Content-Length 1128 Expires Wed, 01 Sep 2021 18:40:37 GMT
GET H/1.1	200 OK	65439aa7b9e63bcc20a0f58bd2e46e75 0.gravatar.com/avatar/ Frame F1E2	1 KB 2 KB	7ms 5ms	Image image/jpeg	2a04:fa87:fffe::c000:4902 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL http://0.gravatar.com/avatar/65439aa7b9e63bcc20a0f58bd2e46e75?s=50&d=mm&r=g Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash ec626d1355ef5d84689c88b2ec9e383fa16b0be9c068fe5fc913be061542edbc Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers X-nc HIT hhn 1 Date Wed, 01 Sep 2021 18:35:37 GMT Last-Modified Wed, 11 Jan 1984 08:00:00 GMT Server nginx Content-Type image/jpeg Access-Control-Allow-Origin * Cache-Control max-age=300 Content-Disposition inline; filename="65439aa7b9e63bcc20a0f58bd2e46e75.png" Connection keep-alive Accept-Ranges bytes Link <https://www.gravatar.com/avatar/65439aa7b9e63bcc20a0f58bd2e46e75?s=50&d=mm&r=g>; rel="canonical" Content-Length 1128 Expires Wed, 01 Sep 2021 18:40:37 GMT
GET H/1.1	200 OK	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/ Frame F1E2	138 KB 49 KB	26ms 25ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 70a38f2e7d81101cf8235af3190406a28616b0256efa0ddf1c89f5b064388ef5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Timing-Allow-Origin * Date Wed, 01 Sep 2021 18:35:37 GMT Content-Encoding gzip X-Content-Type-Options nosniff Server cafe ETag 14118485721371278087 Vary Accept-Encoding, Origin P3P policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control private, max-age=3600 Cross-Origin-Resource-Policy cross-origin Content-Disposition attachment; filename="f.txt" Content-Type text/javascript; charset=UTF-8 Content-Length 49569 X-XSS-Protection 0 Expires Wed, 01 Sep 2021 18:35:37 GMT
GET H/1.1	200 OK	fitvids.min.js Show response beyondhallyu.com/wp-content/plugins/youtube-embed-plus/scripts/ Frame F1E2	2 KB 2 KB	125ms 64ms	Script application/javascript	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Full URL http://beyondhallyu.com/wp-content/plugins/youtube-embed-plus/scripts/fitvids.min.js?ver=4.2.30 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash 50f8403c635a7dc867309e2147fd197fff95a3a1a57d0a9d4bdb762c5821c027 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept */* Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15 Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:37 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Fri, 26 Dec 2014 17:05:57 GMT Server Apache ETag "e33de0c-836-50b2189d5e3cb" X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 2102
GET H/1.1	200 OK	devicepx-jetpack.js Show response s0.wp.com/wp-content/js/ Frame F1E2	10 KB 4 KB	92ms 45ms	Script application/javascript	192.0.77.32 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL http://s0.wp.com/wp-content/js/devicepx-jetpack.js?ver=202135 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 192.0.77.32 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS wordpress.com Software nginx / Resource Hash f32d41f2099a0be20e6b57c5e0d1b71c079d3e1345827b0f5c5b97c6e5e3f78d Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers X-nc HIT hhn 1 Date Wed, 01 Sep 2021 18:35:37 GMT Content-Encoding gzip Server nginx Connection keep-alive Etag W/"5c066eb1-52b6" Vary Accept-Encoding Access-Control-Allow-Methods GET, HEAD Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=31536000 Transfer-Encoding chunked X-ac 2.hhn _dca Timing-Allow-Origin * Expires Mon, 29 Aug 2022 09:29:48 GMT
GET H/1.1	200 OK	gprofiles.js Show response s.gravatar.com/js/ Frame F1E2	23 KB 8 KB	11ms 5ms	Script application/javascript	2a04:fa87:fffe::c000:4902 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL http://s.gravatar.com/js/gprofiles.js?ver=2021Sepaa Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 3742b8f2006b7a23df3252c615bb113e94f77729ac9cc4b021e35517285cf0c2 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:37 GMT Content-Encoding gzip Last-Modified Thu, 02 Apr 2020 15:50:36 GMT Server nginx ETag W/"5e8609cc-5dea" Transfer-Encoding chunked Content-Type application/javascript Cache-Control max-age=604800 Connection keep-alive Expires Wed, 08 Sep 2021 18:35:37 GMT
GET H/1.1	200 OK	wpgroho.js Show response beyondhallyu.com/wp-content/plugins/jetpack/modules/ Frame F1E2	959 B 1 KB	128ms 67ms	Script application/javascript	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Full URL http://beyondhallyu.com/wp-content/plugins/jetpack/modules/wpgroho.js?ver=4.2.30 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash badb3bbd6640d015f0a43d4421b020123e45c993fcb50623da7cc21728b6dad3 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept */* Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15 Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:37 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Thu, 03 Jun 2021 18:07:31 GMT Server Apache ETag "23902dae-3bf-5c3e072e72cd7" X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 959
GET H/1.1	200 OK	jquery.flexslider.js Show response beyondhallyu.com/wp-content/themes/100vjet/js/ Frame F1E2	39 KB 40 KB	120ms 60ms	Script application/javascript	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Full URL http://beyondhallyu.com/wp-content/themes/100vjet/js/jquery.flexslider.js?ver=4.2.30 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash ced3ff44a537929fce4a8c82a8840a0821ed35d0804675dab924ba32f636253a Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept */* Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15 Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:37 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Sat, 20 Apr 2013 13:00:50 GMT Server Apache ETag "11c69a6-9ced-4daca6ccbbbc0" X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 40173
GET H/1.1	200 OK	jquery.superfish.js Show response beyondhallyu.com/wp-content/themes/100vjet/js/ Frame F1E2	4 KB 4 KB	110ms 57ms	Script application/javascript	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Full URL http://beyondhallyu.com/wp-content/themes/100vjet/js/jquery.superfish.js?ver=4.2.30 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash c82b0c909dfef662549f665d0f37ed66d14a8d37bdcdbeb30c27abd24afc3657 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept */* Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15 Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:37 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Sat, 20 Apr 2013 13:00:51 GMT Server Apache ETag "11c69af-e81-4daca6cd6e9e4" X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 3713
GET H/1.1	200 OK	jquery.selectbox.min.js Show response beyondhallyu.com/wp-content/themes/100vjet/js/ Frame F1E2	9 KB 9 KB	115ms 57ms	Script application/javascript	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Full URL http://beyondhallyu.com/wp-content/themes/100vjet/js/jquery.selectbox.min.js?ver=4.2.30 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash 91d6157d0e51f7705acc396d5032e439d1dffaeeef652b91127f7690e35b4399 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept */* Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15 Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:37 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Sat, 20 Apr 2013 13:00:51 GMT Server Apache ETag "11c69ae-2440-4daca6cd5b0a4" X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 9280
GET H/1.1	200 OK	jquery.masonry.min.js Show response beyondhallyu.com/wp-content/themes/100vjet/js/ Frame F1E2	5 KB 6 KB	122ms 59ms	Script application/javascript	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Full URL http://beyondhallyu.com/wp-content/themes/100vjet/js/jquery.masonry.min.js?ver=4.2.30 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash 29da76d03b5dda810d85f59ee4fe4dd835375819e5d0776576276264f473d948 Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept */* Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15 Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:37 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Sat, 20 Apr 2013 13:00:50 GMT Server Apache ETag "11c69aa-155b-4daca6ccf15ca" X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 5467
GET H/1.1	200 OK	jquery.fancybox.js Show response beyondhallyu.com/wp-content/themes/100vjet/js/ Frame F1E2	33 KB 34 KB	123ms 61ms	Script application/javascript	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Full URL http://beyondhallyu.com/wp-content/themes/100vjet/js/jquery.fancybox.js?ver=4.2.30 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash 129b5f9f7c25ecb0a1cdc3ae69caf7133cc79f6454840a91fd79a55fc61b59ba Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept */* Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15 Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:37 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Sat, 20 Apr 2013 13:00:50 GMT Server Apache ETag "11c69a4-84f1-4daca6ccbeec3" X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 34033
GET H/1.1	200 OK	jquery.jcarousel.min.js Show response beyondhallyu.com/wp-content/themes/100vjet/js/ Frame F1E2	15 KB 16 KB	128ms 64ms	Script application/javascript	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Full URL http://beyondhallyu.com/wp-content/themes/100vjet/js/jquery.jcarousel.min.js?ver=4.2.30 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash 57188db6b78f3bc778063fdc1285fbca0a26e15f23db1e2e22dfa05cce03c06a Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept */* Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15 Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:37 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Sat, 20 Apr 2013 13:00:50 GMT Server Apache ETag "11c69a8-3d22-4daca6ccdd3f5" X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 15650
GET H/1.1	200 OK	script.js Show response beyondhallyu.com/wp-content/themes/100vjet/js/ Frame F1E2	9 KB 10 KB	118ms 61ms	Script application/javascript	185.119.173.134 UKWEB-EQX
General Check archive.org Show headers Download Go to Full URL http://beyondhallyu.com/wp-content/themes/100vjet/js/script.js?ver=4.2.30 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 185.119.173.134 Slough, United Kingdom, ASN198047 (UKWEB-EQX, DE), Reverse DNS Software Apache / Resource Hash 9b3c0bc5c67017fe2ef242045e5cf0176c690e6a4e1cd41529c14fdd3813722e Request headers Pragma no-cache Accept-Encoding gzip, deflate Host beyondhallyu.com Accept-Language en-US User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept */* Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Cookie DYNSRV=lin-10-170-0-15; __utma=229246991.964598173.1630521337.1630521337.1630521337.1; __utmc=229246991; __utmz=229246991.1630521337.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=229246991.2.10.1630521337 Connection keep-alive Cache-Control no-cache Referer http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:37 GMT X-Cache-Lookup MISS from lin-10-170-0-15.gridhost.co.uk:3128 Last-Modified Sat, 20 Apr 2013 13:00:51 GMT Server Apache ETag "11c69b0-2593-4daca6cd8cabf" X-Cache MISS from lin-10-170-0-15.gridhost.co.uk Content-Type application/javascript Connection close Accept-Ranges bytes Content-Length 9619
GET H/1.1	200 OK	e-202135.js Show response stats.wp.com/ Frame F1E2	9 KB 3 KB	94ms 45ms	Script application/javascript	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL http://stats.wp.com/e-202135.js Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers X-nc HIT hhn Date Wed, 01 Sep 2021 18:35:37 GMT Content-Encoding gzip Server nginx Etag W/"5c6340e3-350a" Vary Accept-Encoding Access-Control-Allow-Methods GET, HEAD Content-Type application/javascript Access-Control-Allow-Origin * Cache-Control max-age=31536000 Transfer-Encoding chunked Connection keep-alive Expires Sun, 21 Aug 2022 23:08:08 GMT
GET H/1.1	200 OK	ga.js Show response www.google-analytics.com/ Frame F1E2	45 KB 17 KB	12ms 6ms	Script text/javascript	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL http://www.google-analytics.com/ga.js Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Strict-Transport-Security max-age=10886400; includeSubDomains; preload Content-Encoding gzip X-Content-Type-Options nosniff Last-Modified Wed, 11 Aug 2021 00:32:57 GMT Server Golfe2 Age 2625 Date Wed, 01 Sep 2021 17:51:52 GMT Vary Accept-Encoding Content-Type text/javascript Cache-Control public, max-age=7200 Cross-Origin-Resource-Policy cross-origin Content-Length 17168 Expires Wed, 01 Sep 2021 19:51:52 GMT
GET H2	200	iframe_api Show response www.youtube.com/ Frame F1E2 Redirect Chain http://www.youtube.com/iframe_api https://www.youtube.com/iframe_api	980 B 1 KB	22ms 21ms	Script text/javascript	2a00:1450:4001:803::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/iframe_api Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 40841a8dc7def7f4b4d244c9c2a6b8a12bdea81cc5b2aa3afa277011d52cb998 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:37 GMT content-encoding br x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info." cache-control private, max-age=0 permissions-policy ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=* cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000 content-type text/javascript; charset=utf-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 server ESF expires Wed, 01 Sep 2021 18:35:37 GMT Redirect headers Pragma no-cache Date Wed, 01 Sep 2021 18:35:37 GMT X-Content-Type-Options nosniff Server ESF X-Frame-Options SAMEORIGIN Content-Type application/binary Location https://www.youtube.com/iframe_api Cache-Control no-cache, no-store, max-age=0, must-revalidate Content-Length 0 X-XSS-Protection 0 Expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/ Frame F1E2	250 KB 93 KB	33ms 33ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4298256310626779&plah=beyondhallyu.com Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/show_ads.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 789f22b18f4888fd4abfde82c10d9436d2ba5f7aa1107b0203ba386c688493cd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:37 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 95226 x-xss-protection 0 server cafe etag 17201458395757084847 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Wed, 01 Sep 2021 18:35:37 GMT
GET H3-29	200	likebox.php Show response www.facebook.com/plugins/ Frame 1714 Redirect Chain http://www.facebook.com/plugins/likebox.php?href=http://facebook.com/beyondhallyu&width=285&%20%20%20%20colorscheme=light&show_faces=true&border_color&stream=false&header=false&%20%20%20%20height=258 https://www.facebook.com/plugins/likebox.php?href=http://facebook.com/beyondhallyu&width=285&%20%20%20%20colorscheme=light&show_faces=true&border_color&stream=false&header=false&%20%20%20%20height=258	15 KB 6 KB	117ms 117ms	Document text/html	2a03:2880:f11c:8083:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://www.facebook.com/plugins/likebox.php?href=http://facebook.com/beyondhallyu&width=285&%20%20%20%20colorscheme=light&show_faces=true&border_color&stream=false&header=false&%20%20%20%20height=258 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 980df641033aa18dfd1a0d98c8c2479ad6c0b71850b87fbab5b4c0efc1a87a27 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.facebook.com :scheme https :path /plugins/likebox.php?href=http://facebook.com/beyondhallyu&width=285&%20%20%20%20colorscheme=light&show_faces=true&border_color&stream=false&header=false&%20%20%20%20height=258 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://beyondhallyu.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer http://beyondhallyu.com/ Response headers vary Accept-Encoding content-encoding br x-fb-rlafr 0 cross-origin-opener-policy unsafe-none pragma no-cache cache-control private, no-cache, no-store, must-revalidate expires Sat, 01 Jan 2000 00:00:00 GMT x-content-type-options nosniff x-xss-protection 0 content-security-policy-report-only default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbxbs.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info *.atdmt.com blob: android-webview-video-poster:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com *.atdmt.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?minimize=0; content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; strict-transport-security max-age=15552000; preload content-type text/html; charset="utf-8" x-fb-debug GN4vb2h8NtGfLP4A6KgMXrPfjElJSBMNUbapf9a2xOrD0mXr0XSxJPC88g+b+Q/KK5jFVRkqr7HHHOwDfwIO7Q== date Wed, 01 Sep 2021 18:35:37 GMT priority u=3,i alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 Redirect headers Location https://www.facebook.com/plugins/likebox.php?href=http://facebook.com/beyondhallyu&width=285&%20%20%20%20colorscheme=light&show_faces=true&border_color&stream=false&header=false&%20%20%20%20height=258 Non-Authoritative-Reason HSTS
GET H/1.1	200 OK	widgets.js Show response platform.twitter.com/ Frame F1E2	96 KB 29 KB	14ms 6ms	Script application/javascript	2606:2800:234:59:254c:406:2366:268c EDGECAST
General Check archive.org Show headers Download Go to Full URL http://platform.twitter.com/widgets.js Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67C1) / Resource Hash 8db61f95a8f3554830efc6c3942b7322efef09b9d7f0cbfe32135e0fac106d18 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:37 GMT Content-Encoding gzip Last-Modified Mon, 02 Aug 2021 20:34:57 GMT Server ECS (frb/67C1) Age 1351 Etag "d405b816322f9770c70cbd10cfa87be4+gzip" Vary Accept-Encoding x-tw-cdn VZ P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin * Cache-Control public, max-age=1800 X-Cache HIT Access-Control-Allow-Methods GET Content-Type application/javascript; charset=utf-8 Content-Length 28872
GET H/1.1	200 OK	count.js Show response beyondhallyu.disqus.com/ Frame F1E2 Redirect Chain http://beyondhallyu.disqus.com/count.js https://beyondhallyu.disqus.com/count.js	1 KB 1 KB	156ms 50ms	Script application/javascript	199.232.196.134 FASTLY
General Check archive.org Show headers Download Go to Full URL https://beyondhallyu.disqus.com/count.js Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 199.232.196.134 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 3487ef2baf0c08ba660a8a143cdeb8ebeec961eea04bccd7c49096b4eb26b875 Security Headers Name Value Strict-Transport-Security max-age=300; includeSubdomains X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:37 GMT Content-Encoding gzip X-Content-Type-Options nosniff Age 138 Connection keep-alive Vary Accept-Encoding Content-Length 871 X-XSS-Protection 1; mode=block Last-Modified Mon, 30 Aug 2021 19:44:50 GMT Server nginx ETag "612d3532-367" Strict-Transport-Security max-age=300; includeSubdomains Content-Type application/javascript; charset=utf-8 Cache-Control public, max-age=300 X-Amz-Cf-Pop DFW55-C3 Link <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect X-Amz-Cf-Id ZiQ9bU3rZaQq42N10OeifXYiJtLvqmvXuJaRNfv_GQFmrJVh4b1hmA== Redirect headers Date Wed, 01 Sep 2021 18:35:37 GMT Server Varnish Strict-Transport-Security max-age=300; includeSubdomains Content-Type text/html Location https://beyondhallyu.disqus.com/count.js Cache-Control public, max-age=31536000 Connection close Link <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect Content-Length 219
GET H2	200	__utm.gif ssl.google-analytics.com/r/ Frame F1E2	35 B 197 B	15ms 14ms	Image image/gif	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=279490088&utmhn=beyondhallyu.com&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Page%20Not%20Found%20-%20Beyond%20HallyuBeyond%20Hallyu&utmhid=2038953934&utmr=0&utmp=%2F404.html%3Fpage%3D%2Fgamest%2FHomeLogin%2Ffiles%2Fiframe.html%26from%3Dhttp%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&utmht=1630521337507&utmac=UA-39575666-1&utmcc=__utma%3D229246991.964598173.1630521337.1630521337.1630521337.1%3B%2B__utmz%3D229246991.1630521337.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2099185262&utmredir=1&utmu=qACAAAAAAAAAAAAAAAAAgAAE~ Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:37 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	__utm.gif ssl.google-analytics.com/ Frame F1E2	35 B 119 B	7ms 6ms	Image image/gif	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ssl.google-analytics.com/__utm.gif?utmwv=5.7.2&utms=2&utmn=1170637392&utmhn=beyondhallyu.com&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Page%20Not%20Found%20-%20Beyond%20HallyuBeyond%20Hallyu&utmhid=2038953934&utmr=0&utmp=%2Fgamest%2FHomeLogin%2Ffiles%2Fiframe.html&utmht=1630521337512&utmac=UA-39575666-1&utmcc=__utma%3D229246991.964598173.1630521337.1630521337.1630521337.1%3B%2B__utmz%3D229246991.1630521337.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmu=qACAAAAAAAAAAAAAAAAAgAAE~ Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 10:35:35 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 28802 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20210830/r20190131/ Frame 5085	10 KB 5 KB	6ms 5ms	Document text/html	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20210830/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bf5230ffb8745d28c11ae8b743868364f9be8379300bd59d235f402a53ea96ee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/html/r20210830/r20190131/zrt_lookup.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://beyondhallyu.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUkE373Op23Qgy3fZJdxY3QKmDciS7DkQbiffcPO-2gwc0qHVJnnhql1COSwE5E Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer http://beyondhallyu.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Tue, 31 Aug 2021 23:25:20 GMT expires Tue, 14 Sep 2021 23:25:20 GMT content-type text/html; charset=UTF-8 etag 13836150016441684253 x-content-type-options nosniff content-encoding gzip server cafe content-length 4591 x-xss-protection 0 age 69017 cache-control public, max-age=1209600 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	www-widgetapi.js Show response www.youtube.com/s/player/c29c59cf/www-widgetapi.vflset/ Frame F1E2	126 KB 42 KB	15ms 14ms	Script text/javascript	2a00:1450:4001:800::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.youtube.com/s/player/c29c59cf/www-widgetapi.vflset/www-widgetapi.js Requested by Host: www.youtube.com URL: http://www.youtube.com/iframe_api Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 2cb0e21586aab89dedae3cdcff8594ef93fc266f980908b986c25de72790655e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:21:32 GMT content-encoding br x-content-type-options nosniff last-modified Mon, 30 Aug 2021 00:16:12 GMT server sffe age 845 vary Accept-Encoding, Origin content-type text/javascript cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42890 x-xss-protection 0 expires Thu, 01 Sep 2022 18:21:32 GMT
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/ Frame F1E2	206 B 319 B	68ms 65ms	Script text/javascript	142.250.185.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=beyondhallyu.com&callback=_gfp_s_&client=ca-pub-4298256310626779 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4298256310626779&plah=beyondhallyu.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s50-in-f2.1e100.net Software cafe / Resource Hash 5dc9dee460286316cb3d5e9e7e2391ba947662c2d1a7806550ae7bf4fc63fe71 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:37 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 195 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/ Frame F1E2	107 B 853 B	36ms 17ms	Script application/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=beyondhallyu.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4298256310626779&plah=beyondhallyu.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * date Wed, 01 Sep 2021 18:35:37 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/ Frame F1E2	107 B 165 B	16ms 16ms	Script application/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=beyondhallyu.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4298256310626779&plah=beyondhallyu.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * date Wed, 01 Sep 2021 18:35:37 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 3FB6	22 KB 10 KB	208ms 206ms	Document text/html	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=90&slotname=7930526934&adk=413893370&adf=201417130&pi=t.ma~as.7930526934&w=728&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337464&bpp=14&bdt=909&idt=137&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&correlator=2565102853045&frm=23&ife=1&pv=2&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=1&uci=1.l2xod1kprll4&fsb=1&dtd=160 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4298256310626779&plah=beyondhallyu.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 68a30c9a193139dff8e8428919f558b8f954540efc9725199e02024704047e23 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-4298256310626779&output=html&h=90&slotname=7930526934&adk=413893370&adf=201417130&pi=t.ma~as.7930526934&w=728&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337464&bpp=14&bdt=909&idt=137&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&correlator=2565102853045&frm=23&ife=1&pv=2&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=1&uci=1.l2xod1kprll4&fsb=1&dtd=160 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://beyondhallyu.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUkE373Op23Qgy3fZJdxY3QKmDciS7DkQbiffcPO-2gwc0qHVJnnhql1COSwE5E Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer http://beyondhallyu.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Wed, 01 Sep 2021 18:35:37 GMT server cafe content-length 10403 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	osd.js Show response www.googletagservices.com/activeview/js/current/ Frame F1E2	72 KB 27 KB	17ms 16ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/osd.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4298256310626779&plah=beyondhallyu.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:37 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1630322975956640" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 27566 x-xss-protection 0 expires Wed, 01 Sep 2021 18:35:37 GMT
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 1B4F	26 KB 11 KB	161ms 160ms	Document text/html	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=2430570645&adk=54965667&adf=1240628421&pi=t.ma~as.2430570645&w=336&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337480&bpp=3&bdt=925&idt=190&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&prev_slotnames=7930526934&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=2&uci=2.nbg3nz4hv9tx&fsb=1&dtd=193 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4298256310626779&plah=beyondhallyu.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash fface45aa2ed928b6fb4f393c559b51e80aa67ac54254c2fd54c0254ef5f5596 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=2430570645&adk=54965667&adf=1240628421&pi=t.ma~as.2430570645&w=336&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337480&bpp=3&bdt=925&idt=190&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&prev_slotnames=7930526934&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=2&uci=2.nbg3nz4hv9tx&fsb=1&dtd=193 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://beyondhallyu.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUkE373Op23Qgy3fZJdxY3QKmDciS7DkQbiffcPO-2gwc0qHVJnnhql1COSwE5E Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer http://beyondhallyu.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Wed, 01 Sep 2021 18:35:37 GMT server cafe content-length 10983 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 3717	27 KB 11 KB	177ms 177ms	Document text/html	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=3296992132&adk=339086087&adf=3862441920&pi=t.ma~as.3296992132&w=336&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337489&bpp=4&bdt=933&idt=190&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&prev_slotnames=7930526934%2C2430570645&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=3&uci=3.t45v6dcto2ds&fsb=1&dtd=194 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4298256310626779&plah=beyondhallyu.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 94397076a0fc3a7301b5a1a288dce27b74aa623465cb6ba14f79950dd90cc761 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=3296992132&adk=339086087&adf=3862441920&pi=t.ma~as.3296992132&w=336&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337489&bpp=4&bdt=933&idt=190&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&prev_slotnames=7930526934%2C2430570645&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=3&uci=3.t45v6dcto2ds&fsb=1&dtd=194 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://beyondhallyu.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUkE373Op23Qgy3fZJdxY3QKmDciS7DkQbiffcPO-2gwc0qHVJnnhql1COSwE5E Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer http://beyondhallyu.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Wed, 01 Sep 2021 18:35:37 GMT server cafe content-length 11382 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H/1.1	200 OK	g.gif pixel.wp.com/ Frame F1E2	50 B 215 B	98ms 45ms	Image image/gif	192.0.76.3 AUTOMATTIC
General Check archive.org Show headers Download Go to Show image Full URL http://pixel.wp.com/g.gif?v=ext&j=1%3A3.3.5&blog=42295813&post=0&tz=1&host=beyondhallyu.com&ref=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&fcp=0&rand=0.4887376718182743 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Server 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:37 GMT Cache-Control no-cache Server nginx Connection keep-alive Content-Length 50 Content-Type image/gif
GET H/1.1	200 OK	hovercard.min.css s.gravatar.com/dist/css/ Frame F1E2	8 KB 2 KB	6ms 5ms	Stylesheet text/css	2a04:fa87:fffe::c000:4902 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL http://s.gravatar.com/dist/css/hovercard.min.css?ver=2021Sepaa Requested by Host: s.gravatar.com URL: http://s.gravatar.com/js/gprofiles.js?ver=2021Sepaa Protocol HTTP/1.1 Server 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash 1a0b51af7ff79f11c0a779bf478304fa451ac5587675952b8378b47f0a97504d Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:37 GMT Content-Encoding gzip Last-Modified Wed, 11 Nov 2020 15:57:10 GMT Server nginx ETag W/"5fac09d6-1e86" Transfer-Encoding chunked Content-Type text/css Cache-Control max-age=604800 Connection keep-alive Expires Wed, 08 Sep 2021 18:35:37 GMT
GET H/1.1	200 OK	services.min.css s.gravatar.com/dist/css/ Frame F1E2	3 KB 847 B	11ms 5ms	Stylesheet text/css	2a04:fa87:fffe::c000:4902 AUTOMATTIC
General Check archive.org Show headers Download Go to Full URL http://s.gravatar.com/dist/css/services.min.css?ver=2021Sepaa Requested by Host: s.gravatar.com URL: http://s.gravatar.com/js/gprofiles.js?ver=2021Sepaa Protocol HTTP/1.1 Server 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US), Reverse DNS Software nginx / Resource Hash e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:37 GMT Content-Encoding gzip Last-Modified Thu, 22 Mar 2018 09:46:04 GMT Server nginx ETag W/"5ab37b5c-a54" Transfer-Encoding chunked Content-Type text/css Cache-Control max-age=604800 Connection keep-alive Expires Wed, 08 Sep 2021 18:35:37 GMT
GET H/1.1	200 OK	widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html Show response platform.twitter.com/widgets/ Frame 77B7	319 KB 103 KB	28ms 7ms	Document text/html	2606:2800:234:59:254c:406:2366:268c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=http%3A%2F%2Fbeyondhallyu.com Requested by Host: platform.twitter.com URL: http://platform.twitter.com/widgets.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6752) / Resource Hash c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e Request headers Host platform.twitter.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer http://beyondhallyu.com/ Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer http://beyondhallyu.com/ Response headers Content-Encoding gzip Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Age 4348 Cache-Control public, max-age=315360000 Content-Type text/html; charset=utf-8 Date Wed, 01 Sep 2021 18:35:37 GMT Etag "8321d7cf58d70200c1423dfa0bca40f6+gzip" Last-Modified Mon, 02 Aug 2021 20:33:53 GMT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server ECS (frb/6752) Vary Accept-Encoding X-Cache HIT x-tw-cdn VZ Content-Length 105433
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame EE9D	22 KB 10 KB	129ms 128ms	Document text/html	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=600&slotname=4379944131&adk=2343737103&adf=2126892501&pi=t.ma~as.4379944131&w=300&psa=0&format=300x600&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337535&bpp=3&bdt=979&idt=182&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&prev_slotnames=7930526934%2C2430570645%2C3296992132&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=4&uci=4.zg2fhhonf77s&fsb=1&dtd=185 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4298256310626779&plah=beyondhallyu.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9f0910f322870db2ede129ff58cebf249fea1315dc0330485c182fb2bb2e14d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-4298256310626779&output=html&h=600&slotname=4379944131&adk=2343737103&adf=2126892501&pi=t.ma~as.4379944131&w=300&psa=0&format=300x600&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337535&bpp=3&bdt=979&idt=182&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&prev_slotnames=7930526934%2C2430570645%2C3296992132&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=4&uci=4.zg2fhhonf77s&fsb=1&dtd=185 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://beyondhallyu.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUkE373Op23Qgy3fZJdxY3QKmDciS7DkQbiffcPO-2gwc0qHVJnnhql1COSwE5E Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer http://beyondhallyu.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Wed, 01 Sep 2021 18:35:37 GMT server cafe content-length 10705 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	TDhHhJu_pRB.css static.xx.fbcdn.net/rsrc.php/v3/yR/l/1,cross/ Frame 1714	25 KB 6 KB	21ms 7ms	Stylesheet text/css	2a03:2880:f01c:8012:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://static.xx.fbcdn.net/rsrc.php/v3/yR/l/1,cross/TDhHhJu_pRB.css?_nc_x=Ij3Wp8lg5Kz Requested by Host: www.facebook.com URL: https://www.facebook.com/plugins/likebox.php?href=http://facebook.com/beyondhallyu&width=285&%20%20%20%20colorscheme=light&show_faces=true&border_color&stream=false&header=false&%20%20%20%20height=258 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 895214355627003020e65aea3eaf194e0b7c0a78f7c2f061a323ecdcb85f7e93 Security Headers Name Value X-Content-Type-Options nosniff Request headers Origin https://www.facebook.com Referer https://www.facebook.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:37 GMT content-encoding br x-content-type-options nosniff content-md5 kGcSW6KFGR9lEYKPESOkyg== content-security-policy-report-only default-src data: blob: 'self';script-src *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline';connect-src *.fbcdn.net attachment.fbsbx.com blob: 'self';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0; cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 5685 x-fb-rlafr 0 x-fb-debug LOJcsiNgrUNBQWOHktKlXbis9IhRjNFfBvpRQc6SyRbLOX5RyTIC82yL+AkqimEeT/+KG799CI4SMVLOPP92zg== x-fb-trip-id 686109401 last-modified Mon, 01 Jan 2001 08:00:00 GMT vary Origin content-type text/css; charset=utf-8 access-control-allow-origin https://www.facebook.com cache-control public,max-age=31536000,immutable timing-allow-origin * expires Thu, 01 Sep 2022 18:14:07 GMT
GET H3-29	200	integrator.js Show response adservice.google.de/adsid/ Frame F1E2	107 B 122 B	30ms 17ms	Script application/javascript	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=beyondhallyu.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4298256310626779&plah=beyondhallyu.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * date Wed, 01 Sep 2021 18:35:37 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	integrator.js Show response adservice.google.com/adsid/ Frame F1E2	107 B 122 B	23ms 23ms	Script application/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=beyondhallyu.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4298256310626779&plah=beyondhallyu.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * date Wed, 01 Sep 2021 18:35:37 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3-29	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 62B8	26 KB 11 KB	141ms 140ms	Document text/html	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=8391341337&adk=244431894&adf=2633765924&pi=t.ma~as.8391341337&w=336&psa=0&format=336x280&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337538&bpp=2&bdt=982&idt=220&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&prev_fmts=300x600&prev_slotnames=7930526934%2C2430570645%2C3296992132&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=5&uci=5.8ogocy1prokm&fsb=1&dtd=225 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4298256310626779&plah=beyondhallyu.com Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f0403ddf810d778992fe648557d2fa28c437a5e7dd28bc3bb2bf0f568f22a340 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority googleads.g.doubleclick.net :scheme https :path /pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=8391341337&adk=244431894&adf=2633765924&pi=t.ma~as.8391341337&w=336&psa=0&format=336x280&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337538&bpp=2&bdt=982&idt=220&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&prev_fmts=300x600&prev_slotnames=7930526934%2C2430570645%2C3296992132&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=5&uci=5.8ogocy1prokm&fsb=1&dtd=225 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://beyondhallyu.com/ accept-encoding gzip, deflate, br accept-language en-US cookie IDE=AHWqTUkE373Op23Qgy3fZJdxY3QKmDciS7DkQbiffcPO-2gwc0qHVJnnhql1COSwE5E Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer http://beyondhallyu.com/ Response headers p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" timing-allow-origin * cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 x-content-type-options nosniff content-encoding br date Wed, 01 Sep 2021 18:35:37 GMT server cafe content-length 10953 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	settings Show response syndication.twitter.com/ Frame 77B7	232 B 432 B	247ms 152ms	Fetch application/json	104.244.42.72 TWITTER
General Check archive.org Show headers Download Go to Full URL https://syndication.twitter.com/settings?session_id=f61ea1d6ee2376088db1aadf033e268369c430bd Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets/widget_iframe.f88235f49a156f8b4cab34c7bc1a0acc.html?origin=http%3A%2F%2Fbeyondhallyu.com Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 104.244.42.72 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_o / Resource Hash 726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers Referer https://platform.twitter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:37 GMT content-encoding gzip last-modified Wed, 01 Sep 2021 18:35:37 GMT server tsa_o vary Origin strict-transport-security max-age=631138519 content-type application/json; charset=utf-8 access-control-allow-origin https://platform.twitter.com cache-control must-revalidate, max-age=600 access-control-allow-credentials true x-connection-hash 7e07bf3929849172efbcfc887d8bad8b7fd90382cff72840003f87b6d7d2285f content-length 166
GET H2	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 3FB6	2 KB 1 KB	7ms 5ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=90&slotname=7930526934&adk=413893370&adf=201417130&pi=t.ma~as.7930526934&w=728&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337464&bpp=14&bdt=909&idt=137&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&correlator=2565102853045&frm=23&ife=1&pv=2&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=1&uci=1.l2xod1kprll4&fsb=1&dtd=160 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:28:33 GMT content-encoding gzip x-content-type-options nosniff age 424 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1339 x-xss-protection 0 server cafe etag 2275704724217174249 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 15 Sep 2021 18:28:33 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 3FB6	122 KB 37 KB	34ms 32ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=90&slotname=7930526934&adk=413893370&adf=201417130&pi=t.ma~as.7930526934&w=728&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337464&bpp=14&bdt=909&idt=137&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&correlator=2565102853045&frm=23&ife=1&pv=2&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=1&uci=1.l2xod1kprll4&fsb=1&dtd=160 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:37 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1630322985459792" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37796 x-xss-protection 0 expires Wed, 01 Sep 2021 18:35:37 GMT
GET H2	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame 3FB6	14 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=90&slotname=7930526934&adk=413893370&adf=201417130&pi=t.ma~as.7930526934&w=728&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337464&bpp=14&bdt=909&idt=137&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&correlator=2565102853045&frm=23&ife=1&pv=2&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=1&uci=1.l2xod1kprll4&fsb=1&dtd=160 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:32:51 GMT content-encoding gzip x-content-type-options nosniff age 166 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6183 x-xss-protection 0 server cafe etag 901432759052127119 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 15 Sep 2021 18:32:51 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame 3FB6	0 0	15ms 15ms	Image text/html	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQGY85xX-OXZHtVjqwP_wJ_wglZDxG-LpdJkQmNFhkHxb_yn11YZcJjxCqkpIhzRHDb6w0Qp5jVMAfm223_8FGdJ6ppgA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=90&slotname=7930526934&adk=413893370&adf=201417130&pi=t.ma~as.7930526934&w=728&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337464&bpp=14&bdt=909&idt=137&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&correlator=2565102853045&frm=23&ife=1&pv=2&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=1&uci=1.l2xod1kprll4&fsb=1&dtd=160 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
GET H3-29	200	adview googleads.g.doubleclick.net/pagead/ Frame 3FB6	0 0	18ms 17ms	Fetch text/html	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=Cb0CC-ccvYcTcJ4-e-wbe467wCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTDAU_QwGxrHvfElCQXZL7vCXohidUAcO8FLkRORdPLC3cB4iI0k4mcA0NcKnkId7_Y9KCcyr8D6Lno7yocBMQ-4QvrENGGrxtG373w92BNkuPoMFMxtMI4lcVgrH_ZVH-kuCSBHpWq1FqVgIhy7EXP9sMeVOMCxMISIu4xWD6MYixa6FTl0tE45KvDxg8b-OPGURWOTdCMnYKxheMkShI9zhKMD6RDgS_0PwTj-4B_NV3ebTzIZ_eh-C_sVtD7N3cP0WowwYAGv8uJxrfT-dFboAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDI5ODI1NjMxMDYyNjc3ORgA&sigh=EAI5bUBLM6E Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=90&slotname=7930526934&adk=413893370&adf=201417130&pi=t.ma~as.7930526934&w=728&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337464&bpp=14&bdt=909&idt=137&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&correlator=2565102853045&frm=23&ife=1&pv=2&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=1&uci=1.l2xod1kprll4&fsb=1&dtd=160 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=90&slotname=7930526934&adk=413893370&adf=201417130&pi=t.ma~as.7930526934&w=728&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337464&bpp=14&bdt=909&idt=137&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&correlator=2565102853045&frm=23&ife=1&pv=2&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=1&uci=1.l2xod1kprll4&fsb=1&dtd=160 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Wed, 01 Sep 2021 18:35:37 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	204	winResponse prod-rtb.ad4mat.net/ Frame 3FB6	0 0	37ms 16ms	Fetch image/gif	2600:1901:0:76b9:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://prod-rtb.ad4mat.net/winResponse?a=1jyxmxafj537y18paxc51xkypnnpng4j5h9rr2ey89qhh3y7hsbygpr84kjsbafwcw4zhhqtdsg3yaryckg64ra51p7vjqgsvpwga5cwfntfw2gzjhzhzx7prem2t4e940tcn6s1t4mbgkxwhhw22fgrr0p83zcmb8ts1q3rfjb453naf6f29w5y1z5xng0b0g9cw2yqgp22dp6ag5xg49ezvpa3e1v9389stv3m73skyxh7rtm4bpf08nwpd0mprvjbd5abfgjmzv0gv2dn97m8h803kgsz3kj7sy0mtqt7zs19ncckmv0vg24wmx5exmy2tayfte9vt13aphzta381qan7vsvab7jmdme09saxas3wy22kw31cf1xex6j00ev40n16hw&b=YS_H-QAJ7kQK3s8PAAux3o3rZVTaY4fWG19ghQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=90&slotname=7930526934&adk=413893370&adf=201417130&pi=t.ma~as.7930526934&w=728&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337464&bpp=14&bdt=909&idt=137&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&correlator=2565102853045&frm=23&ife=1&pv=2&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=1&uci=1.l2xod1kprll4&fsb=1&dtd=160 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers access-control-allow-origin * date Wed, 01 Sep 2021 18:35:37 GMT via 1.1 google alt-svc clear content-type image/gif
GET H2	200	dr Show response as.ad4m.at/ad/ Frame EB49	2 KB 1 KB	55ms 27ms	Document text/html	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/dr?ed=1gd4zzcnj8gpqv0xb6wg2ff336skp8gcws3bh0mcvtgq0qta2ppcyb71g7dpgve6vas8xxcnyr103krnf8kcpfdy7dz4wz3yxxegjt5k9bgeqvydratk6wkt0maa2mqjk2krve348qh5j2rxhdjyjhy868nzdy4yxcvavtmwcp1en3avtmm97wr29c8xgzp5dpy0t1f3mx3nj4c0wzrm8k4ezyynnrkcthy3xamtndshf4jrp8b7dqrrsx6evthde15gwny8x3r7sxhxpzwg3x752exvz25a4a8v9b7p72d7q5a48b0z0femym5779v3y8xgbqz5t28c4371x5pyh9c19vd9b20ea88e9nwgt6sdxzbywq2amjh3mpq9x77jyz254d0067aak9a2n4w75gr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjT7Q-ccvYcTcJ4-e-wbe467wCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTGAU_QwGxrHvfElCQXZL7vCXohidUAcO8FLkRORdPLC3cB4iI0k4mcA0NcKnkId7_Y9KCcyr8D6Lno7yocBMQ-4QvrENGGrxtG373w92BNkuPoMFMxtMI4lcVgrH_ZVH-kuCSBHpWq1FqVgIhy7EXP9sMeVOMCxMISIu4xWD6MYixa6FTl0tE45KvDxg8b-OPGURWOTdCMnYKxheMkShI9zhKMD6RDgS_0PwTj-4B_NV3ebX7KamV2Laisnlezoa1GQ5gJ1Rj7HYAGv8uJxrfT-dFboAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Pc90N09CQiBYOXwu65eOA32Z_4w%26client%3Dca-pub-4298256310626779%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=90&slotname=7930526934&adk=413893370&adf=201417130&pi=t.ma~as.7930526934&w=728&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337464&bpp=14&bdt=909&idt=137&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&correlator=2565102853045&frm=23&ife=1&pv=2&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=1&uci=1.l2xod1kprll4&fsb=1&dtd=160 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9d46ab03efaca2dfa07619b3c9e83b4e94dc78ae4f2522b6a4ca2c4efba48c25 Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority as.ad4m.at :scheme https :path /ad/dr?ed=1gd4zzcnj8gpqv0xb6wg2ff336skp8gcws3bh0mcvtgq0qta2ppcyb71g7dpgve6vas8xxcnyr103krnf8kcpfdy7dz4wz3yxxegjt5k9bgeqvydratk6wkt0maa2mqjk2krve348qh5j2rxhdjyjhy868nzdy4yxcvavtmwcp1en3avtmm97wr29c8xgzp5dpy0t1f3mx3nj4c0wzrm8k4ezyynnrkcthy3xamtndshf4jrp8b7dqrrsx6evthde15gwny8x3r7sxhxpzwg3x752exvz25a4a8v9b7p72d7q5a48b0z0femym5779v3y8xgbqz5t28c4371x5pyh9c19vd9b20ea88e9nwgt6sdxzbywq2amjh3mpq9x77jyz254d0067aak9a2n4w75gr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjT7Q-ccvYcTcJ4-e-wbe467wCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTGAU_QwGxrHvfElCQXZL7vCXohidUAcO8FLkRORdPLC3cB4iI0k4mcA0NcKnkId7_Y9KCcyr8D6Lno7yocBMQ-4QvrENGGrxtG373w92BNkuPoMFMxtMI4lcVgrH_ZVH-kuCSBHpWq1FqVgIhy7EXP9sMeVOMCxMISIu4xWD6MYixa6FTl0tE45KvDxg8b-OPGURWOTdCMnYKxheMkShI9zhKMD6RDgS_0PwTj-4B_NV3ebX7KamV2Laisnlezoa1GQ5gJ1Rj7HYAGv8uJxrfT-dFboAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Pc90N09CQiBYOXwu65eOA32Z_4w%26client%3Dca-pub-4298256310626779%26adurl%3D pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers date Wed, 01 Sep 2021 18:35:37 GMT content-type text/html; charset=utf-8 strict-transport-security max-age=86400; includeSubDomains; preload cache-control no-store, no-cache, must-revalidate, proxy-revalidate x-download-options noopen x-content-type-options nosniff report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} x-xss-protection 1; mode=block content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' referrer-policy same-origin feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} expires 0 surrogate-control no-store pragma no-cache via 1.1 google alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 68809979b8d94eeb-FRA content-encoding br
GET H3-29	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 0794	1 KB 749 B	16ms 15ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=90&slotname=7930526934&adk=413893370&adf=201417130&pi=t.ma~as.7930526934&w=728&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337464&bpp=14&bdt=909&idt=137&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&correlator=2565102853045&frm=23&ife=1&pv=2&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=1&uci=1.l2xod1kprll4&fsb=1&dtd=160 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Wed, 01 Sep 2021 13:41:14 GMT expires Thu, 02 Sep 2021 13:41:14 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 17663 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	adview googleads.g.doubleclick.net/pagead/ Frame F0C6	0 0	23ms 21ms	Fetch text/html	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CVotv-ccvYfmaKuS8-wb9nLGACZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTEAU_QYWppESivUahUKCItYHyM8FMBEiUagLmZ-nKoczYlWT0IzdEOj6YDA1cbyGJI69Gfp7HX7x0PcV1ueVa2an7OXfmmhhdp7OLnEK8zfmDUH5wyvCxY2HKhyJ-S-QBbs-cpjnalFLH5OzS83RFkOTZGytcDPAfpXdu9LZ9IL80Hdn0e0d85bwZzYQ4FdyUR6li6IgRA0wYSjONH3ROQheE3qLjNJj7ZzXAgM7Mzx8YnovfhJyhXW1PKjjVTxeVHb5WSMqKABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00Mjk4MjU2MzEwNjI2Nzc5GAA&sigh=4j3Hzl0Ze0A Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=2430570645&adk=54965667&adf=1240628421&pi=t.ma~as.2430570645&w=336&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337480&bpp=3&bdt=925&idt=190&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&prev_slotnames=7930526934&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=2&uci=2.nbg3nz4hv9tx&fsb=1&dtd=193 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Wed, 01 Sep 2021 18:35:37 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	204	winResponse prod-rtb.ad4mat.net/ Frame F0C6	0 0	20ms 17ms	Fetch image/gif	2600:1901:0:76b9:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://prod-rtb.ad4mat.net/winResponse?a=1j8wkpb5f4t602500aw60bfe7y1rzccemfe9e0pg3nh30xrjph40wpw5bjvhr5drkddf78hw47w7qpn4dwfzr79m14qap8ytdq01m1n44dxen1gfx6wgydddzrh29ytyc279m9t693z9g4j5gd6zg89attc5sqvv89y0kp86ngnswztpwdjf204xh00ggn08t3n9ja6bevvd3shz9nt4cbtj5zg0nyfm9cte5qw4ytmm24sgkdcapttddhnqkz5qk935ncctj6v0hrn9ahcqywnt21hrwe1qx57yd87yf6a1vqs7matfga104ra24hyg49t9e2f5vt1gp3wdzapp5ha3j8wfcwfkp6zaje4z9b287s1p1f1pj9v94tf7nw9tjvw4aqrf1w&b=YS_H-QAKjXkK3t5kAAxOffntOHSJlBhOYfJ-iw Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers access-control-allow-origin * date Wed, 01 Sep 2021 18:35:37 GMT via 1.1 google alt-svc clear content-type image/gif
GET H2	200	dr Show response as.ad4m.at/ad/ Frame E530	2 KB 2 KB	36ms 25ms	Document text/html	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/dr?ed=1j0tesh5eq5yhskad29ser4znk22230k99kpjtzjcegry68cbp1s0wxpme38x3gf206k6dwznj5hg3n5qtp41krz8v4j1992h63jmvfh949gsjvf4z4znyc68eacsder97k8berja7939d2pcdxwna07zhah0dhxef3xk0xps7dp2w3apx6w3qd7n8q66gmsgmw80728z4ktq33q83h2bm3t9b2fztbkwwpcqt95e1qqbwzpakrs848gjzqkh11z613858tbv7qhhevcc18ddrvqnt2tbzz3yxwqhgge9qmf67xh2bqr099t4xay6dxm9jecah358e9h0ss7n7kgpeejw7pnxpnv29vpbngasmmrg34vypzggyft15h6zkb8aya1s8a0yh89fw6kkqk9657p&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC05s6-ccvYfmaKuS8-wb9nLGACZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QYWppESivUahUKCItYHyM8FMBEiUagLmZ-nKoczYlWT0IzdEOj6YDA1cbyGJI69Gfp7HX7x0PcV1ueVa2an7OXfmmhhdp7OLnEK8zfmDUH5wyvCxY2HKhyJ-S-QBbs-cpjnalFLH5OzS83RFkOTZGytcDPAfpXdu9LZ9IL80Hdn0e0d85bwZzYQ4FdyUR6li6IgRA0wYSjONH3ROQheE3qLjNJj7ZzXAgM7Mzx8YnovejJSXFjIZNzv3UjXOdJgdgC7a4NUeABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Ux-yqD21JAJP2tCNFMeU3vbTKwQ%26client%3Dca-pub-4298256310626779%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=2430570645&adk=54965667&adf=1240628421&pi=t.ma~as.2430570645&w=336&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337480&bpp=3&bdt=925&idt=190&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&prev_slotnames=7930526934&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=2&uci=2.nbg3nz4hv9tx&fsb=1&dtd=193 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2d8e74a84d80ad6e0fb1c60a7db6e33c54a5ca97ca0d5b531a9710c6ec49613d Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority as.ad4m.at :scheme https :path /ad/dr?ed=1j0tesh5eq5yhskad29ser4znk22230k99kpjtzjcegry68cbp1s0wxpme38x3gf206k6dwznj5hg3n5qtp41krz8v4j1992h63jmvfh949gsjvf4z4znyc68eacsder97k8berja7939d2pcdxwna07zhah0dhxef3xk0xps7dp2w3apx6w3qd7n8q66gmsgmw80728z4ktq33q83h2bm3t9b2fztbkwwpcqt95e1qqbwzpakrs848gjzqkh11z613858tbv7qhhevcc18ddrvqnt2tbzz3yxwqhgge9qmf67xh2bqr099t4xay6dxm9jecah358e9h0ss7n7kgpeejw7pnxpnv29vpbngasmmrg34vypzggyft15h6zkb8aya1s8a0yh89fw6kkqk9657p&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC05s6-ccvYfmaKuS8-wb9nLGACZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QYWppESivUahUKCItYHyM8FMBEiUagLmZ-nKoczYlWT0IzdEOj6YDA1cbyGJI69Gfp7HX7x0PcV1ueVa2an7OXfmmhhdp7OLnEK8zfmDUH5wyvCxY2HKhyJ-S-QBbs-cpjnalFLH5OzS83RFkOTZGytcDPAfpXdu9LZ9IL80Hdn0e0d85bwZzYQ4FdyUR6li6IgRA0wYSjONH3ROQheE3qLjNJj7ZzXAgM7Mzx8YnovejJSXFjIZNzv3UjXOdJgdgC7a4NUeABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Ux-yqD21JAJP2tCNFMeU3vbTKwQ%26client%3Dca-pub-4298256310626779%26adurl%3D pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers date Wed, 01 Sep 2021 18:35:37 GMT content-type text/html; charset=utf-8 strict-transport-security max-age=86400; includeSubDomains; preload cache-control no-store, no-cache, must-revalidate, proxy-revalidate x-download-options noopen x-content-type-options nosniff report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} x-xss-protection 1; mode=block content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' referrer-policy same-origin feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} expires 0 surrogate-control no-store pragma no-cache via 1.1 google alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 68809979b8dc4eeb-FRA content-encoding br
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame F0C6	2 KB 1 KB	21ms 9ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=2430570645&adk=54965667&adf=1240628421&pi=t.ma~as.2430570645&w=336&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337480&bpp=3&bdt=925&idt=190&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&prev_slotnames=7930526934&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=2&uci=2.nbg3nz4hv9tx&fsb=1&dtd=193 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:17:39 GMT content-encoding gzip x-content-type-options nosniff age 1078 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1339 x-xss-protection 0 server cafe etag 2275704724217174249 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 15 Sep 2021 18:17:39 GMT
GET H3-29	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame E4FE	1 KB 749 B	7ms 6ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=2430570645&adk=54965667&adf=1240628421&pi=t.ma~as.2430570645&w=336&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337480&bpp=3&bdt=925&idt=190&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&prev_slotnames=7930526934&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=2&uci=2.nbg3nz4hv9tx&fsb=1&dtd=193 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Wed, 01 Sep 2021 13:41:14 GMT expires Thu, 02 Sep 2021 13:41:14 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 17663 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame F0C6	122 KB 37 KB	27ms 26ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=2430570645&adk=54965667&adf=1240628421&pi=t.ma~as.2430570645&w=336&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337480&bpp=3&bdt=925&idt=190&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&prev_slotnames=7930526934&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=2&uci=2.nbg3nz4hv9tx&fsb=1&dtd=193 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:37 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1630322985459792" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37796 x-xss-protection 0 expires Wed, 01 Sep 2021 18:35:37 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame F0C6	14 KB 6 KB	18ms 9ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=2430570645&adk=54965667&adf=1240628421&pi=t.ma~as.2430570645&w=336&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337480&bpp=3&bdt=925&idt=190&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&prev_slotnames=7930526934&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=2&uci=2.nbg3nz4hv9tx&fsb=1&dtd=193 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:23:09 GMT content-encoding gzip x-content-type-options nosniff age 748 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6183 x-xss-protection 0 server cafe etag 901432759052127119 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 15 Sep 2021 18:23:09 GMT
GET H3-29	204	l www.google.com/ads/measurement/ Frame F0C6	0 0	17ms 17ms	Image text/html	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQUjykXPLo5QNK_Eg1Lahx-c4ve5d_80L6rlIC3EWQFgZ_mUgH5_tFPV-gxZ0HXYmYE07hcvk6cxIHnKyKi_IymGEr0TQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=2430570645&adk=54965667&adf=1240628421&pi=t.ma~as.2430570645&w=336&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337480&bpp=3&bdt=925&idt=190&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&prev_slotnames=7930526934&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=2&uci=2.nbg3nz4hv9tx&fsb=1&dtd=193 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame EE9D	2 KB 1 KB	9ms 7ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=600&slotname=4379944131&adk=2343737103&adf=2126892501&pi=t.ma~as.4379944131&w=300&psa=0&format=300x600&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337535&bpp=3&bdt=979&idt=182&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&prev_slotnames=7930526934%2C2430570645%2C3296992132&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=4&uci=4.zg2fhhonf77s&fsb=1&dtd=185 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:17:39 GMT content-encoding gzip x-content-type-options nosniff age 1078 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1339 x-xss-protection 0 server cafe etag 2275704724217174249 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 15 Sep 2021 18:17:39 GMT
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame EE9D	122 KB 37 KB	29ms 28ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=600&slotname=4379944131&adk=2343737103&adf=2126892501&pi=t.ma~as.4379944131&w=300&psa=0&format=300x600&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337535&bpp=3&bdt=979&idt=182&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&prev_slotnames=7930526934%2C2430570645%2C3296992132&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=4&uci=4.zg2fhhonf77s&fsb=1&dtd=185 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:37 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1630322985459792" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37796 x-xss-protection 0 expires Wed, 01 Sep 2021 18:35:37 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame EE9D	14 KB 6 KB	7ms 6ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=600&slotname=4379944131&adk=2343737103&adf=2126892501&pi=t.ma~as.4379944131&w=300&psa=0&format=300x600&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337535&bpp=3&bdt=979&idt=182&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&prev_slotnames=7930526934%2C2430570645%2C3296992132&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=4&uci=4.zg2fhhonf77s&fsb=1&dtd=185 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:23:09 GMT content-encoding gzip x-content-type-options nosniff age 748 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6183 x-xss-protection 0 server cafe etag 901432759052127119 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 15 Sep 2021 18:23:09 GMT
GET H3-29	204	l www.google.com/ads/measurement/ Frame EE9D	0 0	17ms 16ms	Image text/html	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaRnGZ2T6rOPq5wYuO38K9jzq2SjV82boUmLoE9SsxqA4ENNklXYA9s1DN-jVgSL90ltvf0Bo8esLq5FisZTAjF7GHnIQw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=600&slotname=4379944131&adk=2343737103&adf=2126892501&pi=t.ma~as.4379944131&w=300&psa=0&format=300x600&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337535&bpp=3&bdt=979&idt=182&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&prev_slotnames=7930526934%2C2430570645%2C3296992132&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=4&uci=4.zg2fhhonf77s&fsb=1&dtd=185 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
GET H3-29	200	adview googleads.g.doubleclick.net/pagead/ Frame EE9D	0 0	19ms 18ms	Fetch text/html	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CyDAF-ccvYdGVLZeD2fcPzJiGqAqQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTQyOTgyNTYzMTA2MjY3NzmgAcKu6N0DyAEJqQIDm66sB-KzPqgDAaoExAFP0HgpSvN-IjSLKDZJNTCkzkjmQRWzLinxv3tvH63ySBPHmW-9TpVgRbbDrLjKlOQi9NDF_TzX-DUxp_wa37PScU6V7g2gzvmbXQ2zAqXFrWo-Ew3CGAvSmahrKhSYLu_MfsYIObkRNQ92nCc0t77YBu7kC2xdWESdx9J1hWHkk0TDKDvoZRbFFAKI_wX4GkpcfXuD9-KNH34LekjFXvSL-ZTfe6lAxlrRXoQYBdgJdvGi8nvwupHI2J5jllORgaS29LMWgAbjzKenhfGNsEqgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00Mjk4MjU2MzEwNjI2Nzc5GAA&sigh=leW1xJT5S6A Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=600&slotname=4379944131&adk=2343737103&adf=2126892501&pi=t.ma~as.4379944131&w=300&psa=0&format=300x600&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337535&bpp=3&bdt=979&idt=182&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&prev_slotnames=7930526934%2C2430570645%2C3296992132&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=4&uci=4.zg2fhhonf77s&fsb=1&dtd=185 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=600&slotname=4379944131&adk=2343737103&adf=2126892501&pi=t.ma~as.4379944131&w=300&psa=0&format=300x600&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337535&bpp=3&bdt=979&idt=182&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&prev_slotnames=7930526934%2C2430570645%2C3296992132&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=4&uci=4.zg2fhhonf77s&fsb=1&dtd=185 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Wed, 01 Sep 2021 18:35:37 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	204	winResponse prod-rtb.ad4mat.net/ Frame EE9D	0 0	16ms 15ms	Fetch image/gif	2600:1901:0:76b9:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://prod-rtb.ad4mat.net/winResponse?a=1ge5fafzy2m92evfkqaw08p7d5wm1h31wv71ytkd9kfgz2970gasffnrtznzsw75vykahjv72ez8mt085d8dnxxs9t0aczma7yeh951ytrdqcs6rej2q6ra14yqhk05shkgd0evm4brf5acjhtz8a1d2axfk183835chqeqqaw03spwqmcv5rba1b8nhk7bmr2pay036dq043p51fe5td1mratgx8x19mc5derw2md58kpyd1jd85s0y5hhbze64bwrb7h7dprqjz5b8k6kht1zx6q98127adj6x64rmrxcc0typfxade21jytat6zy90m160gz99ey5fm71pgxk9myybf3fa0angfrgbnh66tjzym0v8wghdeygg6tkbb0ft8twadsmjc&b=YS_H-QALStEI9kGXAAGMTFLlhfyqkMiC1Oksxw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=600&slotname=4379944131&adk=2343737103&adf=2126892501&pi=t.ma~as.4379944131&w=300&psa=0&format=300x600&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337535&bpp=3&bdt=979&idt=182&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&prev_slotnames=7930526934%2C2430570645%2C3296992132&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=4&uci=4.zg2fhhonf77s&fsb=1&dtd=185 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers access-control-allow-origin * date Wed, 01 Sep 2021 18:35:37 GMT via 1.1 google alt-svc clear content-type image/gif
GET H3-29	200	dr Show response as.ad4m.at/ad/ Frame AC03	2 KB 2 KB	41ms 26ms	Document text/html	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/dr?ed=1jqb3fa5159e5ec8gassgm9r0cafk5p1kpxcpg70mnbxbmp0qw6y03gqe93s87e70ygbpm1k0qvfq3qytsv5ckj501bkge668kqp9tmhn32n2esghjcymretcdsk4xj7qwtyeq8xs7m15j7rgfcnwyq5963ahwme9tqpt333sdvdvfgaj23k7d8taneyy6g7b45v6nxkt7vbzsfc2na22tvbt8fadpjzk6dv3trt9pzaktq5ws9npptjmkbrxrycmsz2as80f4vxcwbywvg01wq4yxbc7nweecg5ypm90mzh9w0p5hmjfctfreesyexrfbgh2cgmc0shqrhssq5xfjrf6jkkj2cz08z7nk6v32nkt00stbxzxvvzk7db39swef3pdrky9saq2cae6egrcszr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8E4B-ccvYdGVLZeD2fcPzJiGqAqQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTQyOTgyNTYzMTA2MjY3NzmgAcKu6N0DyAEJqQIDm66sB-KzPqgDAaoExwFP0HgpSvN-IjSLKDZJNTCkzkjmQRWzLinxv3tvH63ySBPHmW-9TpVgRbbDrLjKlOQi9NDF_TzX-DUxp_wa37PScU6V7g2gzvmbXQ2zAqXFrWo-Ew3CGAvSmahrKhSYLu_MfsYIObkRNQ92nCc0t77YBu7kC2xdWESdx9J1hWHkk0TDKDvoZRbFFAKI_wX4GkpcfXuD9-KNH34LekjFXvSL-ZTfe6lAxlrRXoQYBdgJdvGisHn9KEYdX96rERsHW-0kBooCvre1gAbjzKenhfGNsEqgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07AXkgqBIBOZwanxB-EgYrzsBSTQ%26client%3Dca-pub-4298256310626779%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=600&slotname=4379944131&adk=2343737103&adf=2126892501&pi=t.ma~as.4379944131&w=300&psa=0&format=300x600&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337535&bpp=3&bdt=979&idt=182&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&prev_slotnames=7930526934%2C2430570645%2C3296992132&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=4&uci=4.zg2fhhonf77s&fsb=1&dtd=185 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fc87803da8e07c39cc5f38fc5549aae063aedab2423dd338b7a2e0f43b20f348 Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority as.ad4m.at :scheme https :path /ad/dr?ed=1jqb3fa5159e5ec8gassgm9r0cafk5p1kpxcpg70mnbxbmp0qw6y03gqe93s87e70ygbpm1k0qvfq3qytsv5ckj501bkge668kqp9tmhn32n2esghjcymretcdsk4xj7qwtyeq8xs7m15j7rgfcnwyq5963ahwme9tqpt333sdvdvfgaj23k7d8taneyy6g7b45v6nxkt7vbzsfc2na22tvbt8fadpjzk6dv3trt9pzaktq5ws9npptjmkbrxrycmsz2as80f4vxcwbywvg01wq4yxbc7nweecg5ypm90mzh9w0p5hmjfctfreesyexrfbgh2cgmc0shqrhssq5xfjrf6jkkj2cz08z7nk6v32nkt00stbxzxvvzk7db39swef3pdrky9saq2cae6egrcszr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8E4B-ccvYdGVLZeD2fcPzJiGqAqQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTQyOTgyNTYzMTA2MjY3NzmgAcKu6N0DyAEJqQIDm66sB-KzPqgDAaoExwFP0HgpSvN-IjSLKDZJNTCkzkjmQRWzLinxv3tvH63ySBPHmW-9TpVgRbbDrLjKlOQi9NDF_TzX-DUxp_wa37PScU6V7g2gzvmbXQ2zAqXFrWo-Ew3CGAvSmahrKhSYLu_MfsYIObkRNQ92nCc0t77YBu7kC2xdWESdx9J1hWHkk0TDKDvoZRbFFAKI_wX4GkpcfXuD9-KNH34LekjFXvSL-ZTfe6lAxlrRXoQYBdgJdvGisHn9KEYdX96rERsHW-0kBooCvre1gAbjzKenhfGNsEqgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07AXkgqBIBOZwanxB-EgYrzsBSTQ%26client%3Dca-pub-4298256310626779%26adurl%3D pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers date Wed, 01 Sep 2021 18:35:37 GMT content-type text/html; charset=utf-8 strict-transport-security max-age=86400; includeSubDomains; preload cache-control no-store, no-cache, must-revalidate, proxy-revalidate x-download-options noopen x-content-type-options nosniff report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} x-xss-protection 1; mode=block content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' referrer-policy same-origin feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} expires 0 surrogate-control no-store pragma no-cache via 1.1 google alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6880997a1f384e9e-FRA content-encoding br
GET H3-29	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 5F56	1 KB 749 B	10ms 9ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=600&slotname=4379944131&adk=2343737103&adf=2126892501&pi=t.ma~as.4379944131&w=300&psa=0&format=300x600&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337535&bpp=3&bdt=979&idt=182&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&prev_slotnames=7930526934%2C2430570645%2C3296992132&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=4&uci=4.zg2fhhonf77s&fsb=1&dtd=185 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Wed, 01 Sep 2021 13:41:14 GMT expires Thu, 02 Sep 2021 13:41:14 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 17663 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	adview googleads.g.doubleclick.net/pagead/ Frame E2E5	0 0	24ms 17ms	Fetch text/html	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CHrt4-ccvYb7WKqKKzAbo-aGIBpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTEAU_Q6ajeNgcQ4xxNEnjkxEEUQMPEODu569xiZYbbGFsg5iUjDo1yDiHnOOMsfjsk2ZMKENoiTfkMhMiUMyMjxeWCU3uMsZzLP_dk18HHxF619a2g5HkIg-K_Do6gOKEINoqFDT5FoF0bLEpyddTOnDyW-bAzcfnrWe58vjHpXGhI5bl2K5K_HAzx6ZSvSrDunBNrWlEazUtV2mhKtuMcjEsUMDE5oxbHlfG38YHf14eNr_XbnLf0ENKn9y4s0MI9XoAaSieABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00Mjk4MjU2MzEwNjI2Nzc5GAA&sigh=U5MbYfiTb4E Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=3296992132&adk=339086087&adf=3862441920&pi=t.ma~as.3296992132&w=336&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337489&bpp=4&bdt=933&idt=190&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&prev_slotnames=7930526934%2C2430570645&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=3&uci=3.t45v6dcto2ds&fsb=1&dtd=194 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Wed, 01 Sep 2021 18:35:37 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	204	winResponse prod-rtb.ad4mat.net/ Frame E2E5	0 0	23ms 15ms	Fetch image/gif	2600:1901:0:76b9:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://prod-rtb.ad4mat.net/winResponse?a=1g9ahrv7b02zrjd7zzthy3w0hfgwt1zy4v8qsbakaarz1qfcp37bam72h11da2watxdqk17aetsk5796fhj6743e0380yvtn4m1pkq5k5hmydvqe3t2pg57mc7jhq793x7sw8p06qyxys12f6tjt7mwhdqfkayqwn76gcb1rp7kxg16nbbn499twje1qn2mcagpg847s9eb2t8bp3ev783n1tq12npjjc5cb65h1kyqdf5ber4f2zj1fd66ggw0w2cgtkqf5p6bk329skqztq21drv4yveyp5z4szr2yrtqtr4thenmdcxdgw25sqzgfawpbab5jhwq91jsrfprs8z3jeatm5r1ks8fh8cfbm63apeej8v5j9gpk2hnenjpwqzrqw6h734&b=YS_H-QAKqz4K0wUiAAh86G-SCAN9FnH4KN6xvQ Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers access-control-allow-origin * date Wed, 01 Sep 2021 18:35:37 GMT via 1.1 google alt-svc clear content-type image/gif
GET H3-29	200	dr Show response as.ad4m.at/ad/ Frame 2046	2 KB 2 KB	23ms 19ms	Document text/html	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/dr?ed=1hcx3m45w97jv36td4jak0myaqwepy1bb4bd00gsfpb26k90h5mzxdbeb9zzz00eqtawjdrc1qzd13ry00edkttzmy3nfq1554y038p2ps7t881krhrmv0j69agakdwctpbw6999se8xtvfe2zr6gz5e5f1dyt14hcygmkcpysdbmg3rjthssvjdmedag146hht6145dwwj96kqjyqr6rjx3avwacr19f1e0y0m7kar6hmp7x95pnxs2bp74gm6y265zay9kznj7ssbd9p4zf7kndeb6rqj3gf820qdmzd0wpdv4rymz3sgw6b0xk4xfks1283vvtf3fsw2c8w1dhz00bxw4esdgs1vcakxza131qs0y4erz88c8vk023mp95m98xjd4mh3ja423mabgznnt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWzHD-ccvYb7WKqKKzAbo-aGIBpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTHAU_Q6ajeNgcQ4xxNEnjkxEEUQMPEODu569xiZYbbGFsg5iUjDo1yDiHnOOMsfjsk2ZMKENoiTfkMhMiUMyMjxeWCU3uMsZzLP_dk18HHxF619a2g5HkIg-K_Do6gOKEINoqFDT5FoF0bLEpyddTOnDyW-bAzcfnrWe58vjHpXGhI5bl2K5K_HAzx6ZSvSrDunBNrWlEazUtV2mhKtuMcjEsUMDE5oxbHlfG38YHf14eNr_WZnrpmxwcgt-armFTnFxLoczOZFYmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wD4rfS2VwQbPVIP_BPm7L2-vtJg%26client%3Dca-pub-4298256310626779%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=3296992132&adk=339086087&adf=3862441920&pi=t.ma~as.3296992132&w=336&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337489&bpp=4&bdt=933&idt=190&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&prev_slotnames=7930526934%2C2430570645&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=3&uci=3.t45v6dcto2ds&fsb=1&dtd=194 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed135a5877d6ae3e1aa891b84de66e1c227d21bb1ecd96b982349fe77b0aa610 Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority as.ad4m.at :scheme https :path /ad/dr?ed=1hcx3m45w97jv36td4jak0myaqwepy1bb4bd00gsfpb26k90h5mzxdbeb9zzz00eqtawjdrc1qzd13ry00edkttzmy3nfq1554y038p2ps7t881krhrmv0j69agakdwctpbw6999se8xtvfe2zr6gz5e5f1dyt14hcygmkcpysdbmg3rjthssvjdmedag146hht6145dwwj96kqjyqr6rjx3avwacr19f1e0y0m7kar6hmp7x95pnxs2bp74gm6y265zay9kznj7ssbd9p4zf7kndeb6rqj3gf820qdmzd0wpdv4rymz3sgw6b0xk4xfks1283vvtf3fsw2c8w1dhz00bxw4esdgs1vcakxza131qs0y4erz88c8vk023mp95m98xjd4mh3ja423mabgznnt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWzHD-ccvYb7WKqKKzAbo-aGIBpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTHAU_Q6ajeNgcQ4xxNEnjkxEEUQMPEODu569xiZYbbGFsg5iUjDo1yDiHnOOMsfjsk2ZMKENoiTfkMhMiUMyMjxeWCU3uMsZzLP_dk18HHxF619a2g5HkIg-K_Do6gOKEINoqFDT5FoF0bLEpyddTOnDyW-bAzcfnrWe58vjHpXGhI5bl2K5K_HAzx6ZSvSrDunBNrWlEazUtV2mhKtuMcjEsUMDE5oxbHlfG38YHf14eNr_WZnrpmxwcgt-armFTnFxLoczOZFYmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wD4rfS2VwQbPVIP_BPm7L2-vtJg%26client%3Dca-pub-4298256310626779%26adurl%3D pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers date Wed, 01 Sep 2021 18:35:37 GMT content-type text/html; charset=utf-8 strict-transport-security max-age=86400; includeSubDomains; preload cache-control no-store, no-cache, must-revalidate, proxy-revalidate x-download-options noopen x-content-type-options nosniff report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} x-xss-protection 1; mode=block content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' referrer-policy same-origin feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} expires 0 surrogate-control no-store pragma no-cache via 1.1 google alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6880997a1f3b4e9e-FRA content-encoding br
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame E2E5	2 KB 1 KB	12ms 6ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=3296992132&adk=339086087&adf=3862441920&pi=t.ma~as.3296992132&w=336&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337489&bpp=4&bdt=933&idt=190&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&prev_slotnames=7930526934%2C2430570645&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=3&uci=3.t45v6dcto2ds&fsb=1&dtd=194 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:17:39 GMT content-encoding gzip x-content-type-options nosniff age 1078 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1339 x-xss-protection 0 server cafe etag 2275704724217174249 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 15 Sep 2021 18:17:39 GMT
GET H3-29	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame FAA9	1 KB 749 B	8ms 6ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=3296992132&adk=339086087&adf=3862441920&pi=t.ma~as.3296992132&w=336&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337489&bpp=4&bdt=933&idt=190&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&prev_slotnames=7930526934%2C2430570645&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=3&uci=3.t45v6dcto2ds&fsb=1&dtd=194 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Wed, 01 Sep 2021 13:41:14 GMT expires Thu, 02 Sep 2021 13:41:14 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 17663 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame E2E5	122 KB 37 KB	31ms 29ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=3296992132&adk=339086087&adf=3862441920&pi=t.ma~as.3296992132&w=336&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337489&bpp=4&bdt=933&idt=190&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&prev_slotnames=7930526934%2C2430570645&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=3&uci=3.t45v6dcto2ds&fsb=1&dtd=194 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:37 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1630322985459792" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37796 x-xss-protection 0 expires Wed, 01 Sep 2021 18:35:37 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame E2E5	14 KB 6 KB	10ms 6ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=3296992132&adk=339086087&adf=3862441920&pi=t.ma~as.3296992132&w=336&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337489&bpp=4&bdt=933&idt=190&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&prev_slotnames=7930526934%2C2430570645&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=3&uci=3.t45v6dcto2ds&fsb=1&dtd=194 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:23:09 GMT content-encoding gzip x-content-type-options nosniff age 748 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6183 x-xss-protection 0 server cafe etag 901432759052127119 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 15 Sep 2021 18:23:09 GMT
GET H3-29	204	l www.google.com/ads/measurement/ Frame E2E5	0 0	18ms 14ms	Image text/html	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaT4dB0tecXQm-rr2buawQXzzcSaijEY0gfxyH0ZSuBAEqfTWR7DrUawSkKrqn0Em8V8LH3h-MFzxw_0MHIZ9Dhb174UVg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=3296992132&adk=339086087&adf=3862441920&pi=t.ma~as.3296992132&w=336&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337489&bpp=4&bdt=933&idt=190&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&prev_slotnames=7930526934%2C2430570645&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=3&uci=3.t45v6dcto2ds&fsb=1&dtd=194 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
GET H2	200	dpixel cms.quantserve.com/ Frame 0794	35 B 463 B	495ms 63ms	Image image/gif	91.228.74.134 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEP-TgJtKUY3vOEM0QV-U-mA&google_cver=1&google_push=AYg5qPJtMp5nAU4mCHuxIrTdorJ1zwndxM85VrFM48IAKtjbRE31JUv5BYorJn-MCU3Og8CUGXD0uaq8PpRKnJk4Y698VTpClnIL Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=90&slotname=7930526934&adk=413893370&adf=201417130&pi=t.ma~as.7930526934&w=728&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337464&bpp=14&bdt=909&idt=137&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&correlator=2565102853045&frm=23&ife=1&pv=2&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=1&uci=1.l2xod1kprll4&fsb=1&dtd=160 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:38 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 0794 Redirect Chain https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJ1KVhwGPnCe2wGHYJ7dWdJh0H2avVae6_D9Fn... https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVMtSEBnQUFBRGtLS1M1RA&google_push=AYg5qPJ1KVhwGPnCe2wGHYJ7dWdJh0H2avVae6_D9FnGuUjWak15k7ak_9Dl_tZ_XUxnKED7ngd3K0QGb40Kden5QwT_4GAORAc	170 B 188 B	107ms 58ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVMtSEBnQUFBRGtLS1M1RA&google_push=AYg5qPJ1KVhwGPnCe2wGHYJ7dWdJh0H2avVae6_D9FnGuUjWak15k7ak_9Dl_tZ_XUxnKED7ngd3K0QGb40Kden5QwT_4GAORAc Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:38 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVMtSEBnQUFBRGtLS1M1RA&google_push=AYg5qPJ1KVhwGPnCe2wGHYJ7dWdJh0H2avVae6_D9FnGuUjWak15k7ak_9Dl_tZ_XUxnKED7ngd3K0QGb40Kden5QwT_4GAORAc Date Wed, 01 Sep 2021 18:35:38 GMT Server Apache Connection keep-alive Content-Length 390 Content-Type text/html; charset=iso-8859-1
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 0794 Redirect Chain https://d.agkn.com/pixel/2175/?google_gid=CAESEJkCImE9p54KDXzh8yp2g2A&google_cver=1&google_push=AYg5qPLNIV0nOS189Ex1TmIZN5EmOO7dM0pmcz0isiOcyKNzD2um6HgO2PKDWInCjIPZpSegWZ5VNZLJF3D_9a2uZjwcvL71Sbhe https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLNIV0nOS189Ex1TmIZN5EmOO7dM0pmcz0isiOcyKNzD2um6HgO2PKDWInCjIPZpSegWZ5VNZLJF3D_9a2uZjwcvL71Sbhe&google_hm=Q0FFU0VKa0NJbUU5cDU0S...	170 B 188 B	55ms 54ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLNIV0nOS189Ex1TmIZN5EmOO7dM0pmcz0isiOcyKNzD2um6HgO2PKDWInCjIPZpSegWZ5VNZLJF3D_9a2uZjwcvL71Sbhe&google_hm=Q0FFU0VKa0NJbUU5cDU0S0RYemg4eXAyZzJB Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:38 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Wed, 01 Sep 2021 18:35:38 GMT Server Apache-Coyote/1.1 P3P CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLNIV0nOS189Ex1TmIZN5EmOO7dM0pmcz0isiOcyKNzD2um6HgO2PKDWInCjIPZpSegWZ5VNZLJF3D_9a2uZjwcvL71Sbhe&google_hm=Q0FFU0VKa0NJbUU5cDU0S0RYemg4eXAyZzJB Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 0794 Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESEFoVFeNiWI56PdVYytMhbCw&google_cver=1&google_push=AYg5qPKRbSF8oU-SquWBbkTJPrfEHZGX_B8cqrRbcEhF0VYDTYMsFnBOW_s_znWP5Jk_y8FlQhIpoTtEc_z4agpUZR60BxArr4E https://rtb.openx.net/sync/dds?google_gid=CAESEFoVFeNiWI56PdVYytMhbCw&google_cver=1&google_push=AYg5qPKRbSF8oU-SquWBbkTJPrfEHZGX_B8cqrRbcEhF0VYDTYMsFnBOW_s_znWP5Jk_y8FlQhIpoTtEc_z4agpUZR60BxArr4E&o... https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKRbSF8oU-SquWBbkTJPrfEHZGX_B8cqrRbcEhF0VYDTYMsFnBOW_s_znWP5Jk_y8FlQhIpoTtEc_z4agpUZR60BxArr4E&google_hm=6bCYhGluwbQZvfaWDGEhrw==	170 B 188 B	58ms 58ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKRbSF8oU-SquWBbkTJPrfEHZGX_B8cqrRbcEhF0VYDTYMsFnBOW_s_znWP5Jk_y8FlQhIpoTtEc_z4agpUZR60BxArr4E&google_hm=6bCYhGluwbQZvfaWDGEhrw== Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 01 Sep 2021 18:35:40 GMT via 1.1 google server Cowboy access-control-allow-origin null vary Origin p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKRbSF8oU-SquWBbkTJPrfEHZGX_B8cqrRbcEhF0VYDTYMsFnBOW_s_znWP5Jk_y8FlQhIpoTtEc_z4agpUZR60BxArr4E&google_hm=6bCYhGluwbQZvfaWDGEhrw== access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-request-id 4os4gnauejvn9bt26g0utke8ac1sq3qf
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 0794 Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iQTvWEBuSZ-ujJDG40uj0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 188 B	61ms 56ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iQTvWEBuSZ-ujJDG40uj0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLKZtS_E8hGx7Aw0Ywa3E95-VYuDjpemWxLTzb4HRT_34slyvksBT9kZPAuHTipJmPp5OkfKNjvga_mKuUcHRfehMGRdkMa Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iQTvWEBuSZ-ujJDG40uj0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLKZtS_E8hGx7Aw0Ywa3E95-VYuDjpemWxLTzb4HRT_34slyvksBT9kZPAuHTipJmPp5OkfKNjvga_mKuUcHRfehMGRdkMa date Wed, 01 Sep 2021 18:35:39 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 0794 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA1bvzohjwU5PHGfZdw8qsU&google_cver=1&google_push=AYg5qPI13dhHhKlt95vH7XJDI0jp7WLUqsdtlbp2ltTld5gE0cM3K4wheKcXBPCGXBffBlnmaLi... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxVUIwSkstMVQtNFNBNw==&google_push=AYg5qPI13dhHhKlt95vH7XJDI0jp7WLUqsdtlbp2ltTld5gE0cM3K4wheKcXBPCGXBffBlnmaLinF0VXPVKfzPq1MrSCIOD9t-qz	170 B 188 B	60ms 59ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxVUIwSkstMVQtNFNBNw==&google_push=AYg5qPI13dhHhKlt95vH7XJDI0jp7WLUqsdtlbp2ltTld5gE0cM3K4wheKcXBPCGXBffBlnmaLinF0VXPVKfzPq1MrSCIOD9t-qz Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:38 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxVUIwSkstMVQtNFNBNw==&google_push=AYg5qPI13dhHhKlt95vH7XJDI0jp7WLUqsdtlbp2ltTld5gE0cM3K4wheKcXBPCGXBffBlnmaLinF0VXPVKfzPq1MrSCIOD9t-qz Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost 6f9fd0201ed801884e5299d5aabca094 Expires 0
GET		pixel cm.g.doubleclick.net/ Frame 0794 Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1&googl... https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAga... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAga... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAga... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAga... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAga... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAga... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAga... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAga... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAga... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAga... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAga... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAga... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAga... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAga... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAga... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAga... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAga... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAga... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAga...	0 0
GET H3-29	204	attr cm.g.doubleclick.net/pixel/ Frame 0794	0 12 B	54ms 52ms	Image text/html	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lclwrv31dDGJzTujWUf4fxuvgeGjOfSFfC6xkFkDKGIj7oSeWHlmueRtn_t3ppFadJPep8 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=90&slotname=7930526934&adk=413893370&adf=201417130&pi=t.ma~as.7930526934&w=728&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337464&bpp=14&bdt=909&idt=137&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&correlator=2565102853045&frm=23&ife=1&pv=2&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=1&uci=1.l2xod1kprll4&fsb=1&dtd=160 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3-29	200	adview googleads.g.doubleclick.net/pagead/ Frame CC40	0 0	18ms 18ms	Fetch text/html	2a00:1450:4001:802::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CVFw9-ccvYffYL8On-wbDjpDwApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTEAU_QfWyJ_iinIs3bkHdTHCHUOBrsO-oQRJ2Lz30kLd5fY1zpO1Xznl0zob6dXHIQr4r0qJvN6aMUIJo9jbhq4LY-7U3Tj7vBSP4DHPzWxv7uEHURmpIRh0tDHyHRnhW9nUeuDCx_hTGhw58i95WHIoDCPEJ3HCKz_k-rYxhxQcWyE6vXKelas8b9oo9G3nEFNl9NDFsGTEElh5_sqECzH7aVWrMc90xe6KtvohDkKhf6kF9RJ9XUK10ejjNMfVFbywctM4SABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00Mjk4MjU2MzEwNjI2Nzc5GAA&sigh=NVyEcHl8KrM Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/ Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=8391341337&adk=244431894&adf=2633765924&pi=t.ma~as.8391341337&w=336&psa=0&format=336x280&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337538&bpp=2&bdt=982&idt=220&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&prev_fmts=300x600&prev_slotnames=7930526934%2C2430570645%2C3296992132&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=5&uci=5.8ogocy1prokm&fsb=1&dtd=225 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Wed, 01 Sep 2021 18:35:38 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H2	204	winResponse prod-rtb.ad4mat.net/ Frame CC40	0 0	16ms 16ms	Fetch image/gif	2600:1901:0:76b9:: GOOGLE
General Check archive.org Show headers Download Go to Full URL https://prod-rtb.ad4mat.net/winResponse?a=1ks085t8c8cgm6svktbznz2hhzy3sah7nn49v20mmsvrqzs1k77pnctg0rt2qm06v6ke2e01j2n0pppthh16jp37ybk9nccd8kn74855jm6xrx0tzqq5hjvdhyj2erskaff5b2fy8h8fvn4g9ac73vj2ev6nj35dhewty9sh9vtjepqwbwydbvm7xys1whbxd75b1m5sj1k0e1n9627en4kr301sxqe7wvvzyr2k18h7j02c95f7zygqkcf5a4eydnbyvdhzva5d9e1c4305p47w4z8tr3gh89qff1yhht1mphd5jfxxy4ksvvvxh253wc43hy1h6g4mprqftjrmffp5g1fg0asy9tkatgwbqmmdbthhq3nhc1x0sh6ykps7qvk6em0at4&b=YS_H-QAL7HcK3tPDAAQHQ_Ty-kRYF98dIZzGvA Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers access-control-allow-origin * date Wed, 01 Sep 2021 18:35:38 GMT via 1.1 google alt-svc clear content-type image/gif
GET H3-29	200	dr Show response as.ad4m.at/ad/ Frame E206	2 KB 2 KB	32ms 30ms	Document text/html	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/dr?ed=1hqy08b738z4f6dvm8ty0fnx2kyeqb67p0zzme6nbp7gd5qzz43nx1dqce2vxpc3k098rkrefzcx09tapf48wxztdffyg9k5mb5t4vw0spe71bj6f3cyyh0m07evz1yr849tae8s3rs1tdtcs62zjcxd57hxg68421a95zfbr26aenmxzzn4pnscrrx4kmmxg3vk7vxpm53k3qx9dvm9zt64y3nynbrdhhy19xpq3zc4asyjr22e2asg963yzh2jvz5qz3x0nrqnkpp5349wn8y5kp6njbkjvws0dsqbzkfejeywywbhvxa9pm1sazt7n686kebkzr1nkbjdrxr6nw69x5gd0ekwb3mhdp8jbsq5dgr8ks5zqmzh666f4fjetq9mve8mdx9vtz19gz1b99cb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTIqj-ccvYffYL8On-wbDjpDwApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QfWyJ_iinIs3bkHdTHCHUOBrsO-oQRJ2Lz30kLd5fY1zpO1Xznl0zob6dXHIQr4r0qJvN6aMUIJo9jbhq4LY-7U3Tj7vBSP4DHPzWxv7uEHURmpIRh0tDHyHRnhW9nUeuDCx_hTGhw58i95WHIoDCPEJ3HCKz_k-rYxhxQcWyE6vXKelas8b9oo9G3nEFNl9NDFsGTEElh5_sqECzH7aVWrMc90xe6KtvohDkKhf6kF8TJdhG_IiZzvvLNceBgpXfCpCdB_uABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1k2Ld48m18tUfHbxcmSc9kCtfXFQ%26client%3Dca-pub-4298256310626779%26adurl%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=8391341337&adk=244431894&adf=2633765924&pi=t.ma~as.8391341337&w=336&psa=0&format=336x280&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337538&bpp=2&bdt=982&idt=220&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&prev_fmts=300x600&prev_slotnames=7930526934%2C2430570645%2C3296992132&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=5&uci=5.8ogocy1prokm&fsb=1&dtd=225 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e7222ab36937d3770c3c2627a6dc9608edeace9f659a0ad3926b142b0e30061 Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority as.ad4m.at :scheme https :path /ad/dr?ed=1hqy08b738z4f6dvm8ty0fnx2kyeqb67p0zzme6nbp7gd5qzz43nx1dqce2vxpc3k098rkrefzcx09tapf48wxztdffyg9k5mb5t4vw0spe71bj6f3cyyh0m07evz1yr849tae8s3rs1tdtcs62zjcxd57hxg68421a95zfbr26aenmxzzn4pnscrrx4kmmxg3vk7vxpm53k3qx9dvm9zt64y3nynbrdhhy19xpq3zc4asyjr22e2asg963yzh2jvz5qz3x0nrqnkpp5349wn8y5kp6njbkjvws0dsqbzkfejeywywbhvxa9pm1sazt7n686kebkzr1nkbjdrxr6nw69x5gd0ekwb3mhdp8jbsq5dgr8ks5zqmzh666f4fjetq9mve8mdx9vtz19gz1b99cb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTIqj-ccvYffYL8On-wbDjpDwApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QfWyJ_iinIs3bkHdTHCHUOBrsO-oQRJ2Lz30kLd5fY1zpO1Xznl0zob6dXHIQr4r0qJvN6aMUIJo9jbhq4LY-7U3Tj7vBSP4DHPzWxv7uEHURmpIRh0tDHyHRnhW9nUeuDCx_hTGhw58i95WHIoDCPEJ3HCKz_k-rYxhxQcWyE6vXKelas8b9oo9G3nEFNl9NDFsGTEElh5_sqECzH7aVWrMc90xe6KtvohDkKhf6kF8TJdhG_IiZzvvLNceBgpXfCpCdB_uABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1k2Ld48m18tUfHbxcmSc9kCtfXFQ%26client%3Dca-pub-4298256310626779%26adurl%3D pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers date Wed, 01 Sep 2021 18:35:38 GMT content-type text/html; charset=utf-8 strict-transport-security max-age=86400; includeSubDomains; preload cache-control no-store, no-cache, must-revalidate, proxy-revalidate x-download-options noopen x-content-type-options nosniff report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} x-xss-protection 1; mode=block content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' referrer-policy same-origin feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} expires 0 surrogate-control no-store pragma no-cache via 1.1 google alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6880997b6a284e9e-FRA content-encoding br
GET H3-29	200	window_focus_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame CC40	2 KB 1 KB	11ms 8ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/window_focus_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=8391341337&adk=244431894&adf=2633765924&pi=t.ma~as.8391341337&w=336&psa=0&format=336x280&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337538&bpp=2&bdt=982&idt=220&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&prev_fmts=300x600&prev_slotnames=7930526934%2C2430570645%2C3296992132&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=5&uci=5.8ogocy1prokm&fsb=1&dtd=225 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:17:39 GMT content-encoding gzip x-content-type-options nosniff age 1079 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1339 x-xss-protection 0 server cafe etag 2275704724217174249 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 15 Sep 2021 18:17:39 GMT
GET H3-29	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame C647	1 KB 749 B	9ms 8ms	Document text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=8391341337&adk=244431894&adf=2633765924&pi=t.ma~as.8391341337&w=336&psa=0&format=336x280&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337538&bpp=2&bdt=982&idt=220&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&prev_fmts=300x600&prev_slotnames=7930526934%2C2430570645%2C3296992132&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=5&uci=5.8ogocy1prokm&fsb=1&dtd=225 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority pagead2.googlesyndication.com :scheme https :path /pagead/s/cookie_push_onload.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://googleads.g.doubleclick.net/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://googleads.g.doubleclick.net/ Response headers p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" timing-allow-origin * cross-origin-resource-policy cross-origin vary Accept-Encoding date Wed, 01 Sep 2021 13:41:14 GMT expires Thu, 02 Sep 2021 13:41:14 GMT content-type text/html; charset=UTF-8 etag 48472445140208031 x-content-type-options nosniff content-encoding gzip server cafe content-length 724 x-xss-protection 0 age 17664 cache-control public, max-age=86400 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame CC40	122 KB 37 KB	21ms 19ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=8391341337&adk=244431894&adf=2633765924&pi=t.ma~as.8391341337&w=336&psa=0&format=336x280&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337538&bpp=2&bdt=982&idt=220&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&prev_fmts=300x600&prev_slotnames=7930526934%2C2430570645%2C3296992132&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=5&uci=5.8ogocy1prokm&fsb=1&dtd=225 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT content-encoding gzip content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl server sffe etag "1630322985459792" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 x-content-type-options nosniff accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37796 x-xss-protection 0 expires Wed, 01 Sep 2021 18:35:38 GMT
GET H3-29	200	qs_click_protection_fy2019.js Show response tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/ Frame CC40	14 KB 6 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20210830/r20110914/client/qs_click_protection_fy2019.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=8391341337&adk=244431894&adf=2633765924&pi=t.ma~as.8391341337&w=336&psa=0&format=336x280&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337538&bpp=2&bdt=982&idt=220&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&prev_fmts=300x600&prev_slotnames=7930526934%2C2430570645%2C3296992132&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=5&uci=5.8ogocy1prokm&fsb=1&dtd=225 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 114dabe187311ee2e303549831223ef80d06385cb854e2aa1647ec1e0ca148f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:23:09 GMT content-encoding gzip x-content-type-options nosniff age 749 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6183 x-xss-protection 0 server cafe etag 901432759052127119 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Wed, 15 Sep 2021 18:23:09 GMT
GET H3-29	204	l www.google.com/ads/measurement/ Frame CC40	0 0	15ms 14ms	Image text/html	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaQmY2Pq3XGs_LWbIweLPxpDmD4nlDw5zzonJcZcgd_4cnxs6JVxk-Geugtym1nI3yk0sKsjcyvw99HTEVNcdbCuhClxow Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=8391341337&adk=244431894&adf=2633765924&pi=t.ma~as.8391341337&w=336&psa=0&format=336x280&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337538&bpp=2&bdt=982&idt=220&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&prev_fmts=300x600&prev_slotnames=7930526934%2C2430570645%2C3296992132&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=5&uci=5.8ogocy1prokm&fsb=1&dtd=225 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers
GET H2	200	dpixel cms.quantserve.com/ Frame E4FE	35 B 463 B	418ms 62ms	Image image/gif	91.228.74.134 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEP-TgJtKUY3vOEM0QV-U-mA&google_cver=1&google_push=AYg5qPLxD8fScvR15NPOfCUhPPHoursP9DG55E1120bO4B5cxJB_dqitF6X7tW4MNnZBjG7wyMQXjebvCpgai_cxjyGV8kdKZTKW Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=2430570645&adk=54965667&adf=1240628421&pi=t.ma~as.2430570645&w=336&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337480&bpp=3&bdt=925&idt=190&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&prev_slotnames=7930526934&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=2&uci=2.nbg3nz4hv9tx&fsb=1&dtd=193 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:38 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame E4FE Redirect Chain https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIHEOWHiMhG-ybQ0GjagYPTHteZNp21zRdj5S_... https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVMtSEBnQUFCQy1pQm1yYg&google_push=AYg5qPIHEOWHiMhG-ybQ0GjagYPTHteZNp21zRdj5S_C8kdfbM5yBZWOz9UgRLLsKTSHm8jDgR79-hFCYfeBytPsZwB09zd56Vg	170 B 188 B	61ms 60ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVMtSEBnQUFCQy1pQm1yYg&google_push=AYg5qPIHEOWHiMhG-ybQ0GjagYPTHteZNp21zRdj5S_C8kdfbM5yBZWOz9UgRLLsKTSHm8jDgR79-hFCYfeBytPsZwB09zd56Vg Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:38 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVMtSEBnQUFCQy1pQm1yYg&google_push=AYg5qPIHEOWHiMhG-ybQ0GjagYPTHteZNp21zRdj5S_C8kdfbM5yBZWOz9UgRLLsKTSHm8jDgR79-hFCYfeBytPsZwB09zd56Vg Date Wed, 01 Sep 2021 18:35:38 GMT Server Apache Connection keep-alive Content-Length 390 Content-Type text/html; charset=iso-8859-1
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame E4FE Redirect Chain https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJ2W2aNH4MqCWwz820VPPJPXw69RCTPMq9oB0GvvcixS-GM-4Mc5UI7AWc_ebZ-h_iSjgn4EDCan-_K1Mes0QkxaMrbUFO3&google_gid=CAESENuSO2eXfI8dNPZTDUTLRek&goo... https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPuPv4kGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBKMlcyYU5INE1xQ1d3ejgyMFZQUEpQWHc2OVJDVFBNcTlvQjBHdnZjaXhTLUdNLTRNYzVVSTdBV2NfZWJaLWhfaVNqZ240RURDYW4tX0sxTW... https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMGhjZjZkY2dMVjZlbVdub3VGa2kxUnZSdnVNOVNhdXZrU3dZNU91ZkJzRQ==&google_push	170 B 188 B	64ms 61ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMGhjZjZkY2dMVjZlbVdub3VGa2kxUnZSdnVNOVNhdXZrU3dZNU91ZkJzRQ==&google_push Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:39 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers date Wed, 01 Sep 2021 18:35:39 GMT via 1.1 google p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" location https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwMGhjZjZkY2dMVjZlbVdub3VGa2kxUnZSdnVNOVNhdXZrU3dZNU91ZkJzRQ==&google_push cache-control no-cache, no-store timing-allow-origin * alt-svc clear content-length 0
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame E4FE Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESEFoVFeNiWI56PdVYytMhbCw&google_cver=1&google_push=AYg5qPIG67NogyMS-qe0Ldo6To8_knseCtQHQYsxEy9zhIgq8fR0eeJkCwgd1SJYmxo_A7ccIYGKiBqTeXuh40C-J8Q5pG1yUl8 https://rtb.openx.net/sync/dds?google_gid=CAESEFoVFeNiWI56PdVYytMhbCw&google_cver=1&google_push=AYg5qPIG67NogyMS-qe0Ldo6To8_knseCtQHQYsxEy9zhIgq8fR0eeJkCwgd1SJYmxo_A7ccIYGKiBqTeXuh40C-J8Q5pG1yUl8&o... https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIG67NogyMS-qe0Ldo6To8_knseCtQHQYsxEy9zhIgq8fR0eeJkCwgd1SJYmxo_A7ccIYGKiBqTeXuh40C-J8Q5pG1yUl8&google_hm=6bCYhGluwbQZvfaWDGEhrw==	170 B 188 B	57ms 56ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIG67NogyMS-qe0Ldo6To8_knseCtQHQYsxEy9zhIgq8fR0eeJkCwgd1SJYmxo_A7ccIYGKiBqTeXuh40C-J8Q5pG1yUl8&google_hm=6bCYhGluwbQZvfaWDGEhrw== Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 01 Sep 2021 18:35:40 GMT via 1.1 google server Cowboy access-control-allow-origin null vary Origin p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIG67NogyMS-qe0Ldo6To8_knseCtQHQYsxEy9zhIgq8fR0eeJkCwgd1SJYmxo_A7ccIYGKiBqTeXuh40C-J8Q5pG1yUl8&google_hm=6bCYhGluwbQZvfaWDGEhrw== access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-request-id q18hg0g2qjijfli6srdo6n2hv3psbrn5
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame E4FE Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iQTvWEBuSZ-ujJDG40uj0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 188 B	58ms 57ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iQTvWEBuSZ-ujJDG40uj0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJlhG_82cOoo_LO5CbG6vOMcYMIEApJs6JzPEDhijg8JazUVlxHYTKQMM6ZBv5dNe7rUEvnvYLfJT0DfNSZ4DrQKzt8HFz4 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iQTvWEBuSZ-ujJDG40uj0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJlhG_82cOoo_LO5CbG6vOMcYMIEApJs6JzPEDhijg8JazUVlxHYTKQMM6ZBv5dNe7rUEvnvYLfJT0DfNSZ4DrQKzt8HFz4 date Wed, 01 Sep 2021 18:35:40 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET		pixel cm.g.doubleclick.net/ Frame E4FE Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1&googl... https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo...	0 0
GET H2	200	trk ag.innovid.com/ Frame E4FE	43 B 298 B	75ms 20ms	Image image/gif	2a05:d01c:1d8:8102:3268:e5ec:7f57:13ef AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ag.innovid.com/trk?tid=11711&google_gid=CAESEABDTBf3ljEpVHzch7WRRiU&google_cver=1&google_push=AYg5qPK95JBlek0Q4nM8LFgeg5m_s0c72u_djqSTQMMVpcxh_uHesEE4-r3zeufW15nkiejGi2UsV1-4ZowgtqUgf7SH-yEQAyw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=2430570645&adk=54965667&adf=1240628421&pi=t.ma~as.2430570645&w=336&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337480&bpp=3&bdt=925&idt=190&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&prev_slotnames=7930526934&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=2&uci=2.nbg3nz4hv9tx&fsb=1&dtd=193 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2a05:d01c:1d8:8102:3268:e5ec:7f57:13ef London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:38 GMT cache-control no-cache content-type image/gif content-length 43 request-time 0 expires -1
GET H3-29	204	attr cm.g.doubleclick.net/pixel/ Frame E4FE	0 12 B	67ms 60ms	Image text/html	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JHWa8oqsJ2YT4x6RMXzK9GCdESwhDEGlLOldfv8_3qwDhtmDOqvLB1OkAwKh_roARMLesX Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=2430570645&adk=54965667&adf=1240628421&pi=t.ma~as.2430570645&w=336&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337480&bpp=3&bdt=925&idt=190&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&prev_slotnames=7930526934&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=2&uci=2.nbg3nz4hv9tx&fsb=1&dtd=193 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3-29	200	default.css as.ad4m.at/ad/style/0.1.8/one-ad/ Frame E530	64 KB 8 KB	28ms 21ms	Stylesheet text/css	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1j0tesh5eq5yhskad29ser4znk22230k99kpjtzjcegry68cbp1s0wxpme38x3gf206k6dwznj5hg3n5qtp41krz8v4j1992h63jmvfh949gsjvf4z4znyc68eacsder97k8berja7939d2pcdxwna07zhah0dhxef3xk0xps7dp2w3apx6w3qd7n8q66gmsgmw80728z4ktq33q83h2bm3t9b2fztbkwwpcqt95e1qqbwzpakrs848gjzqkh11z613858tbv7qhhevcc18ddrvqnt2tbzz3yxwqhgge9qmf67xh2bqr099t4xay6dxm9jecah358e9h0ss7n7kgpeejw7pnxpnv29vpbngasmmrg34vypzggyft15h6zkb8aya1s8a0yh89fw6kkqk9657p&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC05s6-ccvYfmaKuS8-wb9nLGACZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QYWppESivUahUKCItYHyM8FMBEiUagLmZ-nKoczYlWT0IzdEOj6YDA1cbyGJI69Gfp7HX7x0PcV1ueVa2an7OXfmmhhdp7OLnEK8zfmDUH5wyvCxY2HKhyJ-S-QBbs-cpjnalFLH5OzS83RFkOTZGytcDPAfpXdu9LZ9IL80Hdn0e0d85bwZzYQ4FdyUR6li6IgRA0wYSjONH3ROQheE3qLjNJj7ZzXAgM7Mzx8YnovejJSXFjIZNzv3UjXOdJgdgC7a4NUeABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Ux-yqD21JAJP2tCNFMeU3vbTKwQ%26client%3Dca-pub-4298256310626779%26adurl%3D Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://as.ad4m.at/ad/dr?ed=1j0tesh5eq5yhskad29ser4znk22230k99kpjtzjcegry68cbp1s0wxpme38x3gf206k6dwznj5hg3n5qtp41krz8v4j1992h63jmvfh949gsjvf4z4znyc68eacsder97k8berja7939d2pcdxwna07zhah0dhxef3xk0xps7dp2w3apx6w3qd7n8q66gmsgmw80728z4ktq33q83h2bm3t9b2fztbkwwpcqt95e1qqbwzpakrs848gjzqkh11z613858tbv7qhhevcc18ddrvqnt2tbzz3yxwqhgge9qmf67xh2bqr099t4xay6dxm9jecah358e9h0ss7n7kgpeejw7pnxpnv29vpbngasmmrg34vypzggyft15h6zkb8aya1s8a0yh89fw6kkqk9657p&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC05s6-ccvYfmaKuS8-wb9nLGACZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QYWppESivUahUKCItYHyM8FMBEiUagLmZ-nKoczYlWT0IzdEOj6YDA1cbyGJI69Gfp7HX7x0PcV1ueVa2an7OXfmmhhdp7OLnEK8zfmDUH5wyvCxY2HKhyJ-S-QBbs-cpjnalFLH5OzS83RFkOTZGytcDPAfpXdu9LZ9IL80Hdn0e0d85bwZzYQ4FdyUR6li6IgRA0wYSjONH3ROQheE3qLjNJj7ZzXAgM7Mzx8YnovejJSXFjIZNzv3UjXOdJgdgC7a4NUeABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Ux-yqD21JAJP2tCNFMeU3vbTKwQ%26client%3Dca-pub-4298256310626779%26adurl%3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} age 9899 cf-polished origSize=65497 surrogate-control no-store strict-transport-security max-age=86400; includeSubDomains; preload content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 x-xss-protection 1; mode=block pragma no-cache referrer-policy same-origin expires 0 last-modified Wed, 01 Sep 2021 15:50:39 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-download-options noopen report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} content-type text/css; charset=utf-8 vary Accept-Encoding cache-control max-age=3600, must-revalidate, proxy-revalidate cf-ray 6880997b7a444e9e-FRA cf-bgj minify
GET H2	200	fxpcopuw.js Show response ad4m.at/ Frame E530	36 KB 12 KB	28ms 20ms	Script application/javascript	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/fxpcopuw.js Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1j0tesh5eq5yhskad29ser4znk22230k99kpjtzjcegry68cbp1s0wxpme38x3gf206k6dwznj5hg3n5qtp41krz8v4j1992h63jmvfh949gsjvf4z4znyc68eacsder97k8berja7939d2pcdxwna07zhah0dhxef3xk0xps7dp2w3apx6w3qd7n8q66gmsgmw80728z4ktq33q83h2bm3t9b2fztbkwwpcqt95e1qqbwzpakrs848gjzqkh11z613858tbv7qhhevcc18ddrvqnt2tbzz3yxwqhgge9qmf67xh2bqr099t4xay6dxm9jecah358e9h0ss7n7kgpeejw7pnxpnv29vpbngasmmrg34vypzggyft15h6zkb8aya1s8a0yh89fw6kkqk9657p&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC05s6-ccvYfmaKuS8-wb9nLGACZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QYWppESivUahUKCItYHyM8FMBEiUagLmZ-nKoczYlWT0IzdEOj6YDA1cbyGJI69Gfp7HX7x0PcV1ueVa2an7OXfmmhhdp7OLnEK8zfmDUH5wyvCxY2HKhyJ-S-QBbs-cpjnalFLH5OzS83RFkOTZGytcDPAfpXdu9LZ9IL80Hdn0e0d85bwZzYQ4FdyUR6li6IgRA0wYSjONH3ROQheE3qLjNJj7ZzXAgM7Mzx8YnovejJSXFjIZNzv3UjXOdJgdgC7a4NUeABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Ux-yqD21JAJP2tCNFMeU3vbTKwQ%26client%3Dca-pub-4298256310626779%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g== date Wed, 01 Sep 2021 18:35:38 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 47825 x-guploader-uploadid ADPycdvgEleYUeFGscVb0lrMQlg3MQt_JmYcEfEogyITI9SAsmXtjV5RyS6taC55N3cKf-H2_q4oBdNNeeBEKTQrCdY x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Tue, 31 Aug 2021 05:18:16 GMT server cloudflare etag W/"ec72e2aaa94729151c48af127b00dce2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LbjHu4j7JCCKZi%2Fvjz%2F4d2h1XUfDzOgLjfETYULikkiZXPWkKFNYH2GtGZXN9jLKCEtK1Frh%2BRSlROBelrbohJYlRHYReAvQXyB%2BzIZ8QOKqb%2B7%2FlBPO2gekXC4VVta7eFNM9tY%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1628590096242097 content-type application/javascript; charset=utf-8 expires Wed, 01 Sep 2021 05:18:33 GMT cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=300 x-goog-stored-content-length 11933 cf-ray 6880997b7cd14eeb-FRA cf-bgj minify
GET H3-29	200	default.css as.ad4m.at/ad/style/0.1.8/one-ad/ Frame EB49	64 KB 8 KB	31ms 29ms	Stylesheet text/css	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1gd4zzcnj8gpqv0xb6wg2ff336skp8gcws3bh0mcvtgq0qta2ppcyb71g7dpgve6vas8xxcnyr103krnf8kcpfdy7dz4wz3yxxegjt5k9bgeqvydratk6wkt0maa2mqjk2krve348qh5j2rxhdjyjhy868nzdy4yxcvavtmwcp1en3avtmm97wr29c8xgzp5dpy0t1f3mx3nj4c0wzrm8k4ezyynnrkcthy3xamtndshf4jrp8b7dqrrsx6evthde15gwny8x3r7sxhxpzwg3x752exvz25a4a8v9b7p72d7q5a48b0z0femym5779v3y8xgbqz5t28c4371x5pyh9c19vd9b20ea88e9nwgt6sdxzbywq2amjh3mpq9x77jyz254d0067aak9a2n4w75gr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjT7Q-ccvYcTcJ4-e-wbe467wCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTGAU_QwGxrHvfElCQXZL7vCXohidUAcO8FLkRORdPLC3cB4iI0k4mcA0NcKnkId7_Y9KCcyr8D6Lno7yocBMQ-4QvrENGGrxtG373w92BNkuPoMFMxtMI4lcVgrH_ZVH-kuCSBHpWq1FqVgIhy7EXP9sMeVOMCxMISIu4xWD6MYixa6FTl0tE45KvDxg8b-OPGURWOTdCMnYKxheMkShI9zhKMD6RDgS_0PwTj-4B_NV3ebX7KamV2Laisnlezoa1GQ5gJ1Rj7HYAGv8uJxrfT-dFboAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Pc90N09CQiBYOXwu65eOA32Z_4w%26client%3Dca-pub-4298256310626779%26adurl%3D Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://as.ad4m.at/ad/dr?ed=1gd4zzcnj8gpqv0xb6wg2ff336skp8gcws3bh0mcvtgq0qta2ppcyb71g7dpgve6vas8xxcnyr103krnf8kcpfdy7dz4wz3yxxegjt5k9bgeqvydratk6wkt0maa2mqjk2krve348qh5j2rxhdjyjhy868nzdy4yxcvavtmwcp1en3avtmm97wr29c8xgzp5dpy0t1f3mx3nj4c0wzrm8k4ezyynnrkcthy3xamtndshf4jrp8b7dqrrsx6evthde15gwny8x3r7sxhxpzwg3x752exvz25a4a8v9b7p72d7q5a48b0z0femym5779v3y8xgbqz5t28c4371x5pyh9c19vd9b20ea88e9nwgt6sdxzbywq2amjh3mpq9x77jyz254d0067aak9a2n4w75gr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjT7Q-ccvYcTcJ4-e-wbe467wCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTGAU_QwGxrHvfElCQXZL7vCXohidUAcO8FLkRORdPLC3cB4iI0k4mcA0NcKnkId7_Y9KCcyr8D6Lno7yocBMQ-4QvrENGGrxtG373w92BNkuPoMFMxtMI4lcVgrH_ZVH-kuCSBHpWq1FqVgIhy7EXP9sMeVOMCxMISIu4xWD6MYixa6FTl0tE45KvDxg8b-OPGURWOTdCMnYKxheMkShI9zhKMD6RDgS_0PwTj-4B_NV3ebX7KamV2Laisnlezoa1GQ5gJ1Rj7HYAGv8uJxrfT-dFboAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Pc90N09CQiBYOXwu65eOA32Z_4w%26client%3Dca-pub-4298256310626779%26adurl%3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} age 9899 cf-polished origSize=65497 surrogate-control no-store strict-transport-security max-age=86400; includeSubDomains; preload content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 x-xss-protection 1; mode=block pragma no-cache referrer-policy same-origin expires 0 last-modified Wed, 01 Sep 2021 15:50:39 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-download-options noopen report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} content-type text/css; charset=utf-8 vary Accept-Encoding cache-control max-age=3600, must-revalidate, proxy-revalidate cf-ray 6880997b7a4a4e9e-FRA cf-bgj minify
GET H2	200	fxpcopuw.js Show response ad4m.at/ Frame EB49	36 KB 13 KB	18ms 17ms	Script application/javascript	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/fxpcopuw.js Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1gd4zzcnj8gpqv0xb6wg2ff336skp8gcws3bh0mcvtgq0qta2ppcyb71g7dpgve6vas8xxcnyr103krnf8kcpfdy7dz4wz3yxxegjt5k9bgeqvydratk6wkt0maa2mqjk2krve348qh5j2rxhdjyjhy868nzdy4yxcvavtmwcp1en3avtmm97wr29c8xgzp5dpy0t1f3mx3nj4c0wzrm8k4ezyynnrkcthy3xamtndshf4jrp8b7dqrrsx6evthde15gwny8x3r7sxhxpzwg3x752exvz25a4a8v9b7p72d7q5a48b0z0femym5779v3y8xgbqz5t28c4371x5pyh9c19vd9b20ea88e9nwgt6sdxzbywq2amjh3mpq9x77jyz254d0067aak9a2n4w75gr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjT7Q-ccvYcTcJ4-e-wbe467wCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTGAU_QwGxrHvfElCQXZL7vCXohidUAcO8FLkRORdPLC3cB4iI0k4mcA0NcKnkId7_Y9KCcyr8D6Lno7yocBMQ-4QvrENGGrxtG373w92BNkuPoMFMxtMI4lcVgrH_ZVH-kuCSBHpWq1FqVgIhy7EXP9sMeVOMCxMISIu4xWD6MYixa6FTl0tE45KvDxg8b-OPGURWOTdCMnYKxheMkShI9zhKMD6RDgS_0PwTj-4B_NV3ebX7KamV2Laisnlezoa1GQ5gJ1Rj7HYAGv8uJxrfT-dFboAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Pc90N09CQiBYOXwu65eOA32Z_4w%26client%3Dca-pub-4298256310626779%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g== date Wed, 01 Sep 2021 18:35:38 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 47825 x-guploader-uploadid ADPycdvgEleYUeFGscVb0lrMQlg3MQt_JmYcEfEogyITI9SAsmXtjV5RyS6taC55N3cKf-H2_q4oBdNNeeBEKTQrCdY x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Tue, 31 Aug 2021 05:18:16 GMT server cloudflare etag W/"ec72e2aaa94729151c48af127b00dce2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWBD8avhjQ%2FFxi2%2B6RvSASCTypQOKBlI2UWrzC18A4NI5TfX8Yphby3VsBNmJzg55Lp1v13Z7pHxM9zzsBBpw6SLf2mcxZdLsP9em3fdEvB4ARU%2BJSGoy4oiQ%2FRC71jwHvbwT44%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1628590096242097 content-type application/javascript; charset=utf-8 expires Wed, 01 Sep 2021 05:18:33 GMT cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=300 x-goog-stored-content-length 11933 cf-ray 6880997b7cd04eeb-FRA cf-bgj minify
GET H3-29	200	default.css as.ad4m.at/ad/style/0.1.8/one-ad/ Frame 2046	64 KB 8 KB	18ms 18ms	Stylesheet text/css	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1hcx3m45w97jv36td4jak0myaqwepy1bb4bd00gsfpb26k90h5mzxdbeb9zzz00eqtawjdrc1qzd13ry00edkttzmy3nfq1554y038p2ps7t881krhrmv0j69agakdwctpbw6999se8xtvfe2zr6gz5e5f1dyt14hcygmkcpysdbmg3rjthssvjdmedag146hht6145dwwj96kqjyqr6rjx3avwacr19f1e0y0m7kar6hmp7x95pnxs2bp74gm6y265zay9kznj7ssbd9p4zf7kndeb6rqj3gf820qdmzd0wpdv4rymz3sgw6b0xk4xfks1283vvtf3fsw2c8w1dhz00bxw4esdgs1vcakxza131qs0y4erz88c8vk023mp95m98xjd4mh3ja423mabgznnt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWzHD-ccvYb7WKqKKzAbo-aGIBpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTHAU_Q6ajeNgcQ4xxNEnjkxEEUQMPEODu569xiZYbbGFsg5iUjDo1yDiHnOOMsfjsk2ZMKENoiTfkMhMiUMyMjxeWCU3uMsZzLP_dk18HHxF619a2g5HkIg-K_Do6gOKEINoqFDT5FoF0bLEpyddTOnDyW-bAzcfnrWe58vjHpXGhI5bl2K5K_HAzx6ZSvSrDunBNrWlEazUtV2mhKtuMcjEsUMDE5oxbHlfG38YHf14eNr_WZnrpmxwcgt-armFTnFxLoczOZFYmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wD4rfS2VwQbPVIP_BPm7L2-vtJg%26client%3Dca-pub-4298256310626779%26adurl%3D Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://as.ad4m.at/ad/dr?ed=1hcx3m45w97jv36td4jak0myaqwepy1bb4bd00gsfpb26k90h5mzxdbeb9zzz00eqtawjdrc1qzd13ry00edkttzmy3nfq1554y038p2ps7t881krhrmv0j69agakdwctpbw6999se8xtvfe2zr6gz5e5f1dyt14hcygmkcpysdbmg3rjthssvjdmedag146hht6145dwwj96kqjyqr6rjx3avwacr19f1e0y0m7kar6hmp7x95pnxs2bp74gm6y265zay9kznj7ssbd9p4zf7kndeb6rqj3gf820qdmzd0wpdv4rymz3sgw6b0xk4xfks1283vvtf3fsw2c8w1dhz00bxw4esdgs1vcakxza131qs0y4erz88c8vk023mp95m98xjd4mh3ja423mabgznnt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWzHD-ccvYb7WKqKKzAbo-aGIBpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTHAU_Q6ajeNgcQ4xxNEnjkxEEUQMPEODu569xiZYbbGFsg5iUjDo1yDiHnOOMsfjsk2ZMKENoiTfkMhMiUMyMjxeWCU3uMsZzLP_dk18HHxF619a2g5HkIg-K_Do6gOKEINoqFDT5FoF0bLEpyddTOnDyW-bAzcfnrWe58vjHpXGhI5bl2K5K_HAzx6ZSvSrDunBNrWlEazUtV2mhKtuMcjEsUMDE5oxbHlfG38YHf14eNr_WZnrpmxwcgt-armFTnFxLoczOZFYmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wD4rfS2VwQbPVIP_BPm7L2-vtJg%26client%3Dca-pub-4298256310626779%26adurl%3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} age 9899 cf-polished origSize=65497 surrogate-control no-store strict-transport-security max-age=86400; includeSubDomains; preload content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 x-xss-protection 1; mode=block pragma no-cache referrer-policy same-origin expires 0 last-modified Wed, 01 Sep 2021 15:50:39 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-download-options noopen report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} content-type text/css; charset=utf-8 vary Accept-Encoding cache-control max-age=3600, must-revalidate, proxy-revalidate cf-ray 6880997b7a594e9e-FRA cf-bgj minify
GET H2	200	fxpcopuw.js Show response ad4m.at/ Frame 2046	36 KB 12 KB	26ms 25ms	Script application/javascript	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/fxpcopuw.js Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1hcx3m45w97jv36td4jak0myaqwepy1bb4bd00gsfpb26k90h5mzxdbeb9zzz00eqtawjdrc1qzd13ry00edkttzmy3nfq1554y038p2ps7t881krhrmv0j69agakdwctpbw6999se8xtvfe2zr6gz5e5f1dyt14hcygmkcpysdbmg3rjthssvjdmedag146hht6145dwwj96kqjyqr6rjx3avwacr19f1e0y0m7kar6hmp7x95pnxs2bp74gm6y265zay9kznj7ssbd9p4zf7kndeb6rqj3gf820qdmzd0wpdv4rymz3sgw6b0xk4xfks1283vvtf3fsw2c8w1dhz00bxw4esdgs1vcakxza131qs0y4erz88c8vk023mp95m98xjd4mh3ja423mabgznnt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWzHD-ccvYb7WKqKKzAbo-aGIBpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTHAU_Q6ajeNgcQ4xxNEnjkxEEUQMPEODu569xiZYbbGFsg5iUjDo1yDiHnOOMsfjsk2ZMKENoiTfkMhMiUMyMjxeWCU3uMsZzLP_dk18HHxF619a2g5HkIg-K_Do6gOKEINoqFDT5FoF0bLEpyddTOnDyW-bAzcfnrWe58vjHpXGhI5bl2K5K_HAzx6ZSvSrDunBNrWlEazUtV2mhKtuMcjEsUMDE5oxbHlfG38YHf14eNr_WZnrpmxwcgt-armFTnFxLoczOZFYmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wD4rfS2VwQbPVIP_BPm7L2-vtJg%26client%3Dca-pub-4298256310626779%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g== date Wed, 01 Sep 2021 18:35:38 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 47825 x-guploader-uploadid ADPycdvgEleYUeFGscVb0lrMQlg3MQt_JmYcEfEogyITI9SAsmXtjV5RyS6taC55N3cKf-H2_q4oBdNNeeBEKTQrCdY x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Tue, 31 Aug 2021 05:18:16 GMT server cloudflare etag W/"ec72e2aaa94729151c48af127b00dce2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mc21Ppp4OowNGUbUMwk5xTkBwJYGQCyPY1Vsv2yofxEFVrkGOlltQK%2FOcslI0IpgbHnS%2BS1W7ntYte05s1Ur84aoHvR2HfTQwIFryA7cjqdTxsolDkbc9RvuWdP4qCehuKHEBCs%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1628590096242097 content-type application/javascript; charset=utf-8 expires Wed, 01 Sep 2021 05:18:33 GMT cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=300 x-goog-stored-content-length 11933 cf-ray 6880997b7cdc4eeb-FRA cf-bgj minify
GET H3-29	200	default.css as.ad4m.at/ad/style/0.1.8/one-ad/ Frame AC03	64 KB 8 KB	19ms 19ms	Stylesheet text/css	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1jqb3fa5159e5ec8gassgm9r0cafk5p1kpxcpg70mnbxbmp0qw6y03gqe93s87e70ygbpm1k0qvfq3qytsv5ckj501bkge668kqp9tmhn32n2esghjcymretcdsk4xj7qwtyeq8xs7m15j7rgfcnwyq5963ahwme9tqpt333sdvdvfgaj23k7d8taneyy6g7b45v6nxkt7vbzsfc2na22tvbt8fadpjzk6dv3trt9pzaktq5ws9npptjmkbrxrycmsz2as80f4vxcwbywvg01wq4yxbc7nweecg5ypm90mzh9w0p5hmjfctfreesyexrfbgh2cgmc0shqrhssq5xfjrf6jkkj2cz08z7nk6v32nkt00stbxzxvvzk7db39swef3pdrky9saq2cae6egrcszr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8E4B-ccvYdGVLZeD2fcPzJiGqAqQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTQyOTgyNTYzMTA2MjY3NzmgAcKu6N0DyAEJqQIDm66sB-KzPqgDAaoExwFP0HgpSvN-IjSLKDZJNTCkzkjmQRWzLinxv3tvH63ySBPHmW-9TpVgRbbDrLjKlOQi9NDF_TzX-DUxp_wa37PScU6V7g2gzvmbXQ2zAqXFrWo-Ew3CGAvSmahrKhSYLu_MfsYIObkRNQ92nCc0t77YBu7kC2xdWESdx9J1hWHkk0TDKDvoZRbFFAKI_wX4GkpcfXuD9-KNH34LekjFXvSL-ZTfe6lAxlrRXoQYBdgJdvGisHn9KEYdX96rERsHW-0kBooCvre1gAbjzKenhfGNsEqgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07AXkgqBIBOZwanxB-EgYrzsBSTQ%26client%3Dca-pub-4298256310626779%26adurl%3D Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://as.ad4m.at/ad/dr?ed=1jqb3fa5159e5ec8gassgm9r0cafk5p1kpxcpg70mnbxbmp0qw6y03gqe93s87e70ygbpm1k0qvfq3qytsv5ckj501bkge668kqp9tmhn32n2esghjcymretcdsk4xj7qwtyeq8xs7m15j7rgfcnwyq5963ahwme9tqpt333sdvdvfgaj23k7d8taneyy6g7b45v6nxkt7vbzsfc2na22tvbt8fadpjzk6dv3trt9pzaktq5ws9npptjmkbrxrycmsz2as80f4vxcwbywvg01wq4yxbc7nweecg5ypm90mzh9w0p5hmjfctfreesyexrfbgh2cgmc0shqrhssq5xfjrf6jkkj2cz08z7nk6v32nkt00stbxzxvvzk7db39swef3pdrky9saq2cae6egrcszr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8E4B-ccvYdGVLZeD2fcPzJiGqAqQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTQyOTgyNTYzMTA2MjY3NzmgAcKu6N0DyAEJqQIDm66sB-KzPqgDAaoExwFP0HgpSvN-IjSLKDZJNTCkzkjmQRWzLinxv3tvH63ySBPHmW-9TpVgRbbDrLjKlOQi9NDF_TzX-DUxp_wa37PScU6V7g2gzvmbXQ2zAqXFrWo-Ew3CGAvSmahrKhSYLu_MfsYIObkRNQ92nCc0t77YBu7kC2xdWESdx9J1hWHkk0TDKDvoZRbFFAKI_wX4GkpcfXuD9-KNH34LekjFXvSL-ZTfe6lAxlrRXoQYBdgJdvGisHn9KEYdX96rERsHW-0kBooCvre1gAbjzKenhfGNsEqgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07AXkgqBIBOZwanxB-EgYrzsBSTQ%26client%3Dca-pub-4298256310626779%26adurl%3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} age 9899 cf-polished origSize=65497 surrogate-control no-store strict-transport-security max-age=86400; includeSubDomains; preload content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 x-xss-protection 1; mode=block pragma no-cache referrer-policy same-origin expires 0 last-modified Wed, 01 Sep 2021 15:50:39 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-download-options noopen report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} content-type text/css; charset=utf-8 vary Accept-Encoding cache-control max-age=3600, must-revalidate, proxy-revalidate cf-ray 6880997b7a5c4e9e-FRA cf-bgj minify
GET H2	200	fxpcopuw.js Show response ad4m.at/ Frame AC03	36 KB 12 KB	21ms 21ms	Script application/javascript	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/fxpcopuw.js Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1jqb3fa5159e5ec8gassgm9r0cafk5p1kpxcpg70mnbxbmp0qw6y03gqe93s87e70ygbpm1k0qvfq3qytsv5ckj501bkge668kqp9tmhn32n2esghjcymretcdsk4xj7qwtyeq8xs7m15j7rgfcnwyq5963ahwme9tqpt333sdvdvfgaj23k7d8taneyy6g7b45v6nxkt7vbzsfc2na22tvbt8fadpjzk6dv3trt9pzaktq5ws9npptjmkbrxrycmsz2as80f4vxcwbywvg01wq4yxbc7nweecg5ypm90mzh9w0p5hmjfctfreesyexrfbgh2cgmc0shqrhssq5xfjrf6jkkj2cz08z7nk6v32nkt00stbxzxvvzk7db39swef3pdrky9saq2cae6egrcszr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8E4B-ccvYdGVLZeD2fcPzJiGqAqQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTQyOTgyNTYzMTA2MjY3NzmgAcKu6N0DyAEJqQIDm66sB-KzPqgDAaoExwFP0HgpSvN-IjSLKDZJNTCkzkjmQRWzLinxv3tvH63ySBPHmW-9TpVgRbbDrLjKlOQi9NDF_TzX-DUxp_wa37PScU6V7g2gzvmbXQ2zAqXFrWo-Ew3CGAvSmahrKhSYLu_MfsYIObkRNQ92nCc0t77YBu7kC2xdWESdx9J1hWHkk0TDKDvoZRbFFAKI_wX4GkpcfXuD9-KNH34LekjFXvSL-ZTfe6lAxlrRXoQYBdgJdvGisHn9KEYdX96rERsHW-0kBooCvre1gAbjzKenhfGNsEqgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07AXkgqBIBOZwanxB-EgYrzsBSTQ%26client%3Dca-pub-4298256310626779%26adurl%3D Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g== date Wed, 01 Sep 2021 18:35:38 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 47825 x-guploader-uploadid ADPycdvgEleYUeFGscVb0lrMQlg3MQt_JmYcEfEogyITI9SAsmXtjV5RyS6taC55N3cKf-H2_q4oBdNNeeBEKTQrCdY x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Tue, 31 Aug 2021 05:18:16 GMT server cloudflare etag W/"ec72e2aaa94729151c48af127b00dce2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tVEb1bC8deeYFgLQwTGiwigS2gYxdESv5e9qWKMmPCrKNcuBOogQOhiu%2FkpEGwofsqxnBWJ%2FMp5e7KTLaCm4CjzzdaO8vyImqNTZQxA3T450UGazSMZC1zP0%2FJg4NaMI4cD6bUU%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1628590096242097 content-type application/javascript; charset=utf-8 expires Wed, 01 Sep 2021 05:18:33 GMT cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=300 x-goog-stored-content-length 11933 cf-ray 6880997b7ce24eeb-FRA cf-bgj minify
GET H/1.1	200 OK	moment~timeline.6955291becca2212c21a83a5b7ccff16.js Show response platform.twitter.com/js/ Frame F1E2	25 KB 8 KB	9ms 7ms	Script application/javascript	2606:2800:234:59:254c:406:2366:268c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/js/moment~timeline.6955291becca2212c21a83a5b7ccff16.js Requested by Host: platform.twitter.com URL: http://platform.twitter.com/widgets.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/674C) / Resource Hash 0da8b681b5b73ff645ff5d1312a7a6e7db5f568d6ee68ad10ce77b142d5b7735 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:38 GMT Content-Encoding gzip Last-Modified Mon, 02 Aug 2021 20:33:40 GMT Server ECS (frb/674C) Age 4351 Etag "6a28849a29acd0e1df291c75b82e9101+gzip" Vary Accept-Encoding x-tw-cdn VZ P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin * Cache-Control public, max-age=315360000 X-Cache HIT Access-Control-Allow-Methods GET Content-Type application/javascript; charset=utf-8 Content-Length 8015
GET H/1.1	200 OK	timeline.f0018d9150722c67abdd0e6bbab13587.js Show response platform.twitter.com/js/ Frame F1E2	20 KB 7 KB	22ms 6ms	Script application/javascript	2606:2800:234:59:254c:406:2366:268c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/js/timeline.f0018d9150722c67abdd0e6bbab13587.js Requested by Host: platform.twitter.com URL: http://platform.twitter.com/widgets.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6712) / Resource Hash 964794272aa168ce3feac3a84460c1beb01606da0e303689b8aee75fb354117d Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:38 GMT Content-Encoding gzip Last-Modified Mon, 02 Aug 2021 20:33:40 GMT Server ECS (frb/6712) Age 4351 Etag "b6a9074027bd2a446a397ba65736afc5+gzip" Vary Accept-Encoding x-tw-cdn VZ P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin * Cache-Control public, max-age=315360000 X-Cache HIT Access-Control-Allow-Methods GET Content-Type application/javascript; charset=utf-8 Content-Length 6444
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 5F56 Redirect Chain https://d.agkn.com/pixel/2175/?google_gid=CAESEJkCImE9p54KDXzh8yp2g2A&google_cver=1&google_push=AYg5qPKwyhgjvJ6i10AuvViaH3xyQL9EOH5sDVl_T8tKp-4d7Z75tT330iI4C08UThQdkeWSNwf_5WNsjRlnXlie23xdxrE7B8gwm... https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKwyhgjvJ6i10AuvViaH3xyQL9EOH5sDVl_T8tKp-4d7Z75tT330iI4C08UThQdkeWSNwf_5WNsjRlnXlie23xdxrE7B8gwmFhTthSwVyd1dW8OSWd8HGw-2aLDo8tF...	170 B 188 B	56ms 55ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKwyhgjvJ6i10AuvViaH3xyQL9EOH5sDVl_T8tKp-4d7Z75tT330iI4C08UThQdkeWSNwf_5WNsjRlnXlie23xdxrE7B8gwmFhTthSwVyd1dW8OSWd8HGw-2aLDo8tFRc-f73CCMk4&google_hm=Q0FFU0VKa0NJbUU5cDU0S0RYemg4eXAyZzJB Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:38 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Wed, 01 Sep 2021 18:35:37 GMT Server Apache-Coyote/1.1 P3P CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKwyhgjvJ6i10AuvViaH3xyQL9EOH5sDVl_T8tKp-4d7Z75tT330iI4C08UThQdkeWSNwf_5WNsjRlnXlie23xdxrE7B8gwmFhTthSwVyd1dW8OSWd8HGw-2aLDo8tFRc-f73CCMk4&google_hm=Q0FFU0VKa0NJbUU5cDU0S0RYemg4eXAyZzJB Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	sync odr.mookie1.com/t/v2/ Frame 5F56	43 B 324 B	907ms 53ms	Image image/gif	34.98.67.61 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEHNhraY9Fl8lS6buZWWEErg&google_push=AYg5qPIlOmx2bMsvRF_4wt6cd7qBXfnwrNunz-jJ2D6IADfNTeEsG-Ugxfa0UMxgxlgmqzePBx-aIXs2vdqvj6w1TVFiLQuV9skAKdwU9CJ6z70imdY_Yw2ufR-bs2J-KHhTVooVumQB4Q&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=600&slotname=4379944131&adk=2343737103&adf=2126892501&pi=t.ma~as.4379944131&w=300&psa=0&format=300x600&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337535&bpp=3&bdt=979&idt=182&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&prev_slotnames=7930526934%2C2430570645%2C3296992132&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=4&uci=4.zg2fhhonf77s&fsb=1&dtd=185 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 61.67.98.34.bc.googleusercontent.com Software Apache / Resource Hash a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:39 GMT via 1.1 google server Apache p3p CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml" cache-control no-cache, no-store, must-revalidate content-type image/gif;charset=UTF-8 alt-svc clear content-length 43 x-application-context application expires Thu, 01 Jan 1970 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 5F56 Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESEFoVFeNiWI56PdVYytMhbCw&google_cver=1&google_push=AYg5qPIATLhAVzRGqoX5dxk06IvoyeslCu45SVWl2sOAbIj5JdeCfbu4h2TQ5MrDOPh327BUoqh8xgnqLQc3p-70i6Sy0Cv4WKKD4... https://rtb.openx.net/sync/dds?google_gid=CAESEFoVFeNiWI56PdVYytMhbCw&google_cver=1&google_push=AYg5qPIATLhAVzRGqoX5dxk06IvoyeslCu45SVWl2sOAbIj5JdeCfbu4h2TQ5MrDOPh327BUoqh8xgnqLQc3p-70i6Sy0Cv4WKKD4... https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIATLhAVzRGqoX5dxk06IvoyeslCu45SVWl2sOAbIj5JdeCfbu4h2TQ5MrDOPh327BUoqh8xgnqLQc3p-70i6Sy0Cv4WKKD4K0XJDcsUQjUEmpMhzLJYNkk8GtvBW9xBn...	170 B 188 B	56ms 56ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIATLhAVzRGqoX5dxk06IvoyeslCu45SVWl2sOAbIj5JdeCfbu4h2TQ5MrDOPh327BUoqh8xgnqLQc3p-70i6Sy0Cv4WKKD4K0XJDcsUQjUEmpMhzLJYNkk8GtvBW9xBnzYQXD6Zig&google_hm=6bCYhGluwbQZvfaWDGEhrw== Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 01 Sep 2021 18:35:41 GMT via 1.1 google server Cowboy access-control-allow-origin null vary Origin p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPIATLhAVzRGqoX5dxk06IvoyeslCu45SVWl2sOAbIj5JdeCfbu4h2TQ5MrDOPh327BUoqh8xgnqLQc3p-70i6Sy0Cv4WKKD4K0XJDcsUQjUEmpMhzLJYNkk8GtvBW9xBnzYQXD6Zig&google_hm=6bCYhGluwbQZvfaWDGEhrw== access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-request-id tvnsiqp7ra4936ght4tl9mglvg26ro3a
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 5F56 Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iQTvWEBuSZ-ujJDG40uj0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 188 B	57ms 56ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iQTvWEBuSZ-ujJDG40uj0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIxIzHBst7ctkx31VYmv3ysmMZ4l_0iLMYPwkaGRtYeEw8cIHE2aiFt_zoKid0etgYDxL5oilSA6uPGMOAIL3CEAwrI_Ycnz6Xcenu_0d56dVAw24FgzZTORsQpCduWVVHLmpr8T-E Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iQTvWEBuSZ-ujJDG40uj0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIxIzHBst7ctkx31VYmv3ysmMZ4l_0iLMYPwkaGRtYeEw8cIHE2aiFt_zoKid0etgYDxL5oilSA6uPGMOAIL3CEAwrI_Ycnz6Xcenu_0d56dVAw24FgzZTORsQpCduWVVHLmpr8T-E date Wed, 01 Sep 2021 18:35:41 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame 5F56 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA1bvzohjwU5PHGfZdw8qsU&google_cver=1&google_push=AYg5qPL9MiDajPm-FKc8oEkdqr9S5ClT5wj08lIVY-u0P_URfMu6hkrMrSRbAsBmMft9Tajt9na... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxVUIwTFAtMTgtSTk3Rw==&google_push=AYg5qPL9MiDajPm-FKc8oEkdqr9S5ClT5wj08lIVY-u0P_URfMu6hkrMrSRbAsBmMft9Tajt9nakh-JwIvq0oFB3_MoRjU-rzx5-W...	170 B 188 B	103ms 54ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxVUIwTFAtMTgtSTk3Rw==&google_push=AYg5qPL9MiDajPm-FKc8oEkdqr9S5ClT5wj08lIVY-u0P_URfMu6hkrMrSRbAsBmMft9Tajt9nakh-JwIvq0oFB3_MoRjU-rzx5-WsHMyp-88SAw2rsw54N0SqXWhnjZO3MzLvnZ2FtHCQk Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:38 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxVUIwTFAtMTgtSTk3Rw==&google_push=AYg5qPL9MiDajPm-FKc8oEkdqr9S5ClT5wj08lIVY-u0P_URfMu6hkrMrSRbAsBmMft9Tajt9nakh-JwIvq0oFB3_MoRjU-rzx5-WsHMyp-88SAw2rsw54N0SqXWhnjZO3MzLvnZ2FtHCQk Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost 6f9fd0201ed801884e5299d5aabca094 Expires 0
GET		pixel cm.g.doubleclick.net/ Frame 5F56 Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1&googl... https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7...	0 0
GET H2	200	dot.gif googlecm.hit.gemius.pl/ Frame 5F56 Redirect Chain https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEICCUNpmjHew4PnXWIwvrIk&google_cver=1&google_push=AYg5qPIRZjqVoEjGJfoOXsLH... https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIRZjqVoEjGJfoOXsLHCu_YqWcjX5dwlhHFQSZyqZXtchgm5RyDmZvjlkaV5i1IO-3HRYKXB6jUz4mUo4Y3omu97qUlMOb0cLO8-j0h3HtKI-ON4VnW0C&googl... https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5	43 B 189 B	51ms 50ms	Image image/gif	217.182.200.19 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 217.182.200.19 , France, ASN16276 (OVH, FR), Reverse DNS gcm5.host.hit.gemius.pl Software GHC / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:39 GMT server GHC p3p CP="NOI DSP COR NID PSAo OUR IND" cache-control no-store, no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin accept-ranges none content-type image/gif content-length 43 expires Tue, 31 Aug 2021 18:35:39 GMT Redirect headers pragma no-cache date Wed, 01 Sep 2021 18:35:39 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 304 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	204	attr cm.g.doubleclick.net/pixel/ Frame 5F56	0 12 B	59ms 52ms	Image text/html	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L_KuwfvG_3CtfvFG1ln-zgIk2-b3Be5ObTyMNW0XpXZp98s4-yyTiIQdiPyVfT1yEYV492Fw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=600&slotname=4379944131&adk=2343737103&adf=2126892501&pi=t.ma~as.4379944131&w=300&psa=0&format=300x600&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337535&bpp=3&bdt=979&idt=182&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&prev_slotnames=7930526934%2C2430570645%2C3296992132&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=4&uci=4.zg2fhhonf77s&fsb=1&dtd=185 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	dpixel cms.quantserve.com/ Frame FAA9	35 B 463 B	375ms 63ms	Image image/gif	91.228.74.134 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEP-TgJtKUY3vOEM0QV-U-mA&google_cver=1&google_push=AYg5qPIj8x-XEsak_WnNi7hMUwcJB-wPFU6j5wWZ7dzqD3sFSm3PsLsmF-mP2WoR5BlLeh6GmxiTlc_-h5-eBDvVGki2Cn6mdH0cDlKdYLBW08BkXDwtH5y7tevlO5leQpaTs0TIlHl_jFg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=3296992132&adk=339086087&adf=3862441920&pi=t.ma~as.3296992132&w=336&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337489&bpp=4&bdt=933&idt=190&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&prev_slotnames=7930526934%2C2430570645&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=3&uci=3.t45v6dcto2ds&fsb=1&dtd=194 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:38 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame FAA9 Redirect Chain https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLGMH_F... https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLGMH_F... https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA5MDExODM1NDAwMDA0MDQ2MzMwMTM4NQ%3D%3D&google_push=AYg5qPLGMH_FlFSBb6ya81ucdmZrs4c7uJe7AOUkqALwNz9NOYpiskAoCNMXEe_x2L-eet...	170 B 188 B	55ms 55ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA5MDExODM1NDAwMDA0MDQ2MzMwMTM4NQ%3D%3D&google_push=AYg5qPLGMH_FlFSBb6ya81ucdmZrs4c7uJe7AOUkqALwNz9NOYpiskAoCNMXEe_x2L-eetmTgKz2YqyJAXTQ1Ql-rrbRkHY9-IDCCwSz5yG1SVvQeJiYa8GXpHWTu9kYcljdCwXi_K3OP9g Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:40 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA5MDExODM1NDAwMDA0MDQ2MzMwMTM4NQ%3D%3D&google_push=AYg5qPLGMH_FlFSBb6ya81ucdmZrs4c7uJe7AOUkqALwNz9NOYpiskAoCNMXEe_x2L-eetmTgKz2YqyJAXTQ1Ql-rrbRkHY9-IDCCwSz5yG1SVvQeJiYa8GXpHWTu9kYcljdCwXi_K3OP9g pragma no-cache date Wed, 01 Sep 2021 18:35:40 GMT cache-control max-age=0, no-cache, no-store content-length 0 strict-transport-security max-age=2628000 expires Wed, 01 Sep 2021 18:35:40 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame FAA9 Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESEFoVFeNiWI56PdVYytMhbCw&google_cver=1&google_push=AYg5qPJYJMfaTrSJHssCaQER78hNKOQyRGgc_VHQxFi6KUKXr96eH3wBNihdtUt1RSYhZfk0NBU2vpMUURtkdRU_jsDGfEORri6QM... https://rtb.openx.net/sync/dds?google_gid=CAESEFoVFeNiWI56PdVYytMhbCw&google_cver=1&google_push=AYg5qPJYJMfaTrSJHssCaQER78hNKOQyRGgc_VHQxFi6KUKXr96eH3wBNihdtUt1RSYhZfk0NBU2vpMUURtkdRU_jsDGfEORri6QM... https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJYJMfaTrSJHssCaQER78hNKOQyRGgc_VHQxFi6KUKXr96eH3wBNihdtUt1RSYhZfk0NBU2vpMUURtkdRU_jsDGfEORri6QMi_rIoB_ks814oBKhfC0bDkaEwT1n-olny...	170 B 188 B	57ms 57ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJYJMfaTrSJHssCaQER78hNKOQyRGgc_VHQxFi6KUKXr96eH3wBNihdtUt1RSYhZfk0NBU2vpMUURtkdRU_jsDGfEORri6QMi_rIoB_ks814oBKhfC0bDkaEwT1n-olnyxUCQN6qpE&google_hm=6bCYhGluwbQZvfaWDGEhrw== Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 01 Sep 2021 18:35:41 GMT via 1.1 google server Cowboy access-control-allow-origin null vary Origin p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJYJMfaTrSJHssCaQER78hNKOQyRGgc_VHQxFi6KUKXr96eH3wBNihdtUt1RSYhZfk0NBU2vpMUURtkdRU_jsDGfEORri6QMi_rIoB_ks814oBKhfC0bDkaEwT1n-olnyxUCQN6qpE&google_hm=6bCYhGluwbQZvfaWDGEhrw== access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-request-id g6kvd06n7597qkt9fjrbuhslepo5hnjg
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame FAA9 Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iQTvWEBuSZ-ujJDG40uj0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 188 B	57ms 55ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iQTvWEBuSZ-ujJDG40uj0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKUnHDAIgaNQb2TT38RloJdkxnqcN_u018qXuDZXQdAivD6e-lJpTr-cTJdei3bAUnkGXxg1eu6lCa_MOS1G0vuQkeodORewRONqHjhnu0GcqtdUV6nku0ra1bnviRUxJdTTLseUDE Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iQTvWEBuSZ-ujJDG40uj0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKUnHDAIgaNQb2TT38RloJdkxnqcN_u018qXuDZXQdAivD6e-lJpTr-cTJdei3bAUnkGXxg1eu6lCa_MOS1G0vuQkeodORewRONqHjhnu0GcqtdUV6nku0ra1bnviRUxJdTTLseUDE date Wed, 01 Sep 2021 18:35:41 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame FAA9 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA1bvzohjwU5PHGfZdw8qsU&google_cver=1&google_push=AYg5qPIT8BTDr_nGNKPItterZrKiaCaSMWTteid3yYpvyDNT8CYcgwbfg0RTQ1kvdXGZLxW3f69... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxVUIwTlotUy1EVkIz&google_push=AYg5qPIT8BTDr_nGNKPItterZrKiaCaSMWTteid3yYpvyDNT8CYcgwbfg0RTQ1kvdXGZLxW3f6920Xfk_MW1VQ80mFry94hRqxfjNiO-u...	170 B 188 B	57ms 54ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxVUIwTlotUy1EVkIz&google_push=AYg5qPIT8BTDr_nGNKPItterZrKiaCaSMWTteid3yYpvyDNT8CYcgwbfg0RTQ1kvdXGZLxW3f6920Xfk_MW1VQ80mFry94hRqxfjNiO-uiu6sAiS-zupxroUj4ONFTo493gnQdvYUppf9zI Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:38 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxVUIwTlotUy1EVkIz&google_push=AYg5qPIT8BTDr_nGNKPItterZrKiaCaSMWTteid3yYpvyDNT8CYcgwbfg0RTQ1kvdXGZLxW3f6920Xfk_MW1VQ80mFry94hRqxfjNiO-uiu6sAiS-zupxroUj4ONFTo493gnQdvYUppf9zI Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost 6f9fd0201ed801884e5299d5aabca094 Expires 0
GET		pixel cm.g.doubleclick.net/ Frame FAA9 Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1&googl... https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thX... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thX... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thX... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thX... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thX... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thX... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thX... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thX... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thX... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thX... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thX... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thX... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thX... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thX... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thX... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thX... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thX... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thX... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thX...	0 0
GET H2	200	dot.gif googlecm.hit.gemius.pl/ Frame FAA9 Redirect Chain https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEICCUNpmjHew4PnXWIwvrIk&google_cver=1&google_push=AYg5qPIRbgnoe2FnFrFLASir... https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPIRbgnoe2FnFrFLASirwJ5k6dPGc5UOKF3F7oGjNvoqAZ3Kh7SXi_zhM-SN5WtSVNG2HHz2eLapUBgEizkIWRY2Z72Lcj6B7YnSAtoDTKNx4Bhq2t9VFS&googl... https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5	43 B 181 B	98ms 97ms	Image image/gif	217.182.200.19 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 217.182.200.19 , France, ASN16276 (OVH, FR), Reverse DNS gcm5.host.hit.gemius.pl Software GHC / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:39 GMT server GHC p3p CP="NOI DSP COR NID PSAo OUR IND" cache-control no-store, no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin accept-ranges none content-type image/gif content-length 43 expires Tue, 31 Aug 2021 18:35:39 GMT Redirect headers pragma no-cache date Wed, 01 Sep 2021 18:35:39 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://googlecm.hit.gemius.pl/dot.gif?id=pyM1l.MgAY658jQJ4ykHpoYhP_hR_2_qZ3eEDY6uHMX.C7&google_error=5 cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 304 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	204	attr cm.g.doubleclick.net/pixel/ Frame FAA9	0 12 B	56ms 52ms	Image text/html	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KtzdhBOS5Nfkq3cn1Dae5WxRifQLFmc7Ska9JbzAwT0TnrcRa4yUxlzx4hJtJZJJmpZl1b2g Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=3296992132&adk=339086087&adf=3862441920&pi=t.ma~as.3296992132&w=336&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337489&bpp=4&bdt=933&idt=190&shv=r20210830&mjsv=m202108310101&ptt=5&saldr=sa&prev_slotnames=7930526934%2C2430570645&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=3&uci=3.t45v6dcto2ds&fsb=1&dtd=194 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3-29	200	frame.html Show response ad4m.at/ Frame 7701	2 KB 2 KB	36ms 35ms	Document text/html	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/frame.html Requested by Host: ad4m.at URL: https://ad4m.at/fxpcopuw.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4 Request headers :method GET :authority ad4m.at :scheme https :path /frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT content-type text/html x-guploader-uploadid ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ expires Wed, 01 Sep 2021 19:35:38 GMT last-modified Wed, 06 May 2020 15:09:30 GMT x-goog-generation 1588777770164783 x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-stored-content-length 1681 content-language en x-goog-hash crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g== x-goog-storage-class MULTI_REGIONAL age 1818318 cache-control public, max-age=3600 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status HIT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ri3SkjShqVlDhINfhR77iVlBrLa5pL57k4W3y1Cj6qphM3KEL61OnyZL5fepRuw1SAGpOoOvDxjE8sGZ06xd98DjFeSKEF1sybUE7RJmcy%2F3I8s690WDcMl7GXfSFLI5ch4f7Rg%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding server cloudflare cf-ray 6880997c2c284e9e-FRA content-encoding br
GET H3-29	200	frame.html Show response ad4m.at/ Frame E9B5	2 KB 2 KB	17ms 16ms	Document text/html	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/frame.html Requested by Host: ad4m.at URL: https://ad4m.at/fxpcopuw.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4 Request headers :method GET :authority ad4m.at :scheme https :path /frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT content-type text/html x-guploader-uploadid ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ expires Wed, 01 Sep 2021 19:35:38 GMT last-modified Wed, 06 May 2020 15:09:30 GMT x-goog-generation 1588777770164783 x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-stored-content-length 1681 content-language en x-goog-hash crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g== x-goog-storage-class MULTI_REGIONAL age 1818318 cache-control public, max-age=3600 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status HIT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zUpGDKu14g1JXfZebYrkCGzxAeiP7GNF5t0URgxG6IV4BIxOCTYeIPwSA%2BNKbNsQTN5pBu5x2tjmOjjBlqAuxrtzf%2BjK1cQgrLnuP6VMKcgcrVnCQyU0ZUKaa8b1xW7aNeM4DA4%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding server cloudflare cf-ray 6880997c4c6d4e9e-FRA content-encoding br
GET H3-29	200	frame.html Show response ad4m.at/ Frame F865	2 KB 2 KB	17ms 17ms	Document text/html	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/frame.html Requested by Host: ad4m.at URL: https://ad4m.at/fxpcopuw.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4 Request headers :method GET :authority ad4m.at :scheme https :path /frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT content-type text/html x-guploader-uploadid ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ expires Wed, 01 Sep 2021 19:35:38 GMT last-modified Wed, 06 May 2020 15:09:30 GMT x-goog-generation 1588777770164783 x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-stored-content-length 1681 content-language en x-goog-hash crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g== x-goog-storage-class MULTI_REGIONAL age 1818318 cache-control public, max-age=3600 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status HIT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iiEe8kR7RWbbiiMhbT8eL9ro%2FrUlTL3fx1giBEfy43HInrFbOvS4ml8uNUBj2dzaN%2F9EI550IPYRJiDCN2MwCv3p%2FsV9NpiFEpQOJ4nn1WNlqjRnfkWx9QRJ9m0yS6GQ7NuKIRY%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding server cloudflare cf-ray 6880997c4c704e9e-FRA content-encoding br
GET H3-29	200	frame.html Show response ad4m.at/ Frame B553	2 KB 2 KB	16ms 15ms	Document text/html	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/frame.html Requested by Host: ad4m.at URL: https://ad4m.at/fxpcopuw.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4 Request headers :method GET :authority ad4m.at :scheme https :path /frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT content-type text/html x-guploader-uploadid ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ expires Wed, 01 Sep 2021 19:35:38 GMT last-modified Wed, 06 May 2020 15:09:30 GMT x-goog-generation 1588777770164783 x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-stored-content-length 1681 content-language en x-goog-hash crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g== x-goog-storage-class MULTI_REGIONAL age 1818318 cache-control public, max-age=3600 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status HIT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hzt8i6d%2BsOB3Ab3NtDIIVm%2BdVxug59Mky3mOppfRPQj5N77jbaMFVsQ%2B7jkIkXRPd8iKwj8mXlkfkvHKXtsfntfIzMK47MuCOVWAOC1SHbvjw3czI4y5%2BMXqHu%2FYt4pBlow%2Fvo%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding server cloudflare cf-ray 6880997c4c794e9e-FRA content-encoding br
GET H3-29	200	default.css as.ad4m.at/ad/style/0.1.8/one-ad/ Frame E206	64 KB 8 KB	18ms 17ms	Stylesheet text/css	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1hqy08b738z4f6dvm8ty0fnx2kyeqb67p0zzme6nbp7gd5qzz43nx1dqce2vxpc3k098rkrefzcx09tapf48wxztdffyg9k5mb5t4vw0spe71bj6f3cyyh0m07evz1yr849tae8s3rs1tdtcs62zjcxd57hxg68421a95zfbr26aenmxzzn4pnscrrx4kmmxg3vk7vxpm53k3qx9dvm9zt64y3nynbrdhhy19xpq3zc4asyjr22e2asg963yzh2jvz5qz3x0nrqnkpp5349wn8y5kp6njbkjvws0dsqbzkfejeywywbhvxa9pm1sazt7n686kebkzr1nkbjdrxr6nw69x5gd0ekwb3mhdp8jbsq5dgr8ks5zqmzh666f4fjetq9mve8mdx9vtz19gz1b99cb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTIqj-ccvYffYL8On-wbDjpDwApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QfWyJ_iinIs3bkHdTHCHUOBrsO-oQRJ2Lz30kLd5fY1zpO1Xznl0zob6dXHIQr4r0qJvN6aMUIJo9jbhq4LY-7U3Tj7vBSP4DHPzWxv7uEHURmpIRh0tDHyHRnhW9nUeuDCx_hTGhw58i95WHIoDCPEJ3HCKz_k-rYxhxQcWyE6vXKelas8b9oo9G3nEFNl9NDFsGTEElh5_sqECzH7aVWrMc90xe6KtvohDkKhf6kF8TJdhG_IiZzvvLNceBgpXfCpCdB_uABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1k2Ld48m18tUfHbxcmSc9kCtfXFQ%26client%3Dca-pub-4298256310626779%26adurl%3D Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://as.ad4m.at/ad/dr?ed=1hqy08b738z4f6dvm8ty0fnx2kyeqb67p0zzme6nbp7gd5qzz43nx1dqce2vxpc3k098rkrefzcx09tapf48wxztdffyg9k5mb5t4vw0spe71bj6f3cyyh0m07evz1yr849tae8s3rs1tdtcs62zjcxd57hxg68421a95zfbr26aenmxzzn4pnscrrx4kmmxg3vk7vxpm53k3qx9dvm9zt64y3nynbrdhhy19xpq3zc4asyjr22e2asg963yzh2jvz5qz3x0nrqnkpp5349wn8y5kp6njbkjvws0dsqbzkfejeywywbhvxa9pm1sazt7n686kebkzr1nkbjdrxr6nw69x5gd0ekwb3mhdp8jbsq5dgr8ks5zqmzh666f4fjetq9mve8mdx9vtz19gz1b99cb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTIqj-ccvYffYL8On-wbDjpDwApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QfWyJ_iinIs3bkHdTHCHUOBrsO-oQRJ2Lz30kLd5fY1zpO1Xznl0zob6dXHIQr4r0qJvN6aMUIJo9jbhq4LY-7U3Tj7vBSP4DHPzWxv7uEHURmpIRh0tDHyHRnhW9nUeuDCx_hTGhw58i95WHIoDCPEJ3HCKz_k-rYxhxQcWyE6vXKelas8b9oo9G3nEFNl9NDFsGTEElh5_sqECzH7aVWrMc90xe6KtvohDkKhf6kF8TJdhG_IiZzvvLNceBgpXfCpCdB_uABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1k2Ld48m18tUfHbxcmSc9kCtfXFQ%26client%3Dca-pub-4298256310626779%26adurl%3D User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} age 9899 cf-polished origSize=65497 surrogate-control no-store strict-transport-security max-age=86400; includeSubDomains; preload content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 x-xss-protection 1; mode=block pragma no-cache referrer-policy same-origin expires 0 last-modified Wed, 01 Sep 2021 15:50:39 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-download-options noopen report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} content-type text/css; charset=utf-8 vary Accept-Encoding cache-control max-age=3600, must-revalidate, proxy-revalidate cf-ray 6880997c5c8f4e9e-FRA cf-bgj minify
GET H3-29	200	fxpcopuw.js Show response ad4m.at/ Frame E206	36 KB 13 KB	27ms 26ms	Script application/javascript	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/fxpcopuw.js Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/dr?ed=1hqy08b738z4f6dvm8ty0fnx2kyeqb67p0zzme6nbp7gd5qzz43nx1dqce2vxpc3k098rkrefzcx09tapf48wxztdffyg9k5mb5t4vw0spe71bj6f3cyyh0m07evz1yr849tae8s3rs1tdtcs62zjcxd57hxg68421a95zfbr26aenmxzzn4pnscrrx4kmmxg3vk7vxpm53k3qx9dvm9zt64y3nynbrdhhy19xpq3zc4asyjr22e2asg963yzh2jvz5qz3x0nrqnkpp5349wn8y5kp6njbkjvws0dsqbzkfejeywywbhvxa9pm1sazt7n686kebkzr1nkbjdrxr6nw69x5gd0ekwb3mhdp8jbsq5dgr8ks5zqmzh666f4fjetq9mve8mdx9vtz19gz1b99cb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTIqj-ccvYffYL8On-wbDjpDwApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QfWyJ_iinIs3bkHdTHCHUOBrsO-oQRJ2Lz30kLd5fY1zpO1Xznl0zob6dXHIQr4r0qJvN6aMUIJo9jbhq4LY-7U3Tj7vBSP4DHPzWxv7uEHURmpIRh0tDHyHRnhW9nUeuDCx_hTGhw58i95WHIoDCPEJ3HCKz_k-rYxhxQcWyE6vXKelas8b9oo9G3nEFNl9NDFsGTEElh5_sqECzH7aVWrMc90xe6KtvohDkKhf6kF8TJdhG_IiZzvvLNceBgpXfCpCdB_uABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1k2Ld48m18tUfHbxcmSc9kCtfXFQ%26client%3Dca-pub-4298256310626779%26adurl%3D Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4f300e7fc0bc0e049e8620e1b8d85d1857b3a7af9492090f20f4b0366ef42353 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=fzoyzw==, md5=7HLiqqlHKRUcSK8SewDc4g== date Wed, 01 Sep 2021 18:35:38 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 47825 x-guploader-uploadid ADPycdvgEleYUeFGscVb0lrMQlg3MQt_JmYcEfEogyITI9SAsmXtjV5RyS6taC55N3cKf-H2_q4oBdNNeeBEKTQrCdY x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding gzip alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 last-modified Tue, 31 Aug 2021 05:18:16 GMT server cloudflare etag W/"ec72e2aaa94729151c48af127b00dce2" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CdBfCQVESdad8SmEpxye3WKrBuyYj7iUl4lrahM5hYPmfeMFBM6hw8bwvAnSYt74QerFIdr02M5KjNo65zZ4kYynVb%2BhSL%2B01FLg3mI%2FhDGXnRH0eOaiA3fMFdj0Rrs5W8PDZ8%3D"}],"group":"cf-nel","max_age":604800} x-goog-generation 1628590096242097 content-type application/javascript; charset=utf-8 expires Wed, 01 Sep 2021 05:18:33 GMT cache-control public, max-age=3600, must-revalidate, stale-while-revalidate=300 x-goog-stored-content-length 11933 cf-ray 6880997c5c904e9e-FRA cf-bgj minify
GET H2	200	profile Show response cdn.syndication.twimg.com/timeline/ Frame F1E2	157 KB 11 KB	28ms 6ms	Script application/javascript	2606:2800:134:1a0d:1429:742:782:b6 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_BeyondHallyu_old&dnt=false&domain=beyondhallyu.com&lang=en&screen_name=BeyondHallyu&suppress_response_codes=true&t=1811690&tz=GMT%2B0200&with_replies=false Requested by Host: platform.twitter.com URL: http://platform.twitter.com/widgets.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6738) / Resource Hash ab54d5eab3d99610635cc689e6b0695ba0201880d72cd5ba0d3340fbfec9e163 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT content-encoding gzip x-content-type-options nosniff age 245 x-cache HIT content-disposition attachment; filename=jsonp.jsonp access-control-allow-methods GET vary Accept-Encoding content-length 11060 x-xss-protection 0 last-modified Wed, 01 Sep 2021 18:31:33 GMT server ECS (frb/6738) x-frame-options SAMEORIGIN strict-transport-security max-age=631138519 x-tw-cdn VZ, VZ content-type application/javascript;charset=utf-8 expires Wed, 01 Sep 2021 18:40:38 GMT cache-control must-revalidate, max-age=300 x-connection-hash 519ce93e45b6e869f8365f721a53aeade0ebc6ea5bc1a8c4d202e30121de32bb accept-ranges bytes timing-allow-origin * x-transaction b74ccdfe7a709e0f access-contol-allow-origin platform.twitter.com
GET H2	200	dpixel cms.quantserve.com/ Frame C647	35 B 464 B	257ms 62ms	Image image/gif	91.228.74.134 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEP-TgJtKUY3vOEM0QV-U-mA&google_cver=1&google_push=AYg5qPLg5yWB1CqM5bTuQ2Hxp6_bpRJMhAN113nwMOHVFTeq7eetPAeJDZQW0x2aLi2GMLyHs1CdOeVBm_ePfAdOO3s5yHswweQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=8391341337&adk=244431894&adf=2633765924&pi=t.ma~as.8391341337&w=336&psa=0&format=336x280&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337538&bpp=2&bdt=982&idt=220&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&prev_fmts=300x600&prev_slotnames=7930526934%2C2430570645%2C3296992132&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=5&uci=5.8ogocy1prokm&fsb=1&dtd=225 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:38 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame C647 Redirect Chain https://d.agkn.com/pixel/2175/?google_gid=CAESEJkCImE9p54KDXzh8yp2g2A&google_cver=1&google_push=AYg5qPLtDYU2z5E5TG5oBJ9YiwgADMY0azsf5xvwtBBiD-yf28UmcoyUhulSVQBnytcIrIbRdvkS6AbPUXmqFyD7vZb6gk79p-s https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLtDYU2z5E5TG5oBJ9YiwgADMY0azsf5xvwtBBiD-yf28UmcoyUhulSVQBnytcIrIbRdvkS6AbPUXmqFyD7vZb6gk79p-s&google_hm=Q0FFU0VKa0NJbUU5cDU0S0...	170 B 188 B	60ms 59ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLtDYU2z5E5TG5oBJ9YiwgADMY0azsf5xvwtBBiD-yf28UmcoyUhulSVQBnytcIrIbRdvkS6AbPUXmqFyD7vZb6gk79p-s&google_hm=Q0FFU0VKa0NJbUU5cDU0S0RYemg4eXAyZzJB Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:38 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Wed, 01 Sep 2021 18:35:38 GMT Server Apache-Coyote/1.1 P3P CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPLtDYU2z5E5TG5oBJ9YiwgADMY0azsf5xvwtBBiD-yf28UmcoyUhulSVQBnytcIrIbRdvkS6AbPUXmqFyD7vZb6gk79p-s&google_hm=Q0FFU0VKa0NJbUU5cDU0S0RYemg4eXAyZzJB Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame C647 Redirect Chain https://rtb.openx.net/sync/dds?google_gid=CAESEFoVFeNiWI56PdVYytMhbCw&google_cver=1&google_push=AYg5qPINAbEwQRDGEowk65CFWJIX9jTWFP-6_HZdv09R2cSEhuRfI1R_jlZQrtrhBTrQ_OWzQ19UPJ2vKPy-tMDnlUMGufJygiQ https://rtb.openx.net/sync/dds?google_gid=CAESEFoVFeNiWI56PdVYytMhbCw&google_cver=1&google_push=AYg5qPINAbEwQRDGEowk65CFWJIX9jTWFP-6_HZdv09R2cSEhuRfI1R_jlZQrtrhBTrQ_OWzQ19UPJ2vKPy-tMDnlUMGufJygiQ&o... https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPINAbEwQRDGEowk65CFWJIX9jTWFP-6_HZdv09R2cSEhuRfI1R_jlZQrtrhBTrQ_OWzQ19UPJ2vKPy-tMDnlUMGufJygiQ&google_hm=6bCYhGluwbQZvfaWDGEhrw==	170 B 188 B	57ms 57ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPINAbEwQRDGEowk65CFWJIX9jTWFP-6_HZdv09R2cSEhuRfI1R_jlZQrtrhBTrQ_OWzQ19UPJ2vKPy-tMDnlUMGufJygiQ&google_hm=6bCYhGluwbQZvfaWDGEhrw== Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 01 Sep 2021 18:35:40 GMT via 1.1 google server Cowboy access-control-allow-origin null vary Origin p3p CP="CUR ADM OUR NOR STA NID" location https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPINAbEwQRDGEowk65CFWJIX9jTWFP-6_HZdv09R2cSEhuRfI1R_jlZQrtrhBTrQ_OWzQ19UPJ2vKPy-tMDnlUMGufJygiQ&google_hm=6bCYhGluwbQZvfaWDGEhrw== access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-request-id qva2vs6pd79eiekujr22usg8j7aqroh8
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame C647 Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iQTvWEBuSZ-ujJDG40uj0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 188 B	63ms 57ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iQTvWEBuSZ-ujJDG40uj0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLGBKqP2RgRjoobZZxCxRe_R3EVlDvUcKxCDzD39xgc4BpZXLezon1pbC9wo2n-ypUVmELfdxnQ3b6m2A-krpy3qnOcFA Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:41 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=iQTvWEBuSZ-ujJDG40uj0Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLGBKqP2RgRjoobZZxCxRe_R3EVlDvUcKxCDzD39xgc4BpZXLezon1pbC9wo2n-ypUVmELfdxnQ3b6m2A-krpy3qnOcFA date Wed, 01 Sep 2021 18:35:41 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame C647 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA1bvzohjwU5PHGfZdw8qsU&google_cver=1&google_push=AYg5qPKmA-8x7RG0c151EK6VLQ7Jgb3vu4i-pRjfYEaTcJXkHcMIAapBQAGnSwom-LrKseoscej... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxVUIwUEotMjEtNEFaUA==&google_push=AYg5qPKmA-8x7RG0c151EK6VLQ7Jgb3vu4i-pRjfYEaTcJXkHcMIAapBQAGnSwom-LrKseoscej9PZTKgqzVWdNIwM6NscClZw	170 B 188 B	56ms 55ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxVUIwUEotMjEtNEFaUA==&google_push=AYg5qPKmA-8x7RG0c151EK6VLQ7Jgb3vu4i-pRjfYEaTcJXkHcMIAapBQAGnSwom-LrKseoscej9PZTKgqzVWdNIwM6NscClZw Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:38 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1QxVUIwUEotMjEtNEFaUA==&google_push=AYg5qPKmA-8x7RG0c151EK6VLQ7Jgb3vu4i-pRjfYEaTcJXkHcMIAapBQAGnSwom-LrKseoscej9PZTKgqzVWdNIwM6NscClZw Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost 6f9fd0201ed801884e5299d5aabca094 Expires 0
GET		pixel cm.g.doubleclick.net/ Frame C647 Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1&googl... https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AY... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGD... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGD... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGD... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGD... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGD... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGD... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGD... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGD... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGD... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGD... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGD... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGD... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGD... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGD... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGD... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGD... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGD... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGD... https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGD...	0 0
GET H3-29	200	pixel cm.g.doubleclick.net/ Frame C647 Redirect Chain https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEICCUNpmjHew4PnXWIwvrIk&google_cver=1&google_push=AYg5qPLtzqcG-oje2gJe-z3s... https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLtzqcG-oje2gJe-z3s_rwd8W_01eVOKJCzw5NYslXCNdgYb8k_JMld5PqJSZLnbQHTgBnJCLaTD0CjInF2RbMM6tKa3vSA&google_hm= https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLtzqcG-oje2gJe-z3s_rwd8W_01eVOKJCzw5NYslXCNdgYb8k_JMld5PqJSZLnbQHTgBnJCLaTD0CjInF2RbMM6tKa3vSA&google_hm=&google_tc=	170 B 188 B	58ms 54ms	Image image/png	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLtzqcG-oje2gJe-z3s_rwd8W_01eVOKJCzw5NYslXCNdgYb8k_JMld5PqJSZLnbQHTgBnJCLaTD0CjInF2RbMM6tKa3vSA&google_hm=&google_tc= Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers pragma no-cache date Wed, 01 Sep 2021 18:35:39 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Wed, 01 Sep 2021 18:35:39 GMT server HTTP server (unknown) p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" location https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPLtzqcG-oje2gJe-z3s_rwd8W_01eVOKJCzw5NYslXCNdgYb8k_JMld5PqJSZLnbQHTgBnJCLaTD0CjInF2RbMM6tKa3vSA&google_hm=&google_tc= cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 400 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	204	attr cm.g.doubleclick.net/pixel/ Frame C647	0 12 B	61ms 56ms	Image text/html	142.250.74.194 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K_sdfUBGUgJDEwfKJcNeH7w8YrnJcktiREh5lMZLkIa8PQim08-14nEtL7LXksT1mN4DpvHg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4298256310626779&output=html&h=280&slotname=8391341337&adk=244431894&adf=2633765924&pi=t.ma~as.8391341337&w=336&psa=0&format=336x280&url=http%3A%2F%2Fbeyondhallyu.com%2Fgamest%2FHomeLogin%2F&ea=0&flash=0&wgl=1&dt=1630521337538&bpp=2&bdt=982&idt=220&shv=r20210830&mjsv=m202108310101&ptt=9&saldr=aa&prev_fmts=300x600&prev_slotnames=7930526934%2C2430570645%2C3296992132&correlator=2565102853045&frm=23&ife=1&pv=1&ga_vid=964598173.1630521337&ga_sid=1630521337&ga_hid=2038953934&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=3046591207&scr_x=0&scr_y=0&eid=42530530%2C44747620%2C31062423%2C31062297%2C31062094&oid=3&pvsid=1510762985781329&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32772&bc=23&ifi=5&uci=5.8ogocy1prokm&fsb=1&dtd=225 Protocol H3-29 Security QUIC, , AES_128_GCM Server 142.250.74.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s02-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H2	200	0SJ-PW6n pbs.twimg.com/card_img/1432350859761967106/ Frame 7C8C	5 KB 6 KB	82ms 8ms	Image image/jpeg	2606:2800:134:fa2:1627:1fe:edb:1665 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/card_img/1432350859761967106/0SJ-PW6n?format=jpg&name=144x144_2 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6793) / Resource Hash 58e9af8db8d1bb8476acdc711161234b6c900c8e25dc5bce4043173a93a2e272 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT x-content-type-options nosniff age 185277 x-cache HIT content-length 5467 surrogate-key card_img card_img/bucket/5 card_img/1432350859761967106 last-modified Mon, 30 Aug 2021 14:31:51 GMT server ECS (frb/6793) strict-transport-security max-age=631138519 x-tw-cdn VZ, VZ content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate x-connection-hash 6da303b34e8db0ddbe487655e0f88b031f1d61ad3ea289d1cfb6c1f4c03782ec accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	200	LAWLF65V pbs.twimg.com/card_img/1432159787022966784/ Frame 7C8C	6 KB 6 KB	81ms 8ms	Image image/jpeg	2606:2800:134:fa2:1627:1fe:edb:1665 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/card_img/1432159787022966784/LAWLF65V?format=jpg&name=144x144_2 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6727) / Resource Hash ebbf3f5e4b3b6480b73dac5e88b969d34fddbbba2f82ab91c007d145c390ddca Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT x-content-type-options nosniff age 215320 x-cache HIT content-length 6433 surrogate-key card_img card_img/bucket/7 card_img/1432159787022966784 last-modified Mon, 30 Aug 2021 01:52:36 GMT server ECS (frb/6727) strict-transport-security max-age=631138519 x-tw-cdn VZ, VZ content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate x-connection-hash c0c54e493d08536a7b5676b1004538571ae72e96694efb809cdc2d2443436637 accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	200	vbnInxlM pbs.twimg.com/card_img/1430985916865146882/ Frame 7C8C	6 KB 6 KB	81ms 9ms	Image image/jpeg	2606:2800:134:fa2:1627:1fe:edb:1665 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/card_img/1430985916865146882/vbnInxlM?format=jpg&name=144x144_2 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6762) / Resource Hash d6dd8ee6f1cfb49bf4ccff54a393e743e2f6e7badb4de792cecb118b7442cd4e Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT x-content-type-options nosniff age 509392 x-cache HIT content-length 6421 surrogate-key card_img card_img/bucket/0 card_img/1430985916865146882 last-modified Thu, 26 Aug 2021 20:08:03 GMT server ECS (frb/6762) strict-transport-security max-age=631138519 x-tw-cdn VZ, VZ content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate x-connection-hash 92af1c299e547fe70eabc5aa02c6860f076bab34a4a2908aa5a2e329c7f14fbd accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	200	v0--wF5b pbs.twimg.com/card_img/1433009865056731136/ Frame 7C8C	10 KB 10 KB	81ms 9ms	Image image/jpeg	2606:2800:134:fa2:1627:1fe:edb:1665 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/card_img/1433009865056731136/v0--wF5b?format=jpg&name=144x144_2 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67BE) / Resource Hash d2e2f5fe111af5176887096c495d784de500aa2b8a6d9d5e26f3447c9a5271cc Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT x-content-type-options nosniff age 25401 x-cache HIT content-length 9893 surrogate-key card_img card_img/bucket/5 card_img/1433009865056731136 last-modified Wed, 01 Sep 2021 10:10:30 GMT server ECS (frb/67BE) strict-transport-security max-age=631138519 x-tw-cdn VZ, VZ content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate x-connection-hash b635cf57ecbe4bb8564b97e4727150ed6dd47bf666a8ba70f51bd985f64e9e6d accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	200	1OD9v7fX pbs.twimg.com/card_img/1431763370483634177/ Frame 7C8C	5 KB 6 KB	82ms 9ms	Image image/jpeg	2606:2800:134:fa2:1627:1fe:edb:1665 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/card_img/1431763370483634177/1OD9v7fX?format=jpg&name=144x144_2 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67AA) / Resource Hash ebd8437e59b09b670b7d088c4f5f6a2228a3657a3f845121f6dfc2fad4376e6a Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT x-content-type-options nosniff age 322641 x-cache HIT content-length 5482 surrogate-key card_img card_img/bucket/6 card_img/1431763370483634177 last-modified Sat, 28 Aug 2021 23:37:23 GMT server ECS (frb/67AA) strict-transport-security max-age=631138519 x-tw-cdn VZ, VZ content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate x-connection-hash 9cc3b6942655de9ca03198d91813ad8823fb2a2db097f767293c9d58e6c5f3ab accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	200	e2T4r1DE pbs.twimg.com/card_img/1430785085540913154/ Frame 7C8C	8 KB 8 KB	84ms 12ms	Image image/jpeg	2606:2800:134:fa2:1627:1fe:edb:1665 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/card_img/1430785085540913154/e2T4r1DE?format=jpg&name=144x144_2 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6762) / Resource Hash 4b824c0cd401335e88f086a4721a7459f00f0b067da261ec8cdb4b703e590166 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT x-content-type-options nosniff age 559818 x-cache HIT content-length 7776 surrogate-key card_img card_img/bucket/1 card_img/1430785085540913154 last-modified Thu, 26 Aug 2021 06:50:01 GMT server ECS (frb/6762) strict-transport-security max-age=631138519 x-tw-cdn VZ, VZ content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate x-connection-hash c882960fca28477964c2e9fd897e3f4881bf55b7456318d3ea5ef054d54aa049 accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	200	ndQ5hvMu pbs.twimg.com/card_img/1430806323231219714/ Frame 7C8C	5 KB 5 KB	24ms 7ms	Image image/jpeg	2606:2800:134:fa2:1627:1fe:edb:1665 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/card_img/1430806323231219714/ndQ5hvMu?format=jpg&name=144x144_2 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67AA) / Resource Hash 92c7019bde650d9028d77824d80248da233e74fc269db8aff0e8a3bcd1dc32a5 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT x-content-type-options nosniff age 553794 x-cache HIT content-length 5173 surrogate-key card_img card_img/bucket/0 card_img/1430806323231219714 last-modified Thu, 26 Aug 2021 08:14:25 GMT server ECS (frb/67AA) strict-transport-security max-age=631138519 x-tw-cdn VZ, VZ content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate x-connection-hash ff691a7d3a5aacf94d8dd1d838528a16fa1273c33385cd7e855f4f69c0e9c937 accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	200	r9RjyToF pbs.twimg.com/card_img/1430936784070840321/ Frame 7C8C	11 KB 11 KB	25ms 8ms	Image image/jpeg	2606:2800:134:fa2:1627:1fe:edb:1665 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/card_img/1430936784070840321/r9RjyToF?format=jpg&name=144x144_2 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67C0) / Resource Hash d36e45f0f7301ba4bcf74bd3ab3da2104bc1721908446cc45a34e86da9e7cec6 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT x-content-type-options nosniff age 511712 x-cache HIT content-length 10794 surrogate-key card_img card_img/bucket/0 card_img/1430936784070840321 last-modified Thu, 26 Aug 2021 16:52:49 GMT server ECS (frb/67C0) strict-transport-security max-age=631138519 x-tw-cdn VZ, VZ content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate x-connection-hash e6abbab284d1d5480a24dec5cfe646f81dcf96e3362faa3848cabea9daf74383 accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	200	4HrUh6kU pbs.twimg.com/card_img/1432452712558481410/ Frame 7C8C	11 KB 11 KB	25ms 8ms	Image image/jpeg	2606:2800:134:fa2:1627:1fe:edb:1665 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/card_img/1432452712558481410/4HrUh6kU?format=jpg&name=144x144_2 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6712) / Resource Hash d36e45f0f7301ba4bcf74bd3ab3da2104bc1721908446cc45a34e86da9e7cec6 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT x-content-type-options nosniff age 158286 x-cache HIT content-length 10794 surrogate-key card_img card_img/bucket/5 card_img/1432452712558481410 last-modified Mon, 30 Aug 2021 21:16:35 GMT server ECS (frb/6712) strict-transport-security max-age=631138519 x-tw-cdn VZ, VZ content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate x-connection-hash d2fdc84894821970697ed62d52c417da81002de35dea83ad7c95550fded20d36 accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	200	1f3b8.png abs.twimg.com/emoji/v2/72x72/ Frame 7C8C	1022 B 1 KB	78ms 6ms	Image image/png	2606:2800:233:8173:898f:63b3:95c3:79d2 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://abs.twimg.com/emoji/v2/72x72/1f3b8.png Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:8173:898f:63b3:95c3:79d2 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/8F83) / Resource Hash 9024f30371f99e85fb48784b1bfab9b8d9b90e4e53713e4b5fb6612e34c6c5ae Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT x-content-type-options nosniff age 5559048 x-ton-expected-size 1022 x-cache HIT content-length 1022 x-response-time 14 surrogate-key twitter-assets last-modified Wed, 19 Jun 2019 22:55:46 GMT server ECAcc (frc/8F83) etag "B1PDwKEHrVzsg+3BHlglBg==" strict-transport-security max-age=631138519 content-type image/png access-control-allow-origin * x-connection-hash 08d85e68315bcd2543cdf226683452c7 accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com expires Thu, 01 Sep 2022 18:35:38 GMT
GET H2	200	cqLVFqVZ pbs.twimg.com/card_img/1432030299249344512/ Frame 7C8C	9 KB 9 KB	24ms 7ms	Image image/jpeg	2606:2800:134:fa2:1627:1fe:edb:1665 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/card_img/1432030299249344512/cqLVFqVZ?format=jpg&name=144x144_2 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/669E) / Resource Hash c8b9ebe236edbd3cc057cd77c8b4b2f5f90a436a6a0d4b98fca9ff6dee581d21 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT x-content-type-options nosniff age 259917 x-cache HIT content-length 9187 surrogate-key card_img card_img/bucket/1 card_img/1432030299249344512 last-modified Sun, 29 Aug 2021 17:18:03 GMT server ECS (frb/669E) strict-transport-security max-age=631138519 x-tw-cdn VZ, VZ content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate x-connection-hash b0b59e82f0af2850e1455bda043b188159a8376205c1d8693667f8ca15357d14 accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H3-29	200	frame.html Show response ad4m.at/ Frame FC25	2 KB 2 KB	64ms 15ms	Document text/html	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/frame.html Requested by Host: ad4m.at URL: https://ad4m.at/fxpcopuw.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4 Request headers :method GET :authority ad4m.at :scheme https :path /frame.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-site sec-fetch-mode navigate sec-fetch-dest iframe accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT content-type text/html x-guploader-uploadid ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ expires Wed, 01 Sep 2021 19:35:38 GMT last-modified Wed, 06 May 2020 15:09:30 GMT x-goog-generation 1588777770164783 x-goog-metageneration 2 x-goog-stored-content-encoding identity x-goog-stored-content-length 1681 content-language en x-goog-hash crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g== x-goog-storage-class MULTI_REGIONAL age 1818318 cache-control public, max-age=3600 alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status HIT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMMVp8%2BI5HIEtzhOXbwfjCKpieI6y%2Fo0WRwkNEcr7lqNfOt64JIUtNPiTKe%2B9ye1QZ2evPCAsJV8VCksAldU0zXVYs2u8pMSDfekuc3YZSnJ0ZfbPfXMPSK0oH6b2t2iGaESF%2BQ%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary Accept-Encoding server cloudflare cf-ray 6880997d2e4b4e9e-FRA content-encoding br
POST H3-29	200	rs Show response ad4m.at/ Frame E530	1 KB 2 KB	37ms 35ms	XHR text/plain	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Requested by Host: ad4m.at URL: https://ad4m.at/fxpcopuw.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 489c503af343ae5f1a430196676d274500ecbd85cf3ccb233362a541712beb4c Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/json Response headers cf-ray 6880997d78f85b68-FRA date Wed, 01 Sep 2021 18:35:38 GMT via 1.1 google cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VVewFXftrg0PL6dUz%2B70B7qB%2BSEcOdtM7xDSkbdenTDzlTh1DTp2czKQbpbCDp%2BDYSvS5z%2FZyYFZkV28FZhCr7UQV9dq2x21VeceA6UguZaw6m%2B3gKAJXEb7CJ8CEKEAMvWkcSk%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain access-control-allow-origin https://as.ad4m.at alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 access-control-allow-credentials true content-encoding br x-backend-server aa-reachservice-group-europe-west1-vqgx
GET H/1.1	200 OK	timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css platform.twitter.com/css/ Frame 7C8C	53 KB 12 KB	8ms 6ms	Stylesheet text/css	2606:2800:234:59:254c:406:2366:268c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css Requested by Host: platform.twitter.com URL: http://platform.twitter.com/widgets.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/673A) / Resource Hash 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:38 GMT Content-Encoding gzip Last-Modified Mon, 02 Aug 2021 20:33:36 GMT Server ECS (frb/673A) Age 4351 Etag "fb5a989a2b36d6be5344baad6a1936fd+gzip" Vary Accept-Encoding x-tw-cdn VZ P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin * Cache-Control public, max-age=315360000 X-Cache HIT Access-Control-Allow-Methods GET Content-Type text/css; charset=utf-8 Content-Length 12144
GET H/1.1	200 OK	timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css platform.twitter.com/css/ Frame F1E2	53 KB 53 KB	9ms 7ms	Image text/css	2606:2800:234:59:254c:406:2366:268c EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://platform.twitter.com/css/timeline.32f7f89e2e680ebfe3f4cfefb27966ae.light.ltr.css Requested by Host: platform.twitter.com URL: http://platform.twitter.com/widgets.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/673A) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Date Wed, 01 Sep 2021 18:35:38 GMT Content-Encoding gzip Last-Modified Mon, 02 Aug 2021 20:33:36 GMT Server ECS (frb/673A) Age 4351 Etag "fb5a989a2b36d6be5344baad6a1936fd+gzip" Vary Accept-Encoding x-tw-cdn VZ P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Access-Control-Allow-Origin * Cache-Control public, max-age=315360000 X-Cache HIT Access-Control-Allow-Methods GET Content-Type text/css; charset=utf-8 Content-Length 12144
POST H3-29	200	rs Show response ad4m.at/ Frame AC03	1 KB 2 KB	34ms 30ms	XHR text/plain	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Requested by Host: ad4m.at URL: https://ad4m.at/fxpcopuw.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9ee31566516873e81cb99fec09717a57abbcaa06ae63cee404f058163e86c590 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/json Response headers cf-ray 6880997d68d45b68-FRA date Wed, 01 Sep 2021 18:35:38 GMT via 1.1 google cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NwJlD7HykPEh6JmHfhijUjhSnn2S0envxNU38vWiTrpEQz70JyzGzxDu3OzjqatHjuQaMse70NI50vEQUlB1vZVnztQtFzgBNbYR7ziFGpmunVGgYTOR6FMx2GbvfQiEEX4nZyI%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain access-control-allow-origin https://as.ad4m.at alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 access-control-allow-credentials true content-encoding br x-backend-server aa-reachservice-group-europe-west1-vqgx
POST H3-29	200	rs Show response ad4m.at/ Frame 2046	1 KB 2 KB	37ms 33ms	XHR text/plain	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Requested by Host: ad4m.at URL: https://ad4m.at/fxpcopuw.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e8e8d305e821e19c9a1d6f202a061b1e4733a96bbf6bfe33eb9a1c6b0de875e Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/json Response headers cf-ray 6880997d68d15b68-FRA date Wed, 01 Sep 2021 18:35:38 GMT via 1.1 google cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Py76uFER9L5qDWodifBL5%2B8dmJ6poKSm9a9VEj5VBvBHt27eDcEGykDnRKDoLTFC8s80Ok3Nywkt2OzsAYN31Z6rsHJu%2BnK2TjNiGw%2Bisg1M95d4DWFAnOo1v2OfZl2r%2BbzJuAw%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain access-control-allow-origin https://as.ad4m.at alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 access-control-allow-credentials true content-encoding br x-backend-server aa-reachservice-group-europe-west1-vqgx
POST H3-29	200	rs Show response ad4m.at/ Frame EB49	1 KB 2 KB	34ms 32ms	XHR text/plain	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Requested by Host: ad4m.at URL: https://ad4m.at/fxpcopuw.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bd26400853f2f98cc07e58ffda20af7368dd6fe6a748215a19f1d3fb2e706777 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/json Response headers cf-ray 6880997d78f55b68-FRA date Wed, 01 Sep 2021 18:35:38 GMT via 1.1 google cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wDQxMVJJ5jp%2Bk6eGfqjG5Ic1IDSl%2Fs7oSg0WNKmm2RaEPpkU8oowaVL%2FiJfUYHm7Q8IEcycZLMc%2FhtM1V6Re2BUtqsvGLe%2BVohNhio3tpBhMrfrfsysLZMRVFsvscTROmY6lxcI%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain access-control-allow-origin https://as.ad4m.at alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 access-control-allow-credentials true content-encoding br x-backend-server aa-reachservice-group-europe-west1-vqgx
OPTIONS H3-29	200	rs ad4m.at/ Frame	0 0	95ms 42ms	Preflight text/plain	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Protocol H3-29 Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://as.ad4m.at User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode cors Response headers date Wed, 01 Sep 2021 18:35:38 GMT content-type text/plain content-length 24 access-control-allow-origin https://as.ad4m.at access-control-allow-credentials true access-control-max-age 1800 access-control-allow-methods GET,PATCH,POST,OPTIONS,DELETE access-control-allow-headers content-type allow HEAD,POST,GET,OPTIONS x-backend-server aa-reachservice-group-europe-west1-vqgx via 1.1 google alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2FAvFim5KzyegcBF%2F%2BAPhAgVnC8pAEeRY%2Ftx8PUF194ksLwBUfNMe9LaWHYQMnzQRBdpoBUGB2yUc5tMp1YwFRP%2BFJyUy%2Fzh61bzwtZsiKOOZGXxrw9qoRSycKaPkESA7MuvyUY%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6880997d284f5b68-FRA
OPTIONS H3-29	200	rs ad4m.at/ Frame	0 0	34ms 31ms	Preflight text/plain	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Protocol H3-29 Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://as.ad4m.at User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode cors Response headers date Wed, 01 Sep 2021 18:35:38 GMT content-type text/plain content-length 24 access-control-allow-origin https://as.ad4m.at access-control-allow-credentials true access-control-max-age 1800 access-control-allow-methods GET,PATCH,POST,OPTIONS,DELETE access-control-allow-headers content-type allow HEAD,POST,GET,OPTIONS x-backend-server aa-reachservice-group-europe-west1-vqgx via 1.1 google alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8p9JNJIszzyHnL1bdwPosxlUmwZZb3SPv92LrnDOURXF5rM%2BB3hlW2gpz8e3cWNe2PKRqa6e1%2FnB2wucMqiX1cFFIfmTrZ2j1rq%2Fvlfg8AiD3npNlR3pNUn5uP1OiTWkS6ofNYc%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6880997d28575b68-FRA
OPTIONS H3-29	200	rs ad4m.at/ Frame	0 0	33ms 30ms	Preflight text/plain	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Protocol H3-29 Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://as.ad4m.at User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode cors Response headers date Wed, 01 Sep 2021 18:35:38 GMT content-type text/plain content-length 24 access-control-allow-origin https://as.ad4m.at access-control-allow-credentials true access-control-max-age 1800 access-control-allow-methods GET,PATCH,POST,OPTIONS,DELETE access-control-allow-headers content-type allow HEAD,POST,GET,OPTIONS x-backend-server aa-reachservice-group-europe-west1-vqgx via 1.1 google alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2BiQiJ3dWn95g4rSn2FcawhyyODRMJMZhx6ZPePR7iI7AF7c02Rg9S8lg7x%2Fix9gCJEuS8aS1RD3Nlg%2FoQ9sN5Emw6wHxiwJXguBejRVu%2B5Yb%2BPV670Ujx0i%2FDaoBCCXwWV3WfA%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6880997d28525b68-FRA
OPTIONS H3-29	200	rs ad4m.at/ Frame	0 0	41ms 38ms	Preflight text/plain	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Protocol H3-29 Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://as.ad4m.at User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode cors Response headers date Wed, 01 Sep 2021 18:35:38 GMT content-type text/plain content-length 24 access-control-allow-origin https://as.ad4m.at access-control-allow-credentials true access-control-max-age 1800 access-control-allow-methods GET,PATCH,POST,OPTIONS,DELETE access-control-allow-headers content-type allow HEAD,POST,GET,OPTIONS x-backend-server aa-reachservice-group-europe-west1-vqgx via 1.1 google alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AOi%2FeIlAgTwbGgRtJMdQK8tZGuWQqHaQ%2BiQ5af443GFtBI2rTO6zRco7qyioYXJ18%2FK1hqf6zNhtwgTSWcaQyW5F%2BxWvwUWNQ3jpRI%2Bnte8dGcu3PJc9jCv%2Fisuq0RxYCU134Ak%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6880997d28545b68-FRA
GET H2	200	oFR9U1Au_normal.jpg pbs.twimg.com/profile_images/1244978500802621440/ Frame 7C8C	2 KB 2 KB	25ms 7ms	Image image/jpeg	2606:2800:134:fa2:1627:1fe:edb:1665 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/1244978500802621440/oFR9U1Au_normal.jpg Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6795) / Resource Hash 34f07cbe47a74d1d4f1c4237507543647959a8ddac8574c3ac842b599c39c722 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT x-content-type-options nosniff age 131684 x-cache HIT content-length 2111 surrogate-key profile_images profile_images/bucket/1 profile_images/1244978500802621440 last-modified Tue, 31 Mar 2020 13:20:59 GMT server ECS (frb/6795) strict-transport-security max-age=631138519 x-tw-cdn VZ, VZ content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate x-connection-hash 423721ecca108ba3f7926ef51b7483de7d607729cf05723826613eebb92ff05a accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	200	R9OTEbrC_normal.png pbs.twimg.com/profile_images/619558609459003392/ Frame 7C8C	2 KB 3 KB	27ms 10ms	Image image/png	2606:2800:134:fa2:1627:1fe:edb:1665 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/619558609459003392/R9OTEbrC_normal.png Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6752) / Resource Hash b69e271b3c9fea2d10b10cc7d20a93b7d4211ff0ebb1fe766393bf3b0875dbc1 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT x-content-type-options nosniff age 219593 x-cache HIT content-length 2491 surrogate-key profile_images profile_images/bucket/2 profile_images/619558609459003392 last-modified Fri, 10 Jul 2015 17:25:37 GMT server ECS (frb/6752) strict-transport-security max-age=631138519 x-tw-cdn VZ, VZ content-type image/png access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate x-connection-hash d79987d63ec884243b310f2035374745a4040605d45e4f253c751de61c104e85 accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	200	fvZrtkil_normal.jpg pbs.twimg.com/profile_images/1249826676739096581/ Frame 7C8C	2 KB 3 KB	27ms 10ms	Image image/jpeg	2606:2800:134:fa2:1627:1fe:edb:1665 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/1249826676739096581/fvZrtkil_normal.jpg Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67A8) / Resource Hash ece787f5dbff43b9fdf2c5aaef1d3efd6b43b92ea0ca78ac70afb6afedf8170e Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT x-content-type-options nosniff age 191110 x-cache HIT content-length 2415 surrogate-key profile_images profile_images/bucket/3 profile_images/1249826676739096581 last-modified Mon, 13 Apr 2020 22:25:55 GMT server ECS (frb/67A8) strict-transport-security max-age=631138519 x-tw-cdn VZ, VZ content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate x-connection-hash 750030787e805404cdc415d8ee68420f8821dda6819a2db02c92cc26d584895e accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	200	1ec52575410e65a819e369e0a213ad30_normal.jpeg pbs.twimg.com/profile_images/3354987733/ Frame 7C8C	1 KB 1 KB	28ms 10ms	Image image/jpeg	2606:2800:134:fa2:1627:1fe:edb:1665 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/3354987733/1ec52575410e65a819e369e0a213ad30_normal.jpeg Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/6794) / Resource Hash b5454e88f7d2dbbd702135e8935897c26d08004c60ca19fe75bc30b023fb47a5 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT x-content-type-options nosniff age 6380 x-cache HIT content-length 1123 surrogate-key profile_images profile_images/bucket/0 profile_images/3354987733 last-modified Thu, 04 Nov 2010 01:42:54 GMT server ECS (frb/6794) strict-transport-security max-age=631138519 x-tw-cdn VZ, VZ content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate x-connection-hash fd441b54c94b124d75471caece5fa1e928060455226370499b7e316ee0534fec accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	200	85Zjj9JD_normal.jpg pbs.twimg.com/profile_images/1232540019665068032/ Frame 7C8C	2 KB 2 KB	28ms 10ms	Image image/jpeg	2606:2800:134:fa2:1627:1fe:edb:1665 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/1232540019665068032/85Zjj9JD_normal.jpg Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/669E) / Resource Hash 2e1dd0b41b12d6853dd0fafbe98739f1165f948eff8851db707ebbdba7979360 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT x-content-type-options nosniff age 254333 x-cache HIT content-length 1807 surrogate-key profile_images profile_images/bucket/9 profile_images/1232540019665068032 last-modified Wed, 26 Feb 2020 05:34:54 GMT server ECS (frb/669E) strict-transport-security max-age=631138519 x-tw-cdn VZ, VZ content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate x-connection-hash fb52ed84c4f5825e0cfc9d2bea91dc032b766a4170d7b64ec9188ddc906f4ecf accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	200	bwOL8VHO_normal.jpg pbs.twimg.com/profile_images/1383997738803630084/ Frame 7C8C	2 KB 2 KB	28ms 11ms	Image image/jpeg	2606:2800:134:fa2:1627:1fe:edb:1665 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/profile_images/1383997738803630084/bwOL8VHO_normal.jpg Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/668B) / Resource Hash e3e272e473bff97f63129461859760b9c59bb4ea502a3c05dfb81592647fe07e Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT x-content-type-options nosniff age 516102 x-cache HIT content-length 1883 surrogate-key profile_images profile_images/bucket/0 profile_images/1383997738803630084 last-modified Mon, 19 Apr 2021 04:13:49 GMT server ECS (frb/668B) strict-transport-security max-age=631138519 x-tw-cdn VZ, VZ content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate x-connection-hash b4e510c633e559d4648707b11d87639d57276e935e48f1535aeb891058fac7a1 accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	200	DL_SpaqU8AEf5DC pbs.twimg.com/media/ Frame 7C8C	51 KB 52 KB	15ms 13ms	Image image/jpeg	2606:2800:134:fa2:1627:1fe:edb:1665 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/media/DL_SpaqU8AEf5DC?format=jpg&name=small Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/668B) / Resource Hash 2ed0413c2da3485bc39f607db3c3a73b34eecfa45fc79aca67db0d3200b95621 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT x-content-type-options nosniff age 354885 x-cache HIT content-length 52568 surrogate-key media media/bucket/3 media/918684457980194817 last-modified Fri, 13 Oct 2017 03:44:57 GMT server ECS (frb/668B) strict-transport-security max-age=631138519 x-tw-cdn VZ, VZ content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate x-connection-hash 3f552cfcf8b0a8267eaeb6b5bd81e9e9b7183e115607177c66793d138af8f1f6 accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	200	DIYlqgzVoAENewT pbs.twimg.com/media/ Frame 7C8C	78 KB 78 KB	25ms 23ms	Image image/jpeg	2606:2800:134:fa2:1627:1fe:edb:1665 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/media/DIYlqgzVoAENewT?format=jpg&name=small Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67A7) / Resource Hash cb8ddb83b0f3bc2e505c7035a773f022adabfb3ca979dee8c2d960472d2d4754 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT x-content-type-options nosniff age 16389 x-cache HIT content-length 79916 surrogate-key media media/bucket/2 media/902450187624357889 last-modified Tue, 29 Aug 2017 08:35:46 GMT server ECS (frb/67A7) strict-transport-security max-age=631138519 x-tw-cdn VZ, VZ content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate x-connection-hash efb0896dad3ec89f8521f0519189f1e76510460af80e5292328aa78977f001b1 accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	200	DIYlqgwUwAEZtXp pbs.twimg.com/media/ Frame 7C8C	87 KB 87 KB	19ms 17ms	Image image/jpeg	2606:2800:134:fa2:1627:1fe:edb:1665 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://pbs.twimg.com/media/DIYlqgwUwAEZtXp?format=jpg&name=small Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/67BC) / Resource Hash e7278786d7c4dde2714fc362bb0d2c07a89486e648426c257cdadba355015780 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT x-content-type-options nosniff age 245319 x-cache HIT content-length 88585 surrogate-key media media/bucket/7 media/902450187611717633 last-modified Tue, 29 Aug 2017 08:35:46 GMT server ECS (frb/67BC) strict-transport-security max-age=631138519 x-tw-cdn VZ, VZ content-type image/jpeg access-control-allow-origin * access-control-expose-headers Content-Length cache-control max-age=604800, must-revalidate x-connection-hash cd4538ae26fd527ea135ed624446319d75a5ee0ec0b4d78df6c0e551f932248e accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com
GET H2	200	syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css ton.twimg.com/tfw/css/ Frame 7C8C	44 KB 7 KB	39ms 7ms	Stylesheet text/css	2606:2800:233:7ee2:97c:ab4c:6c70:be36 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css Requested by Host: platform.twitter.com URL: http://platform.twitter.com/widgets.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/8FC6) / Resource Hash a549034009f79ead18a2154a8b730d8acb61e2f36c0434c0f9cff0f73df5d8cf Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT content-encoding gzip x-content-type-options nosniff age 540875 x-ton-expected-size 45170 x-cache HIT vary Accept-Encoding content-length 6839 x-response-time 8 surrogate-key tfw last-modified Tue, 14 May 2019 18:53:54 GMT server ECAcc (frc/8FC6) etag "4mhImCFS9rptiUICNnLD1g==" strict-transport-security max-age=631138519 content-type text/css access-control-allow-origin * x-connection-hash 401bcb343b2acbe3658c26f4dbec49080d73e774619c8fbae07a584afc2148fc accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com expires Wed, 08 Sep 2021 18:35:38 GMT
GET H2	200	syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css ton.twimg.com/tfw/css/ Frame F1E2	44 KB 44 KB	43ms 10ms	Image text/css	2606:2800:233:7ee2:97c:ab4c:6c70:be36 EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://ton.twimg.com/tfw/css/syndication_bundle_v1_73385286cca9d2256f6bf3993470820d4827b058.css Requested by Host: platform.twitter.com URL: http://platform.twitter.com/widgets.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:7ee2:97c:ab4c:6c70:be36 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/8FC6) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=631138519 X-Content-Type-Options nosniff Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT content-encoding gzip x-content-type-options nosniff age 540875 x-ton-expected-size 45170 x-cache HIT vary Accept-Encoding content-length 6839 x-response-time 8 surrogate-key tfw last-modified Tue, 14 May 2019 18:53:54 GMT server ECAcc (frc/8FC6) etag "4mhImCFS9rptiUICNnLD1g==" strict-transport-security max-age=631138519 content-type text/css access-control-allow-origin * x-connection-hash 401bcb343b2acbe3658c26f4dbec49080d73e774619c8fbae07a584afc2148fc accept-ranges bytes timing-allow-origin https://twitter.com, https://mobile.twitter.com expires Wed, 08 Sep 2021 18:35:38 GMT
POST H3-29	200	rs Show response ad4m.at/ Frame E206	1 KB 2 KB	31ms 31ms	XHR text/plain	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Requested by Host: ad4m.at URL: https://ad4m.at/fxpcopuw.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f0850f83207b0df40865db9df406f1468b68c1c661e81d982c519e366ac92636 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Content-Type application/json Response headers cf-ray 6880997d99665b68-FRA date Wed, 01 Sep 2021 18:35:38 GMT via 1.1 google cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgI5ndHI4BE22fh6cwfV0W6CMG7Sk12axjpZS91WmtdNA58wEeHs%2FLZAqjA1kKuF4xD4epCuLU5slRRh9CeTKB5%2BHf0%2FBBwdU1Q82KWS6BkxizwR8VbWbuMXS%2BRBuYnDb1xZHYc%3D"}],"group":"cf-nel","max_age":604800} content-type text/plain access-control-allow-origin https://as.ad4m.at alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 access-control-allow-credentials true content-encoding br x-backend-server aa-reachservice-group-europe-west1-vqgx
OPTIONS H3-29	200	rs ad4m.at/ Frame	0 0	35ms 30ms	Preflight text/plain	2606:4700:20::ac43:4a81 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ad4m.at/rs Protocol H3-29 Server 2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Method POST Access-Control-Request-Headers content-type Origin https://as.ad4m.at User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Sec-Fetch-Mode cors Response headers date Wed, 01 Sep 2021 18:35:38 GMT content-type text/plain content-length 24 access-control-allow-origin https://as.ad4m.at access-control-allow-credentials true access-control-max-age 1800 access-control-allow-methods GET,PATCH,POST,OPTIONS,DELETE access-control-allow-headers content-type allow HEAD,POST,GET,OPTIONS x-backend-server aa-reachservice-group-europe-west1-vqgx via 1.1 google alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jOS6gAoinVOXAvuBCuUB0VwPKoLXDIEtfmWgNxzYo%2FBnzYug4MWchCCuOv6NmbYBiPqPlISRYXclWEh%2By7meU5qAwqOjGeUXsn2eOoVVd09kWW1XO7SmV6G%2BJb%2BUeexCho%2FIA%2Fg%3D"}],"group":"cf-nel","max_age":604800} nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare cf-ray 6880997d68ee5b68-FRA
GET H3-29	200	rar Show response as.ad4m.at/ad/ Frame E430	6 KB 4 KB	24ms 23ms	Document text/html	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=600&e=IOeiVsbvCo8PnUJ4H5u1neOJuM8AL3aX&g=77166a1f4e8133725f7c2840fdc98fe7%2F9208703253488620407&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338478&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jaksd7hysvxcez9thbym00rpq5y17es6yktmrp1mkwcme6dnq6pj855mbhtx9dysbc7tf32fcex7c1q5xzxas6fnckbxmv6c5zp33dt2h0n46ra4g534ba4hj25j1d747xk3gzbt9h0xpya228zsrfsrtk9tn215x0crvcbn91zjtdwphxczk7zrz9tqc064mqapmjhcym9m7v5zcp1r81ms6j4n5s8mspkt1rfsq8p2nvh1h9k4vyxap86ja6sc3marfa7fy9qt%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8E4B-ccvYdGVLZeD2fcPzJiGqAqQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTQyOTgyNTYzMTA2MjY3NzmgAcKu6N0DyAEJqQIDm66sB-KzPqgDAaoExwFP0HgpSvN-IjSLKDZJNTCkzkjmQRWzLinxv3tvH63ySBPHmW-9TpVgRbbDrLjKlOQi9NDF_TzX-DUxp_wa37PScU6V7g2gzvmbXQ2zAqXFrWo-Ew3CGAvSmahrKhSYLu_MfsYIObkRNQ92nCc0t77YBu7kC2xdWESdx9J1hWHkk0TDKDvoZRbFFAKI_wX4GkpcfXuD9-KNH34LekjFXvSL-ZTfe6lAxlrRXoQYBdgJdvGisHn9KEYdX96rERsHW-0kBooCvre1gAbjzKenhfGNsEqgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_07AXkgqBIBOZwanxB-EgYrzsBSTQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Requested by Host: ad4m.at URL: https://ad4m.at/fxpcopuw.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6f9543ae1ed3979779f4d35869a0a072b15c3900c300c73b4a096637cff0ca74 Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority as.ad4m.at :scheme https :path /ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=600&e=IOeiVsbvCo8PnUJ4H5u1neOJuM8AL3aX&g=77166a1f4e8133725f7c2840fdc98fe7%2F9208703253488620407&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338478&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jaksd7hysvxcez9thbym00rpq5y17es6yktmrp1mkwcme6dnq6pj855mbhtx9dysbc7tf32fcex7c1q5xzxas6fnckbxmv6c5zp33dt2h0n46ra4g534ba4hj25j1d747xk3gzbt9h0xpya228zsrfsrtk9tn215x0crvcbn91zjtdwphxczk7zrz9tqc064mqapmjhcym9m7v5zcp1r81ms6j4n5s8mspkt1rfsq8p2nvh1h9k4vyxap86ja6sc3marfa7fy9qt%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8E4B-ccvYdGVLZeD2fcPzJiGqAqQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTQyOTgyNTYzMTA2MjY3NzmgAcKu6N0DyAEJqQIDm66sB-KzPqgDAaoExwFP0HgpSvN-IjSLKDZJNTCkzkjmQRWzLinxv3tvH63ySBPHmW-9TpVgRbbDrLjKlOQi9NDF_TzX-DUxp_wa37PScU6V7g2gzvmbXQ2zAqXFrWo-Ew3CGAvSmahrKhSYLu_MfsYIObkRNQ92nCc0t77YBu7kC2xdWESdx9J1hWHkk0TDKDvoZRbFFAKI_wX4GkpcfXuD9-KNH34LekjFXvSL-ZTfe6lAxlrRXoQYBdgJdvGisHn9KEYdX96rERsHW-0kBooCvre1gAbjzKenhfGNsEqgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_07AXkgqBIBOZwanxB-EgYrzsBSTQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://as.ad4m.at/ad/dr?ed=1jqb3fa5159e5ec8gassgm9r0cafk5p1kpxcpg70mnbxbmp0qw6y03gqe93s87e70ygbpm1k0qvfq3qytsv5ckj501bkge668kqp9tmhn32n2esghjcymretcdsk4xj7qwtyeq8xs7m15j7rgfcnwyq5963ahwme9tqpt333sdvdvfgaj23k7d8taneyy6g7b45v6nxkt7vbzsfc2na22tvbt8fadpjzk6dv3trt9pzaktq5ws9npptjmkbrxrycmsz2as80f4vxcwbywvg01wq4yxbc7nweecg5ypm90mzh9w0p5hmjfctfreesyexrfbgh2cgmc0shqrhssq5xfjrf6jkkj2cz08z7nk6v32nkt00stbxzxvvzk7db39swef3pdrky9saq2cae6egrcszr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8E4B-ccvYdGVLZeD2fcPzJiGqAqQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTQyOTgyNTYzMTA2MjY3NzmgAcKu6N0DyAEJqQIDm66sB-KzPqgDAaoExwFP0HgpSvN-IjSLKDZJNTCkzkjmQRWzLinxv3tvH63ySBPHmW-9TpVgRbbDrLjKlOQi9NDF_TzX-DUxp_wa37PScU6V7g2gzvmbXQ2zAqXFrWo-Ew3CGAvSmahrKhSYLu_MfsYIObkRNQ92nCc0t77YBu7kC2xdWESdx9J1hWHkk0TDKDvoZRbFFAKI_wX4GkpcfXuD9-KNH34LekjFXvSL-ZTfe6lAxlrRXoQYBdgJdvGisHn9KEYdX96rERsHW-0kBooCvre1gAbjzKenhfGNsEqgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07AXkgqBIBOZwanxB-EgYrzsBSTQ%26client%3Dca-pub-4298256310626779%26adurl%3D accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://as.ad4m.at/ad/dr?ed=1jqb3fa5159e5ec8gassgm9r0cafk5p1kpxcpg70mnbxbmp0qw6y03gqe93s87e70ygbpm1k0qvfq3qytsv5ckj501bkge668kqp9tmhn32n2esghjcymretcdsk4xj7qwtyeq8xs7m15j7rgfcnwyq5963ahwme9tqpt333sdvdvfgaj23k7d8taneyy6g7b45v6nxkt7vbzsfc2na22tvbt8fadpjzk6dv3trt9pzaktq5ws9npptjmkbrxrycmsz2as80f4vxcwbywvg01wq4yxbc7nweecg5ypm90mzh9w0p5hmjfctfreesyexrfbgh2cgmc0shqrhssq5xfjrf6jkkj2cz08z7nk6v32nkt00stbxzxvvzk7db39swef3pdrky9saq2cae6egrcszr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC8E4B-ccvYdGVLZeD2fcPzJiGqAqQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTQyOTgyNTYzMTA2MjY3NzmgAcKu6N0DyAEJqQIDm66sB-KzPqgDAaoExwFP0HgpSvN-IjSLKDZJNTCkzkjmQRWzLinxv3tvH63ySBPHmW-9TpVgRbbDrLjKlOQi9NDF_TzX-DUxp_wa37PScU6V7g2gzvmbXQ2zAqXFrWo-Ew3CGAvSmahrKhSYLu_MfsYIObkRNQ92nCc0t77YBu7kC2xdWESdx9J1hWHkk0TDKDvoZRbFFAKI_wX4GkpcfXuD9-KNH34LekjFXvSL-ZTfe6lAxlrRXoQYBdgJdvGisHn9KEYdX96rERsHW-0kBooCvre1gAbjzKenhfGNsEqgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_07AXkgqBIBOZwanxB-EgYrzsBSTQ%26client%3Dca-pub-4298256310626779%26adurl%3D Response headers date Wed, 01 Sep 2021 18:35:38 GMT content-type text/html; charset=utf-8 strict-transport-security max-age=86400; includeSubDomains; preload cache-control no-store, no-cache, must-revalidate, proxy-revalidate x-download-options noopen x-content-type-options nosniff report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} x-xss-protection 1; mode=block content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' referrer-policy same-origin feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} expires 0 surrogate-control no-store pragma no-cache via 1.1 google alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6880997daf764e9e-FRA content-encoding br
GET H3-29	200	rar Show response as.ad4m.at/ad/ Frame 25D4	6 KB 4 KB	23ms 23ms	Document text/html	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=xab-IzyrCsTfxTmqu2VYgJsXsAP7fK9s&g=21cb8c61b94290cdcd0adcbdeb997622%2F3839890826679373749&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338480&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g7dpzdjb7evwn3wkx93k5y4zddd12w9xapemk0jx7vnxsx888wp8rc9a6jrte56n0r1vvv5mw2vdynhqfb1dv4nevjgve38qykfr5pjpm6aexk1zw3jgw3ftx3cevx6x3tydxqsn122hx621nkcefrw24nymjj4qbnna9zhpsz10ve604zr7kcd052r3jt5kyq5adz0qrcatgyf6sc6ygq4r8v1jtgb18011hgshs8fc3nps4ajq8q019d7a5b5zxp7jse0rsbcj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCWzHD-ccvYb7WKqKKzAbo-aGIBpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTHAU_Q6ajeNgcQ4xxNEnjkxEEUQMPEODu569xiZYbbGFsg5iUjDo1yDiHnOOMsfjsk2ZMKENoiTfkMhMiUMyMjxeWCU3uMsZzLP_dk18HHxF619a2g5HkIg-K_Do6gOKEINoqFDT5FoF0bLEpyddTOnDyW-bAzcfnrWe58vjHpXGhI5bl2K5K_HAzx6ZSvSrDunBNrWlEazUtV2mhKtuMcjEsUMDE5oxbHlfG38YHf14eNr_WZnrpmxwcgt-armFTnFxLoczOZFYmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1wD4rfS2VwQbPVIP_BPm7L2-vtJg%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Requested by Host: ad4m.at URL: https://ad4m.at/fxpcopuw.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b4105b58565c7041253ee4e2682f6e80a6ceebfe071cee7817322b7cdf6b5766 Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority as.ad4m.at :scheme https :path /ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=xab-IzyrCsTfxTmqu2VYgJsXsAP7fK9s&g=21cb8c61b94290cdcd0adcbdeb997622%2F3839890826679373749&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338480&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g7dpzdjb7evwn3wkx93k5y4zddd12w9xapemk0jx7vnxsx888wp8rc9a6jrte56n0r1vvv5mw2vdynhqfb1dv4nevjgve38qykfr5pjpm6aexk1zw3jgw3ftx3cevx6x3tydxqsn122hx621nkcefrw24nymjj4qbnna9zhpsz10ve604zr7kcd052r3jt5kyq5adz0qrcatgyf6sc6ygq4r8v1jtgb18011hgshs8fc3nps4ajq8q019d7a5b5zxp7jse0rsbcj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCWzHD-ccvYb7WKqKKzAbo-aGIBpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTHAU_Q6ajeNgcQ4xxNEnjkxEEUQMPEODu569xiZYbbGFsg5iUjDo1yDiHnOOMsfjsk2ZMKENoiTfkMhMiUMyMjxeWCU3uMsZzLP_dk18HHxF619a2g5HkIg-K_Do6gOKEINoqFDT5FoF0bLEpyddTOnDyW-bAzcfnrWe58vjHpXGhI5bl2K5K_HAzx6ZSvSrDunBNrWlEazUtV2mhKtuMcjEsUMDE5oxbHlfG38YHf14eNr_WZnrpmxwcgt-armFTnFxLoczOZFYmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1wD4rfS2VwQbPVIP_BPm7L2-vtJg%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://as.ad4m.at/ad/dr?ed=1hcx3m45w97jv36td4jak0myaqwepy1bb4bd00gsfpb26k90h5mzxdbeb9zzz00eqtawjdrc1qzd13ry00edkttzmy3nfq1554y038p2ps7t881krhrmv0j69agakdwctpbw6999se8xtvfe2zr6gz5e5f1dyt14hcygmkcpysdbmg3rjthssvjdmedag146hht6145dwwj96kqjyqr6rjx3avwacr19f1e0y0m7kar6hmp7x95pnxs2bp74gm6y265zay9kznj7ssbd9p4zf7kndeb6rqj3gf820qdmzd0wpdv4rymz3sgw6b0xk4xfks1283vvtf3fsw2c8w1dhz00bxw4esdgs1vcakxza131qs0y4erz88c8vk023mp95m98xjd4mh3ja423mabgznnt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWzHD-ccvYb7WKqKKzAbo-aGIBpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTHAU_Q6ajeNgcQ4xxNEnjkxEEUQMPEODu569xiZYbbGFsg5iUjDo1yDiHnOOMsfjsk2ZMKENoiTfkMhMiUMyMjxeWCU3uMsZzLP_dk18HHxF619a2g5HkIg-K_Do6gOKEINoqFDT5FoF0bLEpyddTOnDyW-bAzcfnrWe58vjHpXGhI5bl2K5K_HAzx6ZSvSrDunBNrWlEazUtV2mhKtuMcjEsUMDE5oxbHlfG38YHf14eNr_WZnrpmxwcgt-armFTnFxLoczOZFYmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wD4rfS2VwQbPVIP_BPm7L2-vtJg%26client%3Dca-pub-4298256310626779%26adurl%3D accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://as.ad4m.at/ad/dr?ed=1hcx3m45w97jv36td4jak0myaqwepy1bb4bd00gsfpb26k90h5mzxdbeb9zzz00eqtawjdrc1qzd13ry00edkttzmy3nfq1554y038p2ps7t881krhrmv0j69agakdwctpbw6999se8xtvfe2zr6gz5e5f1dyt14hcygmkcpysdbmg3rjthssvjdmedag146hht6145dwwj96kqjyqr6rjx3avwacr19f1e0y0m7kar6hmp7x95pnxs2bp74gm6y265zay9kznj7ssbd9p4zf7kndeb6rqj3gf820qdmzd0wpdv4rymz3sgw6b0xk4xfks1283vvtf3fsw2c8w1dhz00bxw4esdgs1vcakxza131qs0y4erz88c8vk023mp95m98xjd4mh3ja423mabgznnt&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWzHD-ccvYb7WKqKKzAbo-aGIBpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTHAU_Q6ajeNgcQ4xxNEnjkxEEUQMPEODu569xiZYbbGFsg5iUjDo1yDiHnOOMsfjsk2ZMKENoiTfkMhMiUMyMjxeWCU3uMsZzLP_dk18HHxF619a2g5HkIg-K_Do6gOKEINoqFDT5FoF0bLEpyddTOnDyW-bAzcfnrWe58vjHpXGhI5bl2K5K_HAzx6ZSvSrDunBNrWlEazUtV2mhKtuMcjEsUMDE5oxbHlfG38YHf14eNr_WZnrpmxwcgt-armFTnFxLoczOZFYmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1wD4rfS2VwQbPVIP_BPm7L2-vtJg%26client%3Dca-pub-4298256310626779%26adurl%3D Response headers date Wed, 01 Sep 2021 18:35:38 GMT content-type text/html; charset=utf-8 strict-transport-security max-age=86400; includeSubDomains; preload cache-control no-store, no-cache, must-revalidate, proxy-revalidate x-download-options noopen x-content-type-options nosniff report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} x-xss-protection 1; mode=block content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' referrer-policy same-origin feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} expires 0 surrogate-control no-store pragma no-cache via 1.1 google alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6880997daf7f4e9e-FRA content-encoding br
GET H3-29	200	rar Show response as.ad4m.at/ad/ Frame 5BF2	6 KB 4 KB	25ms 25ms	Document text/html	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=MInmF05_CaZFcRpKv2H_2EewNtCCUBaN&g=e739bab853e479dc33ee98637b984eae%2F198757594679245095&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338489&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jcrq339m6f2kafkmq316x7yfv6cs0f088g79h6wk2m3wtma4a54b1f10gxwbh1rgeexccg6mpk5hg0q0asd9sztcbxcc8p3n5wj793n3jjhs65mcmfm706qntxmykbcq0nxc2vyec9w7ktmrh8mbp2wq9kf2dek0fy5g5wwgtsz3f3vsk6cjx50tnqke4mbhnwz41f2xjmytxkmn8r8yknypvh2t7yje706c4fqf8b8hj3ma7nrcj4p9q2d3vqh1wjwyesvx9jw2%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjT7Q-ccvYcTcJ4-e-wbe467wCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTGAU_QwGxrHvfElCQXZL7vCXohidUAcO8FLkRORdPLC3cB4iI0k4mcA0NcKnkId7_Y9KCcyr8D6Lno7yocBMQ-4QvrENGGrxtG373w92BNkuPoMFMxtMI4lcVgrH_ZVH-kuCSBHpWq1FqVgIhy7EXP9sMeVOMCxMISIu4xWD6MYixa6FTl0tE45KvDxg8b-OPGURWOTdCMnYKxheMkShI9zhKMD6RDgS_0PwTj-4B_NV3ebX7KamV2Laisnlezoa1GQ5gJ1Rj7HYAGv8uJxrfT-dFboAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2Pc90N09CQiBYOXwu65eOA32Z_4w%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Requested by Host: ad4m.at URL: https://ad4m.at/fxpcopuw.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cc2f3139cbd954dc2ab38abc3811752f5b3fedc97f90f4d2042961c0f938e3eb Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority as.ad4m.at :scheme https :path /ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=MInmF05_CaZFcRpKv2H_2EewNtCCUBaN&g=e739bab853e479dc33ee98637b984eae%2F198757594679245095&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338489&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jcrq339m6f2kafkmq316x7yfv6cs0f088g79h6wk2m3wtma4a54b1f10gxwbh1rgeexccg6mpk5hg0q0asd9sztcbxcc8p3n5wj793n3jjhs65mcmfm706qntxmykbcq0nxc2vyec9w7ktmrh8mbp2wq9kf2dek0fy5g5wwgtsz3f3vsk6cjx50tnqke4mbhnwz41f2xjmytxkmn8r8yknypvh2t7yje706c4fqf8b8hj3ma7nrcj4p9q2d3vqh1wjwyesvx9jw2%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjT7Q-ccvYcTcJ4-e-wbe467wCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTGAU_QwGxrHvfElCQXZL7vCXohidUAcO8FLkRORdPLC3cB4iI0k4mcA0NcKnkId7_Y9KCcyr8D6Lno7yocBMQ-4QvrENGGrxtG373w92BNkuPoMFMxtMI4lcVgrH_ZVH-kuCSBHpWq1FqVgIhy7EXP9sMeVOMCxMISIu4xWD6MYixa6FTl0tE45KvDxg8b-OPGURWOTdCMnYKxheMkShI9zhKMD6RDgS_0PwTj-4B_NV3ebX7KamV2Laisnlezoa1GQ5gJ1Rj7HYAGv8uJxrfT-dFboAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2Pc90N09CQiBYOXwu65eOA32Z_4w%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://as.ad4m.at/ad/dr?ed=1gd4zzcnj8gpqv0xb6wg2ff336skp8gcws3bh0mcvtgq0qta2ppcyb71g7dpgve6vas8xxcnyr103krnf8kcpfdy7dz4wz3yxxegjt5k9bgeqvydratk6wkt0maa2mqjk2krve348qh5j2rxhdjyjhy868nzdy4yxcvavtmwcp1en3avtmm97wr29c8xgzp5dpy0t1f3mx3nj4c0wzrm8k4ezyynnrkcthy3xamtndshf4jrp8b7dqrrsx6evthde15gwny8x3r7sxhxpzwg3x752exvz25a4a8v9b7p72d7q5a48b0z0femym5779v3y8xgbqz5t28c4371x5pyh9c19vd9b20ea88e9nwgt6sdxzbywq2amjh3mpq9x77jyz254d0067aak9a2n4w75gr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjT7Q-ccvYcTcJ4-e-wbe467wCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTGAU_QwGxrHvfElCQXZL7vCXohidUAcO8FLkRORdPLC3cB4iI0k4mcA0NcKnkId7_Y9KCcyr8D6Lno7yocBMQ-4QvrENGGrxtG373w92BNkuPoMFMxtMI4lcVgrH_ZVH-kuCSBHpWq1FqVgIhy7EXP9sMeVOMCxMISIu4xWD6MYixa6FTl0tE45KvDxg8b-OPGURWOTdCMnYKxheMkShI9zhKMD6RDgS_0PwTj-4B_NV3ebX7KamV2Laisnlezoa1GQ5gJ1Rj7HYAGv8uJxrfT-dFboAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Pc90N09CQiBYOXwu65eOA32Z_4w%26client%3Dca-pub-4298256310626779%26adurl%3D accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://as.ad4m.at/ad/dr?ed=1gd4zzcnj8gpqv0xb6wg2ff336skp8gcws3bh0mcvtgq0qta2ppcyb71g7dpgve6vas8xxcnyr103krnf8kcpfdy7dz4wz3yxxegjt5k9bgeqvydratk6wkt0maa2mqjk2krve348qh5j2rxhdjyjhy868nzdy4yxcvavtmwcp1en3avtmm97wr29c8xgzp5dpy0t1f3mx3nj4c0wzrm8k4ezyynnrkcthy3xamtndshf4jrp8b7dqrrsx6evthde15gwny8x3r7sxhxpzwg3x752exvz25a4a8v9b7p72d7q5a48b0z0femym5779v3y8xgbqz5t28c4371x5pyh9c19vd9b20ea88e9nwgt6sdxzbywq2amjh3mpq9x77jyz254d0067aak9a2n4w75gr&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjT7Q-ccvYcTcJ4-e-wbe467wCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTGAU_QwGxrHvfElCQXZL7vCXohidUAcO8FLkRORdPLC3cB4iI0k4mcA0NcKnkId7_Y9KCcyr8D6Lno7yocBMQ-4QvrENGGrxtG373w92BNkuPoMFMxtMI4lcVgrH_ZVH-kuCSBHpWq1FqVgIhy7EXP9sMeVOMCxMISIu4xWD6MYixa6FTl0tE45KvDxg8b-OPGURWOTdCMnYKxheMkShI9zhKMD6RDgS_0PwTj-4B_NV3ebX7KamV2Laisnlezoa1GQ5gJ1Rj7HYAGv8uJxrfT-dFboAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2Pc90N09CQiBYOXwu65eOA32Z_4w%26client%3Dca-pub-4298256310626779%26adurl%3D Response headers date Wed, 01 Sep 2021 18:35:38 GMT content-type text/html; charset=utf-8 strict-transport-security max-age=86400; includeSubDomains; preload cache-control no-store, no-cache, must-revalidate, proxy-revalidate x-download-options noopen x-content-type-options nosniff report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} x-xss-protection 1; mode=block content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' referrer-policy same-origin feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} expires 0 surrogate-control no-store pragma no-cache via 1.1 google alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6880997daf884e9e-FRA content-encoding br
GET H3-29	200	rar Show response as.ad4m.at/ad/ Frame FCE0	6 KB 4 KB	27ms 27ms	Document text/html	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=YE_QH4q1sR6ldDPdlFwgUNsyoQ5Ywyrk&g=ccb1f6f97ae7f0d04088fe3ccd84cb50%2F8675000444757962647&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338496&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gvb965ttyr5128t651drhq209548mwvfxe3xtv6apt5gkh2dhz6vvesagagxfvtj2wbvgx3cz5s1kk1q1hkwtzpm2jyrgz3wa41sx3j6x35kzzne7a04s80t9s94vav4a0nez35y3mz6ked32ew53t4m797cz9dgsgfghe3bctgvr176ckwmcfzg0f13cj2k5cbsakw315ptpcyef255cmc8x228assttfyfjjjc1k9gxp63bc41s24wbh2e5db1v4gfmzwrm5ky%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC05s6-ccvYfmaKuS8-wb9nLGACZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QYWppESivUahUKCItYHyM8FMBEiUagLmZ-nKoczYlWT0IzdEOj6YDA1cbyGJI69Gfp7HX7x0PcV1ueVa2an7OXfmmhhdp7OLnEK8zfmDUH5wyvCxY2HKhyJ-S-QBbs-cpjnalFLH5OzS83RFkOTZGytcDPAfpXdu9LZ9IL80Hdn0e0d85bwZzYQ4FdyUR6li6IgRA0wYSjONH3ROQheE3qLjNJj7ZzXAgM7Mzx8YnovejJSXFjIZNzv3UjXOdJgdgC7a4NUeABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3Ux-yqD21JAJP2tCNFMeU3vbTKwQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Requested by Host: ad4m.at URL: https://ad4m.at/fxpcopuw.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ee2bd3e50424ecd243b8cc21c6afb339d3f5b4e6c956c690dfd6d0f857b7c6a1 Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority as.ad4m.at :scheme https :path /ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=YE_QH4q1sR6ldDPdlFwgUNsyoQ5Ywyrk&g=ccb1f6f97ae7f0d04088fe3ccd84cb50%2F8675000444757962647&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338496&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gvb965ttyr5128t651drhq209548mwvfxe3xtv6apt5gkh2dhz6vvesagagxfvtj2wbvgx3cz5s1kk1q1hkwtzpm2jyrgz3wa41sx3j6x35kzzne7a04s80t9s94vav4a0nez35y3mz6ked32ew53t4m797cz9dgsgfghe3bctgvr176ckwmcfzg0f13cj2k5cbsakw315ptpcyef255cmc8x228assttfyfjjjc1k9gxp63bc41s24wbh2e5db1v4gfmzwrm5ky%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC05s6-ccvYfmaKuS8-wb9nLGACZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QYWppESivUahUKCItYHyM8FMBEiUagLmZ-nKoczYlWT0IzdEOj6YDA1cbyGJI69Gfp7HX7x0PcV1ueVa2an7OXfmmhhdp7OLnEK8zfmDUH5wyvCxY2HKhyJ-S-QBbs-cpjnalFLH5OzS83RFkOTZGytcDPAfpXdu9LZ9IL80Hdn0e0d85bwZzYQ4FdyUR6li6IgRA0wYSjONH3ROQheE3qLjNJj7ZzXAgM7Mzx8YnovejJSXFjIZNzv3UjXOdJgdgC7a4NUeABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3Ux-yqD21JAJP2tCNFMeU3vbTKwQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://as.ad4m.at/ad/dr?ed=1j0tesh5eq5yhskad29ser4znk22230k99kpjtzjcegry68cbp1s0wxpme38x3gf206k6dwznj5hg3n5qtp41krz8v4j1992h63jmvfh949gsjvf4z4znyc68eacsder97k8berja7939d2pcdxwna07zhah0dhxef3xk0xps7dp2w3apx6w3qd7n8q66gmsgmw80728z4ktq33q83h2bm3t9b2fztbkwwpcqt95e1qqbwzpakrs848gjzqkh11z613858tbv7qhhevcc18ddrvqnt2tbzz3yxwqhgge9qmf67xh2bqr099t4xay6dxm9jecah358e9h0ss7n7kgpeejw7pnxpnv29vpbngasmmrg34vypzggyft15h6zkb8aya1s8a0yh89fw6kkqk9657p&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC05s6-ccvYfmaKuS8-wb9nLGACZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QYWppESivUahUKCItYHyM8FMBEiUagLmZ-nKoczYlWT0IzdEOj6YDA1cbyGJI69Gfp7HX7x0PcV1ueVa2an7OXfmmhhdp7OLnEK8zfmDUH5wyvCxY2HKhyJ-S-QBbs-cpjnalFLH5OzS83RFkOTZGytcDPAfpXdu9LZ9IL80Hdn0e0d85bwZzYQ4FdyUR6li6IgRA0wYSjONH3ROQheE3qLjNJj7ZzXAgM7Mzx8YnovejJSXFjIZNzv3UjXOdJgdgC7a4NUeABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Ux-yqD21JAJP2tCNFMeU3vbTKwQ%26client%3Dca-pub-4298256310626779%26adurl%3D accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://as.ad4m.at/ad/dr?ed=1j0tesh5eq5yhskad29ser4znk22230k99kpjtzjcegry68cbp1s0wxpme38x3gf206k6dwznj5hg3n5qtp41krz8v4j1992h63jmvfh949gsjvf4z4znyc68eacsder97k8berja7939d2pcdxwna07zhah0dhxef3xk0xps7dp2w3apx6w3qd7n8q66gmsgmw80728z4ktq33q83h2bm3t9b2fztbkwwpcqt95e1qqbwzpakrs848gjzqkh11z613858tbv7qhhevcc18ddrvqnt2tbzz3yxwqhgge9qmf67xh2bqr099t4xay6dxm9jecah358e9h0ss7n7kgpeejw7pnxpnv29vpbngasmmrg34vypzggyft15h6zkb8aya1s8a0yh89fw6kkqk9657p&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC05s6-ccvYfmaKuS8-wb9nLGACZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QYWppESivUahUKCItYHyM8FMBEiUagLmZ-nKoczYlWT0IzdEOj6YDA1cbyGJI69Gfp7HX7x0PcV1ueVa2an7OXfmmhhdp7OLnEK8zfmDUH5wyvCxY2HKhyJ-S-QBbs-cpjnalFLH5OzS83RFkOTZGytcDPAfpXdu9LZ9IL80Hdn0e0d85bwZzYQ4FdyUR6li6IgRA0wYSjONH3ROQheE3qLjNJj7ZzXAgM7Mzx8YnovejJSXFjIZNzv3UjXOdJgdgC7a4NUeABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3Ux-yqD21JAJP2tCNFMeU3vbTKwQ%26client%3Dca-pub-4298256310626779%26adurl%3D Response headers date Wed, 01 Sep 2021 18:35:38 GMT content-type text/html; charset=utf-8 strict-transport-security max-age=86400; includeSubDomains; preload cache-control no-store, no-cache, must-revalidate, proxy-revalidate x-download-options noopen x-content-type-options nosniff report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} x-xss-protection 1; mode=block content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' referrer-policy same-origin feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} expires 0 surrogate-control no-store pragma no-cache via 1.1 google alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6880997dbf924e9e-FRA content-encoding br
GET H3-29	200	rar Show response as.ad4m.at/ad/ Frame 5AE5	6 KB 3 KB	25ms 24ms	Document text/html	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=a93ea71c819e98155f38500b6a3abbb8%2F8622651632706915320&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338516&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h0c9mxsq761tvhg3fzkh03hwfcqcegv97yxt80dzz9pytac0h11r3x0sh82qwcath42csx8edwy9a88qyr1yv7be9xcqjhh6wnza6aee7z8fmpnzcck7sjy014v56vndbjh6br7c1068qw4339cf4d2s5td80nhqvrkvk87vsxcxv7n72ch2eqqejaxmcycsa1xjybdr94nh502s0v55y5d51rdafxgqgpc8xk1fy9jkxkz1647amfcs16xn6deq860mvzazhszc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCTIqj-ccvYffYL8On-wbDjpDwApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QfWyJ_iinIs3bkHdTHCHUOBrsO-oQRJ2Lz30kLd5fY1zpO1Xznl0zob6dXHIQr4r0qJvN6aMUIJo9jbhq4LY-7U3Tj7vBSP4DHPzWxv7uEHURmpIRh0tDHyHRnhW9nUeuDCx_hTGhw58i95WHIoDCPEJ3HCKz_k-rYxhxQcWyE6vXKelas8b9oo9G3nEFNl9NDFsGTEElh5_sqECzH7aVWrMc90xe6KtvohDkKhf6kF8TJdhG_IiZzvvLNceBgpXfCpCdB_uABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1k2Ld48m18tUfHbxcmSc9kCtfXFQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=0&z=0 Requested by Host: ad4m.at URL: https://ad4m.at/fxpcopuw.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1cc7c151c1a85d62c26f986a292739a10f91073a53387ab779ef2abfc9b90f77 Security Headers Name Value Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority as.ad4m.at :scheme https :path /ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=a93ea71c819e98155f38500b6a3abbb8%2F8622651632706915320&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338516&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h0c9mxsq761tvhg3fzkh03hwfcqcegv97yxt80dzz9pytac0h11r3x0sh82qwcath42csx8edwy9a88qyr1yv7be9xcqjhh6wnza6aee7z8fmpnzcck7sjy014v56vndbjh6br7c1068qw4339cf4d2s5td80nhqvrkvk87vsxcxv7n72ch2eqqejaxmcycsa1xjybdr94nh502s0v55y5d51rdafxgqgpc8xk1fy9jkxkz1647amfcs16xn6deq860mvzazhszc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCTIqj-ccvYffYL8On-wbDjpDwApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QfWyJ_iinIs3bkHdTHCHUOBrsO-oQRJ2Lz30kLd5fY1zpO1Xznl0zob6dXHIQr4r0qJvN6aMUIJo9jbhq4LY-7U3Tj7vBSP4DHPzWxv7uEHURmpIRh0tDHyHRnhW9nUeuDCx_hTGhw58i95WHIoDCPEJ3HCKz_k-rYxhxQcWyE6vXKelas8b9oo9G3nEFNl9NDFsGTEElh5_sqECzH7aVWrMc90xe6KtvohDkKhf6kF8TJdhG_IiZzvvLNceBgpXfCpCdB_uABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1k2Ld48m18tUfHbxcmSc9kCtfXFQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=0&z=0 pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site same-origin sec-fetch-mode navigate sec-fetch-dest iframe referer https://as.ad4m.at/ad/dr?ed=1hqy08b738z4f6dvm8ty0fnx2kyeqb67p0zzme6nbp7gd5qzz43nx1dqce2vxpc3k098rkrefzcx09tapf48wxztdffyg9k5mb5t4vw0spe71bj6f3cyyh0m07evz1yr849tae8s3rs1tdtcs62zjcxd57hxg68421a95zfbr26aenmxzzn4pnscrrx4kmmxg3vk7vxpm53k3qx9dvm9zt64y3nynbrdhhy19xpq3zc4asyjr22e2asg963yzh2jvz5qz3x0nrqnkpp5349wn8y5kp6njbkjvws0dsqbzkfejeywywbhvxa9pm1sazt7n686kebkzr1nkbjdrxr6nw69x5gd0ekwb3mhdp8jbsq5dgr8ks5zqmzh666f4fjetq9mve8mdx9vtz19gz1b99cb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTIqj-ccvYffYL8On-wbDjpDwApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QfWyJ_iinIs3bkHdTHCHUOBrsO-oQRJ2Lz30kLd5fY1zpO1Xznl0zob6dXHIQr4r0qJvN6aMUIJo9jbhq4LY-7U3Tj7vBSP4DHPzWxv7uEHURmpIRh0tDHyHRnhW9nUeuDCx_hTGhw58i95WHIoDCPEJ3HCKz_k-rYxhxQcWyE6vXKelas8b9oo9G3nEFNl9NDFsGTEElh5_sqECzH7aVWrMc90xe6KtvohDkKhf6kF8TJdhG_IiZzvvLNceBgpXfCpCdB_uABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1k2Ld48m18tUfHbxcmSc9kCtfXFQ%26client%3Dca-pub-4298256310626779%26adurl%3D accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer https://as.ad4m.at/ad/dr?ed=1hqy08b738z4f6dvm8ty0fnx2kyeqb67p0zzme6nbp7gd5qzz43nx1dqce2vxpc3k098rkrefzcx09tapf48wxztdffyg9k5mb5t4vw0spe71bj6f3cyyh0m07evz1yr849tae8s3rs1tdtcs62zjcxd57hxg68421a95zfbr26aenmxzzn4pnscrrx4kmmxg3vk7vxpm53k3qx9dvm9zt64y3nynbrdhhy19xpq3zc4asyjr22e2asg963yzh2jvz5qz3x0nrqnkpp5349wn8y5kp6njbkjvws0dsqbzkfejeywywbhvxa9pm1sazt7n686kebkzr1nkbjdrxr6nw69x5gd0ekwb3mhdp8jbsq5dgr8ks5zqmzh666f4fjetq9mve8mdx9vtz19gz1b99cb&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCTIqj-ccvYffYL8On-wbDjpDwApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QfWyJ_iinIs3bkHdTHCHUOBrsO-oQRJ2Lz30kLd5fY1zpO1Xznl0zob6dXHIQr4r0qJvN6aMUIJo9jbhq4LY-7U3Tj7vBSP4DHPzWxv7uEHURmpIRh0tDHyHRnhW9nUeuDCx_hTGhw58i95WHIoDCPEJ3HCKz_k-rYxhxQcWyE6vXKelas8b9oo9G3nEFNl9NDFsGTEElh5_sqECzH7aVWrMc90xe6KtvohDkKhf6kF8TJdhG_IiZzvvLNceBgpXfCpCdB_uABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1k2Ld48m18tUfHbxcmSc9kCtfXFQ%26client%3Dca-pub-4298256310626779%26adurl%3D Response headers date Wed, 01 Sep 2021 18:35:38 GMT content-type text/html; charset=utf-8 strict-transport-security max-age=86400; includeSubDomains; preload cache-control no-store, no-cache, must-revalidate, proxy-revalidate x-download-options noopen x-content-type-options nosniff report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} x-xss-protection 1; mode=block content-security-policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none' referrer-policy same-origin feature-policy geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self' nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} expires 0 surrogate-control no-store pragma no-cache via 1.1 google alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 6880997ddff14e9e-FRA content-encoding br
GET H3-29	200	default.css as.ad4m.at/ad/style/0.1.8/one-ad/ Frame E430	64 KB 8 KB	25ms 20ms	Stylesheet text/css	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=600&e=IOeiVsbvCo8PnUJ4H5u1neOJuM8AL3aX&g=77166a1f4e8133725f7c2840fdc98fe7%2F9208703253488620407&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338478&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jaksd7hysvxcez9thbym00rpq5y17es6yktmrp1mkwcme6dnq6pj855mbhtx9dysbc7tf32fcex7c1q5xzxas6fnckbxmv6c5zp33dt2h0n46ra4g534ba4hj25j1d747xk3gzbt9h0xpya228zsrfsrtk9tn215x0crvcbn91zjtdwphxczk7zrz9tqc064mqapmjhcym9m7v5zcp1r81ms6j4n5s8mspkt1rfsq8p2nvh1h9k4vyxap86ja6sc3marfa7fy9qt%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8E4B-ccvYdGVLZeD2fcPzJiGqAqQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTQyOTgyNTYzMTA2MjY3NzmgAcKu6N0DyAEJqQIDm66sB-KzPqgDAaoExwFP0HgpSvN-IjSLKDZJNTCkzkjmQRWzLinxv3tvH63ySBPHmW-9TpVgRbbDrLjKlOQi9NDF_TzX-DUxp_wa37PScU6V7g2gzvmbXQ2zAqXFrWo-Ew3CGAvSmahrKhSYLu_MfsYIObkRNQ92nCc0t77YBu7kC2xdWESdx9J1hWHkk0TDKDvoZRbFFAKI_wX4GkpcfXuD9-KNH34LekjFXvSL-ZTfe6lAxlrRXoQYBdgJdvGisHn9KEYdX96rERsHW-0kBooCvre1gAbjzKenhfGNsEqgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_07AXkgqBIBOZwanxB-EgYrzsBSTQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=600&e=IOeiVsbvCo8PnUJ4H5u1neOJuM8AL3aX&g=77166a1f4e8133725f7c2840fdc98fe7%2F9208703253488620407&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338478&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jaksd7hysvxcez9thbym00rpq5y17es6yktmrp1mkwcme6dnq6pj855mbhtx9dysbc7tf32fcex7c1q5xzxas6fnckbxmv6c5zp33dt2h0n46ra4g534ba4hj25j1d747xk3gzbt9h0xpya228zsrfsrtk9tn215x0crvcbn91zjtdwphxczk7zrz9tqc064mqapmjhcym9m7v5zcp1r81ms6j4n5s8mspkt1rfsq8p2nvh1h9k4vyxap86ja6sc3marfa7fy9qt%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8E4B-ccvYdGVLZeD2fcPzJiGqAqQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTQyOTgyNTYzMTA2MjY3NzmgAcKu6N0DyAEJqQIDm66sB-KzPqgDAaoExwFP0HgpSvN-IjSLKDZJNTCkzkjmQRWzLinxv3tvH63ySBPHmW-9TpVgRbbDrLjKlOQi9NDF_TzX-DUxp_wa37PScU6V7g2gzvmbXQ2zAqXFrWo-Ew3CGAvSmahrKhSYLu_MfsYIObkRNQ92nCc0t77YBu7kC2xdWESdx9J1hWHkk0TDKDvoZRbFFAKI_wX4GkpcfXuD9-KNH34LekjFXvSL-ZTfe6lAxlrRXoQYBdgJdvGisHn9KEYdX96rERsHW-0kBooCvre1gAbjzKenhfGNsEqgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_07AXkgqBIBOZwanxB-EgYrzsBSTQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} age 9899 cf-polished origSize=65497 surrogate-control no-store strict-transport-security max-age=86400; includeSubDomains; preload content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 x-xss-protection 1; mode=block pragma no-cache referrer-policy same-origin expires 0 last-modified Wed, 01 Sep 2021 15:50:39 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-download-options noopen report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} content-type text/css; charset=utf-8 vary Accept-Encoding cache-control max-age=3600, must-revalidate, proxy-revalidate cf-ray 6880997df82e4e9e-FRA cf-bgj minify
GET H2	200	B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528 assets.ad4m.at/logo/ Frame E430	18 KB 19 KB	51ms 28ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=600&e=IOeiVsbvCo8PnUJ4H5u1neOJuM8AL3aX&g=77166a1f4e8133725f7c2840fdc98fe7%2F9208703253488620407&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338478&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jaksd7hysvxcez9thbym00rpq5y17es6yktmrp1mkwcme6dnq6pj855mbhtx9dysbc7tf32fcex7c1q5xzxas6fnckbxmv6c5zp33dt2h0n46ra4g534ba4hj25j1d747xk3gzbt9h0xpya228zsrfsrtk9tn215x0crvcbn91zjtdwphxczk7zrz9tqc064mqapmjhcym9m7v5zcp1r81ms6j4n5s8mspkt1rfsq8p2nvh1h9k4vyxap86ja6sc3marfa7fy9qt%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8E4B-ccvYdGVLZeD2fcPzJiGqAqQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTQyOTgyNTYzMTA2MjY3NzmgAcKu6N0DyAEJqQIDm66sB-KzPqgDAaoExwFP0HgpSvN-IjSLKDZJNTCkzkjmQRWzLinxv3tvH63ySBPHmW-9TpVgRbbDrLjKlOQi9NDF_TzX-DUxp_wa37PScU6V7g2gzvmbXQ2zAqXFrWo-Ew3CGAvSmahrKhSYLu_MfsYIObkRNQ92nCc0t77YBu7kC2xdWESdx9J1hWHkk0TDKDvoZRbFFAKI_wX4GkpcfXuD9-KNH34LekjFXvSL-ZTfe6lAxlrRXoQYBdgJdvGisHn9KEYdX96rERsHW-0kBooCvre1gAbjzKenhfGNsEqgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_07AXkgqBIBOZwanxB-EgYrzsBSTQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 249310 cf-polished origFmt=png, origSize=35453 x-guploader-uploadid ADPycdu2nByeXjfOPqT7lHlpnmMnylP_Z-2k3HhkuK50aTjzxwkOZcUSFNaqrm-tSEobBJU8iJM1Ek0-aWiub8kzNX0gGyoY0A x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 18872 last-modified Mon, 18 May 2020 12:30:29 GMT server cloudflare etag "e18c9634cdd319e69c2765475f29cd13" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wtbCKlGycI9qk2EHMZLSA3%2F7HG4LVUQIZhl884IC14GFKAJxH7aRo7oUna6tidlDwofST%2F72Qqn8VfuOMLvpFB%2BeQrNlK6B9JDhoOWjXf8m3C4g0HpbliTCogzzidPE7MGPsi6c1vdVqtLT6"}],"group":"cf-nel","max_age":604800} x-goog-generation 1589805029334103 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 35453 accept-ranges bytes cf-ray 6880997e0a794eeb-FRA cf-bgj imgq:85,h2pri
GET H2	200	A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C assets.ad4m.at/product_image/ Frame E430	2 KB 2 KB	50ms 27ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=600&e=IOeiVsbvCo8PnUJ4H5u1neOJuM8AL3aX&g=77166a1f4e8133725f7c2840fdc98fe7%2F9208703253488620407&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338478&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jaksd7hysvxcez9thbym00rpq5y17es6yktmrp1mkwcme6dnq6pj855mbhtx9dysbc7tf32fcex7c1q5xzxas6fnckbxmv6c5zp33dt2h0n46ra4g534ba4hj25j1d747xk3gzbt9h0xpya228zsrfsrtk9tn215x0crvcbn91zjtdwphxczk7zrz9tqc064mqapmjhcym9m7v5zcp1r81ms6j4n5s8mspkt1rfsq8p2nvh1h9k4vyxap86ja6sc3marfa7fy9qt%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8E4B-ccvYdGVLZeD2fcPzJiGqAqQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTQyOTgyNTYzMTA2MjY3NzmgAcKu6N0DyAEJqQIDm66sB-KzPqgDAaoExwFP0HgpSvN-IjSLKDZJNTCkzkjmQRWzLinxv3tvH63ySBPHmW-9TpVgRbbDrLjKlOQi9NDF_TzX-DUxp_wa37PScU6V7g2gzvmbXQ2zAqXFrWo-Ew3CGAvSmahrKhSYLu_MfsYIObkRNQ92nCc0t77YBu7kC2xdWESdx9J1hWHkk0TDKDvoZRbFFAKI_wX4GkpcfXuD9-KNH34LekjFXvSL-ZTfe6lAxlrRXoQYBdgJdvGisHn9KEYdX96rERsHW-0kBooCvre1gAbjzKenhfGNsEqgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_07AXkgqBIBOZwanxB-EgYrzsBSTQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 507839 cf-polished origFmt=png, origSize=4031 x-guploader-uploadid ADPycduw6T2ge-dcMCB8q8PQRkN5ddfV5p1F05xdj5QIjyKx_lBHIAoQcv69zW7h0C0ikAUfnJqs8jpQ-4HqCJYqLcg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 1598 last-modified Wed, 20 Jan 2021 17:03:56 GMT server cloudflare etag "7a3a98fe673db7b2502bd5c6d1316e2c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebWfAd%2BEPDtOdkR0kvCDwFQNeTQNq2kRvJFAo1weB5eSyFh71JQRU9ymhP0%2Bw4r06IatpJ5KEBAaWQ3TNFEG8rCAkcJFYgewmWm6HLjkgcJANHm5FV%2FgBGFcFttOOJ77ZVIM3WVvUXIjYmVY"}],"group":"cf-nel","max_age":604800} x-goog-generation 1611162235947637 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 4031 accept-ranges bytes cf-ray 6880997e0a704eeb-FRA cf-bgj imgq:85,h2pri
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame E430	43 B 705 B	208ms 69ms	Image image/gif	104.111.239.217 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneide7RC3fVfxBVcjHZHet1teW3sjTQTx8Joneid__asuidIOeiVsbvCo8PnUJ4H5u1neOJuM8AL3aXasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=600&e=IOeiVsbvCo8PnUJ4H5u1neOJuM8AL3aX&g=77166a1f4e8133725f7c2840fdc98fe7%2F9208703253488620407&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338478&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jaksd7hysvxcez9thbym00rpq5y17es6yktmrp1mkwcme6dnq6pj855mbhtx9dysbc7tf32fcex7c1q5xzxas6fnckbxmv6c5zp33dt2h0n46ra4g534ba4hj25j1d747xk3gzbt9h0xpya228zsrfsrtk9tn215x0crvcbn91zjtdwphxczk7zrz9tqc064mqapmjhcym9m7v5zcp1r81ms6j4n5s8mspkt1rfsq8p2nvh1h9k4vyxap86ja6sc3marfa7fy9qt%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8E4B-ccvYdGVLZeD2fcPzJiGqAqQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTQyOTgyNTYzMTA2MjY3NzmgAcKu6N0DyAEJqQIDm66sB-KzPqgDAaoExwFP0HgpSvN-IjSLKDZJNTCkzkjmQRWzLinxv3tvH63ySBPHmW-9TpVgRbbDrLjKlOQi9NDF_TzX-DUxp_wa37PScU6V7g2gzvmbXQ2zAqXFrWo-Ew3CGAvSmahrKhSYLu_MfsYIObkRNQ92nCc0t77YBu7kC2xdWESdx9J1hWHkk0TDKDvoZRbFFAKI_wX4GkpcfXuD9-KNH34LekjFXvSL-ZTfe6lAxlrRXoQYBdgJdvGisHn9KEYdX96rERsHW-0kBooCvre1gAbjzKenhfGNsEqgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_07AXkgqBIBOZwanxB-EgYrzsBSTQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-239-217.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Wed, 01 Sep 2021 18:35:38 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0
GET H2	200	092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399 assets.ad4m.at/logo/ Frame E430	38 KB 39 KB	41ms 18ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=600&e=IOeiVsbvCo8PnUJ4H5u1neOJuM8AL3aX&g=77166a1f4e8133725f7c2840fdc98fe7%2F9208703253488620407&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338478&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jaksd7hysvxcez9thbym00rpq5y17es6yktmrp1mkwcme6dnq6pj855mbhtx9dysbc7tf32fcex7c1q5xzxas6fnckbxmv6c5zp33dt2h0n46ra4g534ba4hj25j1d747xk3gzbt9h0xpya228zsrfsrtk9tn215x0crvcbn91zjtdwphxczk7zrz9tqc064mqapmjhcym9m7v5zcp1r81ms6j4n5s8mspkt1rfsq8p2nvh1h9k4vyxap86ja6sc3marfa7fy9qt%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8E4B-ccvYdGVLZeD2fcPzJiGqAqQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTQyOTgyNTYzMTA2MjY3NzmgAcKu6N0DyAEJqQIDm66sB-KzPqgDAaoExwFP0HgpSvN-IjSLKDZJNTCkzkjmQRWzLinxv3tvH63ySBPHmW-9TpVgRbbDrLjKlOQi9NDF_TzX-DUxp_wa37PScU6V7g2gzvmbXQ2zAqXFrWo-Ew3CGAvSmahrKhSYLu_MfsYIObkRNQ92nCc0t77YBu7kC2xdWESdx9J1hWHkk0TDKDvoZRbFFAKI_wX4GkpcfXuD9-KNH34LekjFXvSL-ZTfe6lAxlrRXoQYBdgJdvGisHn9KEYdX96rERsHW-0kBooCvre1gAbjzKenhfGNsEqgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_07AXkgqBIBOZwanxB-EgYrzsBSTQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 507159 cf-polished origFmt=png, origSize=44613 x-guploader-uploadid ADPycdtPzXlOqwPBuDjLXeT9INqbT1JQ4K2k-jWqmum-TWLhnCwpfCYxD6FfzMw5S2NgH5j7NXT7v42JG-PNGqGGzg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 39202 last-modified Wed, 22 Jan 2020 13:11:41 GMT server cloudflare etag "c2a4f822e5a831f3b5cab39c8bcae61d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWyVKHhyK%2BCmynzBlfwPmDo41WXlVSB52kVtM6xFuHiJ9Q7iGecDJpKM8iRWuMbQ18%2Bd2ttzl%2B4rIrkKsQ86qXB8G9hVhXTscq%2FTpGuCv0jdtBDPQcn5Hrr5yC%2FGky3237%2BQqDOwpFywYSVJ"}],"group":"cf-nel","max_age":604800} x-goog-generation 1579698701189315 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 44613 accept-ranges bytes cf-ray 6880997e0a6c4eeb-FRA cf-bgj imgq:85,h2pri
GET H2	200	69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A assets.ad4m.at/ Frame E430	113 KB 113 KB	45ms 23ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=600&e=IOeiVsbvCo8PnUJ4H5u1neOJuM8AL3aX&g=77166a1f4e8133725f7c2840fdc98fe7%2F9208703253488620407&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338478&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jaksd7hysvxcez9thbym00rpq5y17es6yktmrp1mkwcme6dnq6pj855mbhtx9dysbc7tf32fcex7c1q5xzxas6fnckbxmv6c5zp33dt2h0n46ra4g534ba4hj25j1d747xk3gzbt9h0xpya228zsrfsrtk9tn215x0crvcbn91zjtdwphxczk7zrz9tqc064mqapmjhcym9m7v5zcp1r81ms6j4n5s8mspkt1rfsq8p2nvh1h9k4vyxap86ja6sc3marfa7fy9qt%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8E4B-ccvYdGVLZeD2fcPzJiGqAqQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTQyOTgyNTYzMTA2MjY3NzmgAcKu6N0DyAEJqQIDm66sB-KzPqgDAaoExwFP0HgpSvN-IjSLKDZJNTCkzkjmQRWzLinxv3tvH63ySBPHmW-9TpVgRbbDrLjKlOQi9NDF_TzX-DUxp_wa37PScU6V7g2gzvmbXQ2zAqXFrWo-Ew3CGAvSmahrKhSYLu_MfsYIObkRNQ92nCc0t77YBu7kC2xdWESdx9J1hWHkk0TDKDvoZRbFFAKI_wX4GkpcfXuD9-KNH34LekjFXvSL-ZTfe6lAxlrRXoQYBdgJdvGisHn9KEYdX96rERsHW-0kBooCvre1gAbjzKenhfGNsEqgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_07AXkgqBIBOZwanxB-EgYrzsBSTQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 511143 cf-polished origFmt=png, origSize=136328 x-guploader-uploadid ADPycduj874xBwWers7A0rvM5jKeVfBW1MVoviMq067fpwP36KmZ5H_UxJMVWZkp4S1GZRvF8zE9V0jaBG58OyvE-DY x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 115268 last-modified Tue, 29 Oct 2019 09:42:57 GMT server cloudflare etag "0357ac79cb3ff45b9d567eab80c7e34c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ChKIwE4%2F5awFjPmcYcAdMRwxNg9sIoRcjggLxW%2F0%2FFyVbzRelD5jJMA7rbpBOtCSqDEW3nwRqmBYr2X9maiJGW%2B5MRQYNGkwrSZh7ZMd8gDl55Arl43WOQ1s7sOrGwguxnR5FnOE0cjF8HE"}],"group":"cf-nel","max_age":604800} x-goog-generation 1572342177666668 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 136328 accept-ranges bytes cf-ray 6880997e0a734eeb-FRA cf-bgj imgq:85,h2pri
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame E430	43 B 702 B	278ms 70ms	Image image/gif	104.111.239.217 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneide7RC3fVfYpcjHZHet1tbrzUjTQTx8Joneid__asuidIOeiVsbvCo8PnUJ4H5u1neOJuM8AL3aXasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=600&e=IOeiVsbvCo8PnUJ4H5u1neOJuM8AL3aX&g=77166a1f4e8133725f7c2840fdc98fe7%2F9208703253488620407&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338478&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jaksd7hysvxcez9thbym00rpq5y17es6yktmrp1mkwcme6dnq6pj855mbhtx9dysbc7tf32fcex7c1q5xzxas6fnckbxmv6c5zp33dt2h0n46ra4g534ba4hj25j1d747xk3gzbt9h0xpya228zsrfsrtk9tn215x0crvcbn91zjtdwphxczk7zrz9tqc064mqapmjhcym9m7v5zcp1r81ms6j4n5s8mspkt1rfsq8p2nvh1h9k4vyxap86ja6sc3marfa7fy9qt%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8E4B-ccvYdGVLZeD2fcPzJiGqAqQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTQyOTgyNTYzMTA2MjY3NzmgAcKu6N0DyAEJqQIDm66sB-KzPqgDAaoExwFP0HgpSvN-IjSLKDZJNTCkzkjmQRWzLinxv3tvH63ySBPHmW-9TpVgRbbDrLjKlOQi9NDF_TzX-DUxp_wa37PScU6V7g2gzvmbXQ2zAqXFrWo-Ew3CGAvSmahrKhSYLu_MfsYIObkRNQ92nCc0t77YBu7kC2xdWESdx9J1hWHkk0TDKDvoZRbFFAKI_wX4GkpcfXuD9-KNH34LekjFXvSL-ZTfe6lAxlrRXoQYBdgJdvGisHn9KEYdX96rERsHW-0kBooCvre1gAbjzKenhfGNsEqgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_07AXkgqBIBOZwanxB-EgYrzsBSTQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-239-217.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Wed, 01 Sep 2021 18:35:38 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0
GET H2	200	188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410 assets.ad4m.at/logo/ Frame E430	8 KB 9 KB	49ms 27ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=600&e=IOeiVsbvCo8PnUJ4H5u1neOJuM8AL3aX&g=77166a1f4e8133725f7c2840fdc98fe7%2F9208703253488620407&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338478&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jaksd7hysvxcez9thbym00rpq5y17es6yktmrp1mkwcme6dnq6pj855mbhtx9dysbc7tf32fcex7c1q5xzxas6fnckbxmv6c5zp33dt2h0n46ra4g534ba4hj25j1d747xk3gzbt9h0xpya228zsrfsrtk9tn215x0crvcbn91zjtdwphxczk7zrz9tqc064mqapmjhcym9m7v5zcp1r81ms6j4n5s8mspkt1rfsq8p2nvh1h9k4vyxap86ja6sc3marfa7fy9qt%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8E4B-ccvYdGVLZeD2fcPzJiGqAqQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTQyOTgyNTYzMTA2MjY3NzmgAcKu6N0DyAEJqQIDm66sB-KzPqgDAaoExwFP0HgpSvN-IjSLKDZJNTCkzkjmQRWzLinxv3tvH63ySBPHmW-9TpVgRbbDrLjKlOQi9NDF_TzX-DUxp_wa37PScU6V7g2gzvmbXQ2zAqXFrWo-Ew3CGAvSmahrKhSYLu_MfsYIObkRNQ92nCc0t77YBu7kC2xdWESdx9J1hWHkk0TDKDvoZRbFFAKI_wX4GkpcfXuD9-KNH34LekjFXvSL-ZTfe6lAxlrRXoQYBdgJdvGisHn9KEYdX96rERsHW-0kBooCvre1gAbjzKenhfGNsEqgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_07AXkgqBIBOZwanxB-EgYrzsBSTQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 514302 cf-polished qual=85, origFmt=jpeg, origSize=16723 x-guploader-uploadid ADPycdsWB__4IqPBYYG7Kpds-Oh9NiwUdYDgeYBeMRDoFkaGpviNrqYfQBH9SobGtpzf_sMJli3KEJKiwZt5MukWKlUq4QX9PA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 8354 last-modified Wed, 22 Jan 2020 13:13:07 GMT server cloudflare etag "04cb7ec205cea351157aeffb998f3a85" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ky2WzD1UDP5RMiKQj3VaE5a8kK6MUIJv0Mfnaz9VJSuGyiOn0zDm%2FSvyjCUZXTPRBC3EVCU6G2w%2F6Yiss52bhzSHl%2FLd7RIDZtpgYTtJMcmPNwfxM%2BQK5HXp66%2FzbbAq4%2B5F5Dk%2ForL3bY2o"}],"group":"cf-nel","max_age":604800} x-goog-generation 1579698787150900 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 16723 accept-ranges bytes cf-ray 6880997e0a754eeb-FRA cf-bgj imgq:85,h2pri
GET H2	200	FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B assets.ad4m.at/product_image/ Frame E430	30 KB 30 KB	50ms 28ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=600&e=IOeiVsbvCo8PnUJ4H5u1neOJuM8AL3aX&g=77166a1f4e8133725f7c2840fdc98fe7%2F9208703253488620407&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338478&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jaksd7hysvxcez9thbym00rpq5y17es6yktmrp1mkwcme6dnq6pj855mbhtx9dysbc7tf32fcex7c1q5xzxas6fnckbxmv6c5zp33dt2h0n46ra4g534ba4hj25j1d747xk3gzbt9h0xpya228zsrfsrtk9tn215x0crvcbn91zjtdwphxczk7zrz9tqc064mqapmjhcym9m7v5zcp1r81ms6j4n5s8mspkt1rfsq8p2nvh1h9k4vyxap86ja6sc3marfa7fy9qt%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8E4B-ccvYdGVLZeD2fcPzJiGqAqQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTQyOTgyNTYzMTA2MjY3NzmgAcKu6N0DyAEJqQIDm66sB-KzPqgDAaoExwFP0HgpSvN-IjSLKDZJNTCkzkjmQRWzLinxv3tvH63ySBPHmW-9TpVgRbbDrLjKlOQi9NDF_TzX-DUxp_wa37PScU6V7g2gzvmbXQ2zAqXFrWo-Ew3CGAvSmahrKhSYLu_MfsYIObkRNQ92nCc0t77YBu7kC2xdWESdx9J1hWHkk0TDKDvoZRbFFAKI_wX4GkpcfXuD9-KNH34LekjFXvSL-ZTfe6lAxlrRXoQYBdgJdvGisHn9KEYdX96rERsHW-0kBooCvre1gAbjzKenhfGNsEqgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_07AXkgqBIBOZwanxB-EgYrzsBSTQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 249513 cf-polished qual=85, origFmt=jpeg, origSize=81547 x-guploader-uploadid ADPycdshaSqQ24WpitH9jKkfFmURKTsmZPlBkDLtXQlt5GOx9BOsjNF_GQXRfV_MeQTdXbgICygfEUEbzTCJvQk7pGQTEMd_wQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 30226 last-modified Thu, 09 Apr 2020 08:50:22 GMT server cloudflare etag "f7c8b1c28756e1f042414e043a02e1fa" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kpLSdVfq1jFha2dg4ep60Exh7qx3FTPjw%2B7ysom7aD5xiUJHKybF4XOEnUxLDTiuHbqpcfI%2B3IyaVQgIPv%2F1vO47oWKVHVfdrwjRsqMk7OtxlRI0C2wfcLXzhSRrg45TnlOazSbPaLQ5eifT"}],"group":"cf-nel","max_age":604800} x-goog-generation 1586422222365290 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 81547 accept-ranges bytes cf-ray 6880997e0a724eeb-FRA cf-bgj imgq:85,h2pri
GET H/1.1	200	/ banner.congstar.de/cookie/ Frame E430 Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%... https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKz8xam13vICFdkz4Aod8MAKog;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d... https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__asuidIOeiVsbvCo8PnUJ4H5u1neOJuM8AL3aXasuid__dc_reach_suite02wkz&gdpr_cons... https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630521339_67d90630-0b53-11ec-b04d-692d0ef87526	0 518 B	154ms 51ms	Image text/plain	148.251.139.77 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630521339_67d90630-0b53-11ec-b04d-692d0ef87526 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=600&e=IOeiVsbvCo8PnUJ4H5u1neOJuM8AL3aX&g=77166a1f4e8133725f7c2840fdc98fe7%2F9208703253488620407&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338478&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jaksd7hysvxcez9thbym00rpq5y17es6yktmrp1mkwcme6dnq6pj855mbhtx9dysbc7tf32fcex7c1q5xzxas6fnckbxmv6c5zp33dt2h0n46ra4g534ba4hj25j1d747xk3gzbt9h0xpya228zsrfsrtk9tn215x0crvcbn91zjtdwphxczk7zrz9tqc064mqapmjhcym9m7v5zcp1r81ms6j4n5s8mspkt1rfsq8p2nvh1h9k4vyxap86ja6sc3marfa7fy9qt%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC8E4B-ccvYdGVLZeD2fcPzJiGqAqQ4YGEXLaoworwAsCNtwEQASAAYJUCggEXY2EtcHViLTQyOTgyNTYzMTA2MjY3NzmgAcKu6N0DyAEJqQIDm66sB-KzPqgDAaoExwFP0HgpSvN-IjSLKDZJNTCkzkjmQRWzLinxv3tvH63ySBPHmW-9TpVgRbbDrLjKlOQi9NDF_TzX-DUxp_wa37PScU6V7g2gzvmbXQ2zAqXFrWo-Ew3CGAvSmahrKhSYLu_MfsYIObkRNQ92nCc0t77YBu7kC2xdWESdx9J1hWHkk0TDKDvoZRbFFAKI_wX4GkpcfXuD9-KNH34LekjFXvSL-ZTfe6lAxlrRXoQYBdgJdvGisHn9KEYdX96rERsHW-0kBooCvre1gAbjzKenhfGNsEqgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_07AXkgqBIBOZwanxB-EgYrzsBSTQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.77.139.251.148.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Wed, 01 Sep 2021 18:35:39 GMT Server Apache P3P CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 0 Redirect headers Date Wed, 01 Sep 2021 18:35:39 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Location https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630521339_67d90630-0b53-11ec-b04d-692d0ef87526 Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Length 0
GET H3-29	200	default.css as.ad4m.at/ad/style/0.1.8/one-ad/ Frame 25D4	64 KB 8 KB	23ms 20ms	Stylesheet text/css	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=xab-IzyrCsTfxTmqu2VYgJsXsAP7fK9s&g=21cb8c61b94290cdcd0adcbdeb997622%2F3839890826679373749&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338480&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g7dpzdjb7evwn3wkx93k5y4zddd12w9xapemk0jx7vnxsx888wp8rc9a6jrte56n0r1vvv5mw2vdynhqfb1dv4nevjgve38qykfr5pjpm6aexk1zw3jgw3ftx3cevx6x3tydxqsn122hx621nkcefrw24nymjj4qbnna9zhpsz10ve604zr7kcd052r3jt5kyq5adz0qrcatgyf6sc6ygq4r8v1jtgb18011hgshs8fc3nps4ajq8q019d7a5b5zxp7jse0rsbcj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCWzHD-ccvYb7WKqKKzAbo-aGIBpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTHAU_Q6ajeNgcQ4xxNEnjkxEEUQMPEODu569xiZYbbGFsg5iUjDo1yDiHnOOMsfjsk2ZMKENoiTfkMhMiUMyMjxeWCU3uMsZzLP_dk18HHxF619a2g5HkIg-K_Do6gOKEINoqFDT5FoF0bLEpyddTOnDyW-bAzcfnrWe58vjHpXGhI5bl2K5K_HAzx6ZSvSrDunBNrWlEazUtV2mhKtuMcjEsUMDE5oxbHlfG38YHf14eNr_WZnrpmxwcgt-armFTnFxLoczOZFYmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1wD4rfS2VwQbPVIP_BPm7L2-vtJg%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=xab-IzyrCsTfxTmqu2VYgJsXsAP7fK9s&g=21cb8c61b94290cdcd0adcbdeb997622%2F3839890826679373749&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338480&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g7dpzdjb7evwn3wkx93k5y4zddd12w9xapemk0jx7vnxsx888wp8rc9a6jrte56n0r1vvv5mw2vdynhqfb1dv4nevjgve38qykfr5pjpm6aexk1zw3jgw3ftx3cevx6x3tydxqsn122hx621nkcefrw24nymjj4qbnna9zhpsz10ve604zr7kcd052r3jt5kyq5adz0qrcatgyf6sc6ygq4r8v1jtgb18011hgshs8fc3nps4ajq8q019d7a5b5zxp7jse0rsbcj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCWzHD-ccvYb7WKqKKzAbo-aGIBpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTHAU_Q6ajeNgcQ4xxNEnjkxEEUQMPEODu569xiZYbbGFsg5iUjDo1yDiHnOOMsfjsk2ZMKENoiTfkMhMiUMyMjxeWCU3uMsZzLP_dk18HHxF619a2g5HkIg-K_Do6gOKEINoqFDT5FoF0bLEpyddTOnDyW-bAzcfnrWe58vjHpXGhI5bl2K5K_HAzx6ZSvSrDunBNrWlEazUtV2mhKtuMcjEsUMDE5oxbHlfG38YHf14eNr_WZnrpmxwcgt-armFTnFxLoczOZFYmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1wD4rfS2VwQbPVIP_BPm7L2-vtJg%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} age 9899 cf-polished origSize=65497 surrogate-control no-store strict-transport-security max-age=86400; includeSubDomains; preload content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 x-xss-protection 1; mode=block pragma no-cache referrer-policy same-origin expires 0 last-modified Wed, 01 Sep 2021 15:50:39 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-download-options noopen report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} content-type text/css; charset=utf-8 vary Accept-Encoding cache-control max-age=3600, must-revalidate, proxy-revalidate cf-ray 6880997df8334e9e-FRA cf-bgj minify
GET H2	200	B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528 assets.ad4m.at/logo/ Frame 25D4	18 KB 19 KB	44ms 23ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=xab-IzyrCsTfxTmqu2VYgJsXsAP7fK9s&g=21cb8c61b94290cdcd0adcbdeb997622%2F3839890826679373749&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338480&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g7dpzdjb7evwn3wkx93k5y4zddd12w9xapemk0jx7vnxsx888wp8rc9a6jrte56n0r1vvv5mw2vdynhqfb1dv4nevjgve38qykfr5pjpm6aexk1zw3jgw3ftx3cevx6x3tydxqsn122hx621nkcefrw24nymjj4qbnna9zhpsz10ve604zr7kcd052r3jt5kyq5adz0qrcatgyf6sc6ygq4r8v1jtgb18011hgshs8fc3nps4ajq8q019d7a5b5zxp7jse0rsbcj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCWzHD-ccvYb7WKqKKzAbo-aGIBpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTHAU_Q6ajeNgcQ4xxNEnjkxEEUQMPEODu569xiZYbbGFsg5iUjDo1yDiHnOOMsfjsk2ZMKENoiTfkMhMiUMyMjxeWCU3uMsZzLP_dk18HHxF619a2g5HkIg-K_Do6gOKEINoqFDT5FoF0bLEpyddTOnDyW-bAzcfnrWe58vjHpXGhI5bl2K5K_HAzx6ZSvSrDunBNrWlEazUtV2mhKtuMcjEsUMDE5oxbHlfG38YHf14eNr_WZnrpmxwcgt-armFTnFxLoczOZFYmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1wD4rfS2VwQbPVIP_BPm7L2-vtJg%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 249310 cf-polished origFmt=png, origSize=35453 x-guploader-uploadid ADPycdu2nByeXjfOPqT7lHlpnmMnylP_Z-2k3HhkuK50aTjzxwkOZcUSFNaqrm-tSEobBJU8iJM1Ek0-aWiub8kzNX0gGyoY0A x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 18872 last-modified Mon, 18 May 2020 12:30:29 GMT server cloudflare etag "e18c9634cdd319e69c2765475f29cd13" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6D13UkIoGlnGZk7ovJKKUyzg7W1r1Tzt2UVLM3P2vBHFBe5bR00Z%2FJU4p95qyxZXY8zWEqRQM%2B%2BXLSqOvFraC53fUn4%2Bhqnr1bnVOUcSF2OAIs%2BoGKkppiEeOeXQa1yB8x6xg6RhmdQ1Z4L0"}],"group":"cf-nel","max_age":604800} x-goog-generation 1589805029334103 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 35453 accept-ranges bytes cf-ray 6880997e0a6d4eeb-FRA cf-bgj imgq:85,h2pri
GET H2	200	A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C assets.ad4m.at/product_image/ Frame 25D4	2 KB 2 KB	37ms 19ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=xab-IzyrCsTfxTmqu2VYgJsXsAP7fK9s&g=21cb8c61b94290cdcd0adcbdeb997622%2F3839890826679373749&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338480&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g7dpzdjb7evwn3wkx93k5y4zddd12w9xapemk0jx7vnxsx888wp8rc9a6jrte56n0r1vvv5mw2vdynhqfb1dv4nevjgve38qykfr5pjpm6aexk1zw3jgw3ftx3cevx6x3tydxqsn122hx621nkcefrw24nymjj4qbnna9zhpsz10ve604zr7kcd052r3jt5kyq5adz0qrcatgyf6sc6ygq4r8v1jtgb18011hgshs8fc3nps4ajq8q019d7a5b5zxp7jse0rsbcj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCWzHD-ccvYb7WKqKKzAbo-aGIBpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTHAU_Q6ajeNgcQ4xxNEnjkxEEUQMPEODu569xiZYbbGFsg5iUjDo1yDiHnOOMsfjsk2ZMKENoiTfkMhMiUMyMjxeWCU3uMsZzLP_dk18HHxF619a2g5HkIg-K_Do6gOKEINoqFDT5FoF0bLEpyddTOnDyW-bAzcfnrWe58vjHpXGhI5bl2K5K_HAzx6ZSvSrDunBNrWlEazUtV2mhKtuMcjEsUMDE5oxbHlfG38YHf14eNr_WZnrpmxwcgt-armFTnFxLoczOZFYmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1wD4rfS2VwQbPVIP_BPm7L2-vtJg%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 507839 cf-polished origFmt=png, origSize=4031 x-guploader-uploadid ADPycduw6T2ge-dcMCB8q8PQRkN5ddfV5p1F05xdj5QIjyKx_lBHIAoQcv69zW7h0C0ikAUfnJqs8jpQ-4HqCJYqLcg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 1598 last-modified Wed, 20 Jan 2021 17:03:56 GMT server cloudflare etag "7a3a98fe673db7b2502bd5c6d1316e2c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5qAoRfzD%2BLvE4L6nnop8XR6jn%2Fi%2FavUCpmMV2lhK5urXdHGwb4RCBSieWTDtTpcM6dxh574kUkB1nwsFhjLlqSPNkUEnS%2BkdEUfb5Z9p9L%2FxclC2zcDQ0RpPWZScu%2F7yBrwevJ2tvPQ5KHs"}],"group":"cf-nel","max_age":604800} x-goog-generation 1611162235947637 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 4031 accept-ranges bytes cf-ray 6880997e0a694eeb-FRA cf-bgj imgq:85,h2pri
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame 25D4	43 B 705 B	343ms 67ms	Image image/gif	104.111.239.217 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneide7RC3fVfxBVcjHZHet1teW3sjTQTx8Joneid__asuidxab-IzyrCsTfxTmqu2VYgJsXsAP7fK9sasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=xab-IzyrCsTfxTmqu2VYgJsXsAP7fK9s&g=21cb8c61b94290cdcd0adcbdeb997622%2F3839890826679373749&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338480&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g7dpzdjb7evwn3wkx93k5y4zddd12w9xapemk0jx7vnxsx888wp8rc9a6jrte56n0r1vvv5mw2vdynhqfb1dv4nevjgve38qykfr5pjpm6aexk1zw3jgw3ftx3cevx6x3tydxqsn122hx621nkcefrw24nymjj4qbnna9zhpsz10ve604zr7kcd052r3jt5kyq5adz0qrcatgyf6sc6ygq4r8v1jtgb18011hgshs8fc3nps4ajq8q019d7a5b5zxp7jse0rsbcj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCWzHD-ccvYb7WKqKKzAbo-aGIBpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTHAU_Q6ajeNgcQ4xxNEnjkxEEUQMPEODu569xiZYbbGFsg5iUjDo1yDiHnOOMsfjsk2ZMKENoiTfkMhMiUMyMjxeWCU3uMsZzLP_dk18HHxF619a2g5HkIg-K_Do6gOKEINoqFDT5FoF0bLEpyddTOnDyW-bAzcfnrWe58vjHpXGhI5bl2K5K_HAzx6ZSvSrDunBNrWlEazUtV2mhKtuMcjEsUMDE5oxbHlfG38YHf14eNr_WZnrpmxwcgt-armFTnFxLoczOZFYmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1wD4rfS2VwQbPVIP_BPm7L2-vtJg%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-239-217.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Wed, 01 Sep 2021 18:35:38 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0
GET H2	200	092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399 assets.ad4m.at/logo/ Frame 25D4	38 KB 39 KB	45ms 25ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=xab-IzyrCsTfxTmqu2VYgJsXsAP7fK9s&g=21cb8c61b94290cdcd0adcbdeb997622%2F3839890826679373749&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338480&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g7dpzdjb7evwn3wkx93k5y4zddd12w9xapemk0jx7vnxsx888wp8rc9a6jrte56n0r1vvv5mw2vdynhqfb1dv4nevjgve38qykfr5pjpm6aexk1zw3jgw3ftx3cevx6x3tydxqsn122hx621nkcefrw24nymjj4qbnna9zhpsz10ve604zr7kcd052r3jt5kyq5adz0qrcatgyf6sc6ygq4r8v1jtgb18011hgshs8fc3nps4ajq8q019d7a5b5zxp7jse0rsbcj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCWzHD-ccvYb7WKqKKzAbo-aGIBpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTHAU_Q6ajeNgcQ4xxNEnjkxEEUQMPEODu569xiZYbbGFsg5iUjDo1yDiHnOOMsfjsk2ZMKENoiTfkMhMiUMyMjxeWCU3uMsZzLP_dk18HHxF619a2g5HkIg-K_Do6gOKEINoqFDT5FoF0bLEpyddTOnDyW-bAzcfnrWe58vjHpXGhI5bl2K5K_HAzx6ZSvSrDunBNrWlEazUtV2mhKtuMcjEsUMDE5oxbHlfG38YHf14eNr_WZnrpmxwcgt-armFTnFxLoczOZFYmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1wD4rfS2VwQbPVIP_BPm7L2-vtJg%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 507159 cf-polished origFmt=png, origSize=44613 x-guploader-uploadid ADPycdtPzXlOqwPBuDjLXeT9INqbT1JQ4K2k-jWqmum-TWLhnCwpfCYxD6FfzMw5S2NgH5j7NXT7v42JG-PNGqGGzg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 39202 last-modified Wed, 22 Jan 2020 13:11:41 GMT server cloudflare etag "c2a4f822e5a831f3b5cab39c8bcae61d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zND7OGTNzJM5R1P4UIxe4YjHCWAoE2T3oVR0utvIxczenupWNvw5%2BgIWyoLDtTLVB%2Bx4GY85LbF6wuYIzJNHf0a1oKyxfa2qgeknriTiO3kwsd9CCazTXeUUN0u7l36S1aro6ebn%2Bf7B%2FyLV"}],"group":"cf-nel","max_age":604800} x-goog-generation 1579698701189315 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 44613 accept-ranges bytes cf-ray 6880997e0a844eeb-FRA cf-bgj imgq:85,h2pri
GET H2	200	69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A assets.ad4m.at/ Frame 25D4	113 KB 113 KB	44ms 26ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=xab-IzyrCsTfxTmqu2VYgJsXsAP7fK9s&g=21cb8c61b94290cdcd0adcbdeb997622%2F3839890826679373749&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338480&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g7dpzdjb7evwn3wkx93k5y4zddd12w9xapemk0jx7vnxsx888wp8rc9a6jrte56n0r1vvv5mw2vdynhqfb1dv4nevjgve38qykfr5pjpm6aexk1zw3jgw3ftx3cevx6x3tydxqsn122hx621nkcefrw24nymjj4qbnna9zhpsz10ve604zr7kcd052r3jt5kyq5adz0qrcatgyf6sc6ygq4r8v1jtgb18011hgshs8fc3nps4ajq8q019d7a5b5zxp7jse0rsbcj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCWzHD-ccvYb7WKqKKzAbo-aGIBpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTHAU_Q6ajeNgcQ4xxNEnjkxEEUQMPEODu569xiZYbbGFsg5iUjDo1yDiHnOOMsfjsk2ZMKENoiTfkMhMiUMyMjxeWCU3uMsZzLP_dk18HHxF619a2g5HkIg-K_Do6gOKEINoqFDT5FoF0bLEpyddTOnDyW-bAzcfnrWe58vjHpXGhI5bl2K5K_HAzx6ZSvSrDunBNrWlEazUtV2mhKtuMcjEsUMDE5oxbHlfG38YHf14eNr_WZnrpmxwcgt-armFTnFxLoczOZFYmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1wD4rfS2VwQbPVIP_BPm7L2-vtJg%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 511143 cf-polished origFmt=png, origSize=136328 x-guploader-uploadid ADPycduj874xBwWers7A0rvM5jKeVfBW1MVoviMq067fpwP36KmZ5H_UxJMVWZkp4S1GZRvF8zE9V0jaBG58OyvE-DY x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 115268 last-modified Tue, 29 Oct 2019 09:42:57 GMT server cloudflare etag "0357ac79cb3ff45b9d567eab80c7e34c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4nF04LXuLezaec796NJ2Q%2BB7dgyZcE4LgdKlIdsfQT5ka8qtCepyR8B12z2Hf%2BcCeZO1Fl7iUugka4ZYMZx5U1K%2FZMdymgykdueWSpBEO9BV9%2F2YDn%2FKRy2vWPziI0bT8M20HqfEZ%2F96tfoO"}],"group":"cf-nel","max_age":604800} x-goog-generation 1572342177666668 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 136328 accept-ranges bytes cf-ray 6880997e0a864eeb-FRA cf-bgj imgq:85,h2pri
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame 25D4	43 B 702 B	406ms 66ms	Image image/gif	104.111.239.217 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneide7RC3fVfYpcjHZHet1tbrzUjTQTx8Joneid__asuidxab-IzyrCsTfxTmqu2VYgJsXsAP7fK9sasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=xab-IzyrCsTfxTmqu2VYgJsXsAP7fK9s&g=21cb8c61b94290cdcd0adcbdeb997622%2F3839890826679373749&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338480&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g7dpzdjb7evwn3wkx93k5y4zddd12w9xapemk0jx7vnxsx888wp8rc9a6jrte56n0r1vvv5mw2vdynhqfb1dv4nevjgve38qykfr5pjpm6aexk1zw3jgw3ftx3cevx6x3tydxqsn122hx621nkcefrw24nymjj4qbnna9zhpsz10ve604zr7kcd052r3jt5kyq5adz0qrcatgyf6sc6ygq4r8v1jtgb18011hgshs8fc3nps4ajq8q019d7a5b5zxp7jse0rsbcj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCWzHD-ccvYb7WKqKKzAbo-aGIBpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTHAU_Q6ajeNgcQ4xxNEnjkxEEUQMPEODu569xiZYbbGFsg5iUjDo1yDiHnOOMsfjsk2ZMKENoiTfkMhMiUMyMjxeWCU3uMsZzLP_dk18HHxF619a2g5HkIg-K_Do6gOKEINoqFDT5FoF0bLEpyddTOnDyW-bAzcfnrWe58vjHpXGhI5bl2K5K_HAzx6ZSvSrDunBNrWlEazUtV2mhKtuMcjEsUMDE5oxbHlfG38YHf14eNr_WZnrpmxwcgt-armFTnFxLoczOZFYmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1wD4rfS2VwQbPVIP_BPm7L2-vtJg%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-239-217.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Wed, 01 Sep 2021 18:35:38 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0
GET H2	200	188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410 assets.ad4m.at/logo/ Frame 25D4	8 KB 9 KB	43ms 26ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=xab-IzyrCsTfxTmqu2VYgJsXsAP7fK9s&g=21cb8c61b94290cdcd0adcbdeb997622%2F3839890826679373749&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338480&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g7dpzdjb7evwn3wkx93k5y4zddd12w9xapemk0jx7vnxsx888wp8rc9a6jrte56n0r1vvv5mw2vdynhqfb1dv4nevjgve38qykfr5pjpm6aexk1zw3jgw3ftx3cevx6x3tydxqsn122hx621nkcefrw24nymjj4qbnna9zhpsz10ve604zr7kcd052r3jt5kyq5adz0qrcatgyf6sc6ygq4r8v1jtgb18011hgshs8fc3nps4ajq8q019d7a5b5zxp7jse0rsbcj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCWzHD-ccvYb7WKqKKzAbo-aGIBpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTHAU_Q6ajeNgcQ4xxNEnjkxEEUQMPEODu569xiZYbbGFsg5iUjDo1yDiHnOOMsfjsk2ZMKENoiTfkMhMiUMyMjxeWCU3uMsZzLP_dk18HHxF619a2g5HkIg-K_Do6gOKEINoqFDT5FoF0bLEpyddTOnDyW-bAzcfnrWe58vjHpXGhI5bl2K5K_HAzx6ZSvSrDunBNrWlEazUtV2mhKtuMcjEsUMDE5oxbHlfG38YHf14eNr_WZnrpmxwcgt-armFTnFxLoczOZFYmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1wD4rfS2VwQbPVIP_BPm7L2-vtJg%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 514302 cf-polished qual=85, origFmt=jpeg, origSize=16723 x-guploader-uploadid ADPycdsWB__4IqPBYYG7Kpds-Oh9NiwUdYDgeYBeMRDoFkaGpviNrqYfQBH9SobGtpzf_sMJli3KEJKiwZt5MukWKlUq4QX9PA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 8354 last-modified Wed, 22 Jan 2020 13:13:07 GMT server cloudflare etag "04cb7ec205cea351157aeffb998f3a85" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddMhrjUCsLwgYGDtjIpdEqHSveMvytfJb0RDARss%2FlAH7PBXjZfc%2Fai%2ByG0L1Q3Teuv30Xk0qhewdijSvCoyprNxzYEk6j2Uj3AKtxcqma0VFFQ8GAjoyn4nCh52YPH1VwwSVkK7j%2B%2B6LOgw"}],"group":"cf-nel","max_age":604800} x-goog-generation 1579698787150900 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 16723 accept-ranges bytes cf-ray 6880997e0a884eeb-FRA cf-bgj imgq:85,h2pri
GET H3-29	200	F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485 assets.ad4m.at/ Frame 25D4	35 KB 36 KB	64ms 25ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=xab-IzyrCsTfxTmqu2VYgJsXsAP7fK9s&g=21cb8c61b94290cdcd0adcbdeb997622%2F3839890826679373749&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338480&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g7dpzdjb7evwn3wkx93k5y4zddd12w9xapemk0jx7vnxsx888wp8rc9a6jrte56n0r1vvv5mw2vdynhqfb1dv4nevjgve38qykfr5pjpm6aexk1zw3jgw3ftx3cevx6x3tydxqsn122hx621nkcefrw24nymjj4qbnna9zhpsz10ve604zr7kcd052r3jt5kyq5adz0qrcatgyf6sc6ygq4r8v1jtgb18011hgshs8fc3nps4ajq8q019d7a5b5zxp7jse0rsbcj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCWzHD-ccvYb7WKqKKzAbo-aGIBpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTHAU_Q6ajeNgcQ4xxNEnjkxEEUQMPEODu569xiZYbbGFsg5iUjDo1yDiHnOOMsfjsk2ZMKENoiTfkMhMiUMyMjxeWCU3uMsZzLP_dk18HHxF619a2g5HkIg-K_Do6gOKEINoqFDT5FoF0bLEpyddTOnDyW-bAzcfnrWe58vjHpXGhI5bl2K5K_HAzx6ZSvSrDunBNrWlEazUtV2mhKtuMcjEsUMDE5oxbHlfG38YHf14eNr_WZnrpmxwcgt-armFTnFxLoczOZFYmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1wD4rfS2VwQbPVIP_BPm7L2-vtJg%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=DWwdxw==, md5=nrQF3oFd2dnh8eRzIt323A== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 602570 cf-polished qual=85, origFmt=jpeg, origSize=40264 x-guploader-uploadid ADPycdshetqKJwndrHOH-lFCXPqJhWewdUcIkQfLaob_OeIRhD69yNjft6_UWg4G8QIF6IJwHcgiACP4KXnOYTeFqnE x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 35504 last-modified Wed, 19 Feb 2020 17:37:15 GMT server cloudflare etag "9eb405de815dd9d9e1f1e47322ddf6dc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T5xBYjofGAhfUbs3c5NCrh3QX59VIwsvnlHOghgYxlt2M7uejql6L%2BHqXPNIqYRshpQARaxLu%2F0M%2B3KHAOZDajVQzqUQM%2F0YS9PodwuOHC8MZjkH7E7unbqtGI61fXJK0mRsaBCFjxBYc%2B%2BR"}],"group":"cf-nel","max_age":604800} x-goog-generation 1582133835673152 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 40264 accept-ranges bytes cf-ray 6880997e38e74e9e-FRA cf-bgj imgq:85,h2pri
GET H/1.1	200	/ banner.congstar.de/cookie/ Frame 25D4 Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%... https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CKiBxqm13vICFYLSdwodRYgGcA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d... https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidxab-IzyrCsTfxTmqu2VYgJsXsAP7fK9sasuid__dc_reach_suite02wkz&gdpr_cons... https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630521339_6804d121-0b53-11ec-b04d-692d0ef87526	0 517 B	51ms 50ms	Image text/plain	148.251.139.77 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630521339_6804d121-0b53-11ec-b04d-692d0ef87526 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=xab-IzyrCsTfxTmqu2VYgJsXsAP7fK9s&g=21cb8c61b94290cdcd0adcbdeb997622%2F3839890826679373749&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338480&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g7dpzdjb7evwn3wkx93k5y4zddd12w9xapemk0jx7vnxsx888wp8rc9a6jrte56n0r1vvv5mw2vdynhqfb1dv4nevjgve38qykfr5pjpm6aexk1zw3jgw3ftx3cevx6x3tydxqsn122hx621nkcefrw24nymjj4qbnna9zhpsz10ve604zr7kcd052r3jt5kyq5adz0qrcatgyf6sc6ygq4r8v1jtgb18011hgshs8fc3nps4ajq8q019d7a5b5zxp7jse0rsbcj%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCWzHD-ccvYb7WKqKKzAbo-aGIBpDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTHAU_Q6ajeNgcQ4xxNEnjkxEEUQMPEODu569xiZYbbGFsg5iUjDo1yDiHnOOMsfjsk2ZMKENoiTfkMhMiUMyMjxeWCU3uMsZzLP_dk18HHxF619a2g5HkIg-K_Do6gOKEINoqFDT5FoF0bLEpyddTOnDyW-bAzcfnrWe58vjHpXGhI5bl2K5K_HAzx6ZSvSrDunBNrWlEazUtV2mhKtuMcjEsUMDE5oxbHlfG38YHf14eNr_WZnrpmxwcgt-armFTnFxLoczOZFYmABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1wD4rfS2VwQbPVIP_BPm7L2-vtJg%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.77.139.251.148.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Wed, 01 Sep 2021 18:35:39 GMT Server Apache P3P CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Keep-Alive timeout=5, max=97 Content-Length 0 Redirect headers Date Wed, 01 Sep 2021 18:35:39 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Location https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630521339_6804d121-0b53-11ec-b04d-692d0ef87526 Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Length 0
GET H3-29	200	default.css as.ad4m.at/ad/style/0.1.8/one-ad/ Frame 5BF2	64 KB 8 KB	38ms 29ms	Stylesheet text/css	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=MInmF05_CaZFcRpKv2H_2EewNtCCUBaN&g=e739bab853e479dc33ee98637b984eae%2F198757594679245095&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338489&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jcrq339m6f2kafkmq316x7yfv6cs0f088g79h6wk2m3wtma4a54b1f10gxwbh1rgeexccg6mpk5hg0q0asd9sztcbxcc8p3n5wj793n3jjhs65mcmfm706qntxmykbcq0nxc2vyec9w7ktmrh8mbp2wq9kf2dek0fy5g5wwgtsz3f3vsk6cjx50tnqke4mbhnwz41f2xjmytxkmn8r8yknypvh2t7yje706c4fqf8b8hj3ma7nrcj4p9q2d3vqh1wjwyesvx9jw2%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjT7Q-ccvYcTcJ4-e-wbe467wCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTGAU_QwGxrHvfElCQXZL7vCXohidUAcO8FLkRORdPLC3cB4iI0k4mcA0NcKnkId7_Y9KCcyr8D6Lno7yocBMQ-4QvrENGGrxtG373w92BNkuPoMFMxtMI4lcVgrH_ZVH-kuCSBHpWq1FqVgIhy7EXP9sMeVOMCxMISIu4xWD6MYixa6FTl0tE45KvDxg8b-OPGURWOTdCMnYKxheMkShI9zhKMD6RDgS_0PwTj-4B_NV3ebX7KamV2Laisnlezoa1GQ5gJ1Rj7HYAGv8uJxrfT-dFboAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2Pc90N09CQiBYOXwu65eOA32Z_4w%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=MInmF05_CaZFcRpKv2H_2EewNtCCUBaN&g=e739bab853e479dc33ee98637b984eae%2F198757594679245095&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338489&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jcrq339m6f2kafkmq316x7yfv6cs0f088g79h6wk2m3wtma4a54b1f10gxwbh1rgeexccg6mpk5hg0q0asd9sztcbxcc8p3n5wj793n3jjhs65mcmfm706qntxmykbcq0nxc2vyec9w7ktmrh8mbp2wq9kf2dek0fy5g5wwgtsz3f3vsk6cjx50tnqke4mbhnwz41f2xjmytxkmn8r8yknypvh2t7yje706c4fqf8b8hj3ma7nrcj4p9q2d3vqh1wjwyesvx9jw2%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjT7Q-ccvYcTcJ4-e-wbe467wCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTGAU_QwGxrHvfElCQXZL7vCXohidUAcO8FLkRORdPLC3cB4iI0k4mcA0NcKnkId7_Y9KCcyr8D6Lno7yocBMQ-4QvrENGGrxtG373w92BNkuPoMFMxtMI4lcVgrH_ZVH-kuCSBHpWq1FqVgIhy7EXP9sMeVOMCxMISIu4xWD6MYixa6FTl0tE45KvDxg8b-OPGURWOTdCMnYKxheMkShI9zhKMD6RDgS_0PwTj-4B_NV3ebX7KamV2Laisnlezoa1GQ5gJ1Rj7HYAGv8uJxrfT-dFboAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2Pc90N09CQiBYOXwu65eOA32Z_4w%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} age 9899 cf-polished origSize=65497 surrogate-control no-store strict-transport-security max-age=86400; includeSubDomains; preload content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 x-xss-protection 1; mode=block pragma no-cache referrer-policy same-origin expires 0 last-modified Wed, 01 Sep 2021 15:50:39 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-download-options noopen report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} content-type text/css; charset=utf-8 vary Accept-Encoding cache-control max-age=3600, must-revalidate, proxy-revalidate cf-ray 6880997e087a4e9e-FRA cf-bgj minify
GET H2	200	B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528 assets.ad4m.at/logo/ Frame 5BF2	18 KB 19 KB	76ms 47ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=MInmF05_CaZFcRpKv2H_2EewNtCCUBaN&g=e739bab853e479dc33ee98637b984eae%2F198757594679245095&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338489&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jcrq339m6f2kafkmq316x7yfv6cs0f088g79h6wk2m3wtma4a54b1f10gxwbh1rgeexccg6mpk5hg0q0asd9sztcbxcc8p3n5wj793n3jjhs65mcmfm706qntxmykbcq0nxc2vyec9w7ktmrh8mbp2wq9kf2dek0fy5g5wwgtsz3f3vsk6cjx50tnqke4mbhnwz41f2xjmytxkmn8r8yknypvh2t7yje706c4fqf8b8hj3ma7nrcj4p9q2d3vqh1wjwyesvx9jw2%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjT7Q-ccvYcTcJ4-e-wbe467wCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTGAU_QwGxrHvfElCQXZL7vCXohidUAcO8FLkRORdPLC3cB4iI0k4mcA0NcKnkId7_Y9KCcyr8D6Lno7yocBMQ-4QvrENGGrxtG373w92BNkuPoMFMxtMI4lcVgrH_ZVH-kuCSBHpWq1FqVgIhy7EXP9sMeVOMCxMISIu4xWD6MYixa6FTl0tE45KvDxg8b-OPGURWOTdCMnYKxheMkShI9zhKMD6RDgS_0PwTj-4B_NV3ebX7KamV2Laisnlezoa1GQ5gJ1Rj7HYAGv8uJxrfT-dFboAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2Pc90N09CQiBYOXwu65eOA32Z_4w%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 249310 cf-polished origFmt=png, origSize=35453 x-guploader-uploadid ADPycdu2nByeXjfOPqT7lHlpnmMnylP_Z-2k3HhkuK50aTjzxwkOZcUSFNaqrm-tSEobBJU8iJM1Ek0-aWiub8kzNX0gGyoY0A x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 18872 last-modified Mon, 18 May 2020 12:30:29 GMT server cloudflare etag "e18c9634cdd319e69c2765475f29cd13" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HsKR%2Fwn6zvw%2FILj312MjB4WQ%2BWnE8JtkMZpkDN%2BU8%2FdwxqmeM7IrnslVIf0oWjsYOf0XgRPeXWFmW7ZVbbi1PSGF6Tb8dybph8%2FT0gcvb%2BZTz%2FotB2YBE4wzsERth1LgwBZqgynwy53IVoJe"}],"group":"cf-nel","max_age":604800} x-goog-generation 1589805029334103 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 35453 accept-ranges bytes cf-ray 6880997e3ac94eeb-FRA cf-bgj imgq:85,h2pri
GET H2	200	A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C assets.ad4m.at/product_image/ Frame 5BF2	2 KB 2 KB	71ms 43ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=MInmF05_CaZFcRpKv2H_2EewNtCCUBaN&g=e739bab853e479dc33ee98637b984eae%2F198757594679245095&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338489&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jcrq339m6f2kafkmq316x7yfv6cs0f088g79h6wk2m3wtma4a54b1f10gxwbh1rgeexccg6mpk5hg0q0asd9sztcbxcc8p3n5wj793n3jjhs65mcmfm706qntxmykbcq0nxc2vyec9w7ktmrh8mbp2wq9kf2dek0fy5g5wwgtsz3f3vsk6cjx50tnqke4mbhnwz41f2xjmytxkmn8r8yknypvh2t7yje706c4fqf8b8hj3ma7nrcj4p9q2d3vqh1wjwyesvx9jw2%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjT7Q-ccvYcTcJ4-e-wbe467wCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTGAU_QwGxrHvfElCQXZL7vCXohidUAcO8FLkRORdPLC3cB4iI0k4mcA0NcKnkId7_Y9KCcyr8D6Lno7yocBMQ-4QvrENGGrxtG373w92BNkuPoMFMxtMI4lcVgrH_ZVH-kuCSBHpWq1FqVgIhy7EXP9sMeVOMCxMISIu4xWD6MYixa6FTl0tE45KvDxg8b-OPGURWOTdCMnYKxheMkShI9zhKMD6RDgS_0PwTj-4B_NV3ebX7KamV2Laisnlezoa1GQ5gJ1Rj7HYAGv8uJxrfT-dFboAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2Pc90N09CQiBYOXwu65eOA32Z_4w%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 507839 cf-polished origFmt=png, origSize=4031 x-guploader-uploadid ADPycduw6T2ge-dcMCB8q8PQRkN5ddfV5p1F05xdj5QIjyKx_lBHIAoQcv69zW7h0C0ikAUfnJqs8jpQ-4HqCJYqLcg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 1598 last-modified Wed, 20 Jan 2021 17:03:56 GMT server cloudflare etag "7a3a98fe673db7b2502bd5c6d1316e2c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=poK2uKF6VPeKCWjcbumbLLivDYd9xilLZbMGGTUN7vOgUla2dTFn9jRHfMfcY5DZrtDg8n1%2FUw5oKh1Blj6tFfV2d%2FV3%2FoKlOKRa8BE1crK%2B%2Fo2auvOzTONwPMO6Zy67TNHKYzqkzcFUOTkH"}],"group":"cf-nel","max_age":604800} x-goog-generation 1611162235947637 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 4031 accept-ranges bytes cf-ray 6880997e3aca4eeb-FRA cf-bgj imgq:85,h2pri
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame 5BF2	43 B 705 B	466ms 69ms	Image image/gif	104.111.239.217 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneide7RC3fVfxBVcjHZHet1teW3sjTQTx8Joneid__asuidMInmF05_CaZFcRpKv2H_2EewNtCCUBaNasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=MInmF05_CaZFcRpKv2H_2EewNtCCUBaN&g=e739bab853e479dc33ee98637b984eae%2F198757594679245095&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338489&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jcrq339m6f2kafkmq316x7yfv6cs0f088g79h6wk2m3wtma4a54b1f10gxwbh1rgeexccg6mpk5hg0q0asd9sztcbxcc8p3n5wj793n3jjhs65mcmfm706qntxmykbcq0nxc2vyec9w7ktmrh8mbp2wq9kf2dek0fy5g5wwgtsz3f3vsk6cjx50tnqke4mbhnwz41f2xjmytxkmn8r8yknypvh2t7yje706c4fqf8b8hj3ma7nrcj4p9q2d3vqh1wjwyesvx9jw2%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjT7Q-ccvYcTcJ4-e-wbe467wCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTGAU_QwGxrHvfElCQXZL7vCXohidUAcO8FLkRORdPLC3cB4iI0k4mcA0NcKnkId7_Y9KCcyr8D6Lno7yocBMQ-4QvrENGGrxtG373w92BNkuPoMFMxtMI4lcVgrH_ZVH-kuCSBHpWq1FqVgIhy7EXP9sMeVOMCxMISIu4xWD6MYixa6FTl0tE45KvDxg8b-OPGURWOTdCMnYKxheMkShI9zhKMD6RDgS_0PwTj-4B_NV3ebX7KamV2Laisnlezoa1GQ5gJ1Rj7HYAGv8uJxrfT-dFboAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2Pc90N09CQiBYOXwu65eOA32Z_4w%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-239-217.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Wed, 01 Sep 2021 18:35:38 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0
GET H2	200	092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399 assets.ad4m.at/logo/ Frame 5BF2	38 KB 39 KB	73ms 45ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=MInmF05_CaZFcRpKv2H_2EewNtCCUBaN&g=e739bab853e479dc33ee98637b984eae%2F198757594679245095&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338489&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jcrq339m6f2kafkmq316x7yfv6cs0f088g79h6wk2m3wtma4a54b1f10gxwbh1rgeexccg6mpk5hg0q0asd9sztcbxcc8p3n5wj793n3jjhs65mcmfm706qntxmykbcq0nxc2vyec9w7ktmrh8mbp2wq9kf2dek0fy5g5wwgtsz3f3vsk6cjx50tnqke4mbhnwz41f2xjmytxkmn8r8yknypvh2t7yje706c4fqf8b8hj3ma7nrcj4p9q2d3vqh1wjwyesvx9jw2%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjT7Q-ccvYcTcJ4-e-wbe467wCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTGAU_QwGxrHvfElCQXZL7vCXohidUAcO8FLkRORdPLC3cB4iI0k4mcA0NcKnkId7_Y9KCcyr8D6Lno7yocBMQ-4QvrENGGrxtG373w92BNkuPoMFMxtMI4lcVgrH_ZVH-kuCSBHpWq1FqVgIhy7EXP9sMeVOMCxMISIu4xWD6MYixa6FTl0tE45KvDxg8b-OPGURWOTdCMnYKxheMkShI9zhKMD6RDgS_0PwTj-4B_NV3ebX7KamV2Laisnlezoa1GQ5gJ1Rj7HYAGv8uJxrfT-dFboAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2Pc90N09CQiBYOXwu65eOA32Z_4w%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 507159 cf-polished origFmt=png, origSize=44613 x-guploader-uploadid ADPycdtPzXlOqwPBuDjLXeT9INqbT1JQ4K2k-jWqmum-TWLhnCwpfCYxD6FfzMw5S2NgH5j7NXT7v42JG-PNGqGGzg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 39202 last-modified Wed, 22 Jan 2020 13:11:41 GMT server cloudflare etag "c2a4f822e5a831f3b5cab39c8bcae61d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUuLxbXtBvJQ4OadNBsUqnbg2nhM10HX7vTyoulMlNlaiT99%2B6AuVIxC0kilWlljDuhyq4tLg4%2FUe9dgZW4kYgsvq3BM1B77XaamhFSWrbQ7tfnKskR9jqiQy2UOk5tojVYrMDuKHu%2ForXXn"}],"group":"cf-nel","max_age":604800} x-goog-generation 1579698701189315 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 44613 accept-ranges bytes cf-ray 6880997e3acc4eeb-FRA cf-bgj imgq:85,h2pri
GET H2	200	69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A assets.ad4m.at/ Frame 5BF2	113 KB 113 KB	63ms 35ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=MInmF05_CaZFcRpKv2H_2EewNtCCUBaN&g=e739bab853e479dc33ee98637b984eae%2F198757594679245095&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338489&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jcrq339m6f2kafkmq316x7yfv6cs0f088g79h6wk2m3wtma4a54b1f10gxwbh1rgeexccg6mpk5hg0q0asd9sztcbxcc8p3n5wj793n3jjhs65mcmfm706qntxmykbcq0nxc2vyec9w7ktmrh8mbp2wq9kf2dek0fy5g5wwgtsz3f3vsk6cjx50tnqke4mbhnwz41f2xjmytxkmn8r8yknypvh2t7yje706c4fqf8b8hj3ma7nrcj4p9q2d3vqh1wjwyesvx9jw2%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjT7Q-ccvYcTcJ4-e-wbe467wCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTGAU_QwGxrHvfElCQXZL7vCXohidUAcO8FLkRORdPLC3cB4iI0k4mcA0NcKnkId7_Y9KCcyr8D6Lno7yocBMQ-4QvrENGGrxtG373w92BNkuPoMFMxtMI4lcVgrH_ZVH-kuCSBHpWq1FqVgIhy7EXP9sMeVOMCxMISIu4xWD6MYixa6FTl0tE45KvDxg8b-OPGURWOTdCMnYKxheMkShI9zhKMD6RDgS_0PwTj-4B_NV3ebX7KamV2Laisnlezoa1GQ5gJ1Rj7HYAGv8uJxrfT-dFboAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2Pc90N09CQiBYOXwu65eOA32Z_4w%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 511143 cf-polished origFmt=png, origSize=136328 x-guploader-uploadid ADPycduj874xBwWers7A0rvM5jKeVfBW1MVoviMq067fpwP36KmZ5H_UxJMVWZkp4S1GZRvF8zE9V0jaBG58OyvE-DY x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 115268 last-modified Tue, 29 Oct 2019 09:42:57 GMT server cloudflare etag "0357ac79cb3ff45b9d567eab80c7e34c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRPdYFDlZrwIbOxMQIy8ALssvQMXVW8EesL1c5vIMEWo9tKD2W%2F6jLm43yVL5y%2FvZ5A%2BuSbRdO0k4fyc4mtpUUoi%2FkT5SzlYFSb7wupSB4LrUFC9D3tdHUnNONLVgrNFtPdmH3pB6masoHXx"}],"group":"cf-nel","max_age":604800} x-goog-generation 1572342177666668 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 136328 accept-ranges bytes cf-ray 6880997e3acd4eeb-FRA cf-bgj imgq:85,h2pri
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame 5BF2	43 B 702 B	534ms 65ms	Image image/gif	104.111.239.217 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneide7RC3fVfYpcjHZHet1tbrzUjTQTx8Joneid__asuidMInmF05_CaZFcRpKv2H_2EewNtCCUBaNasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=MInmF05_CaZFcRpKv2H_2EewNtCCUBaN&g=e739bab853e479dc33ee98637b984eae%2F198757594679245095&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338489&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jcrq339m6f2kafkmq316x7yfv6cs0f088g79h6wk2m3wtma4a54b1f10gxwbh1rgeexccg6mpk5hg0q0asd9sztcbxcc8p3n5wj793n3jjhs65mcmfm706qntxmykbcq0nxc2vyec9w7ktmrh8mbp2wq9kf2dek0fy5g5wwgtsz3f3vsk6cjx50tnqke4mbhnwz41f2xjmytxkmn8r8yknypvh2t7yje706c4fqf8b8hj3ma7nrcj4p9q2d3vqh1wjwyesvx9jw2%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjT7Q-ccvYcTcJ4-e-wbe467wCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTGAU_QwGxrHvfElCQXZL7vCXohidUAcO8FLkRORdPLC3cB4iI0k4mcA0NcKnkId7_Y9KCcyr8D6Lno7yocBMQ-4QvrENGGrxtG373w92BNkuPoMFMxtMI4lcVgrH_ZVH-kuCSBHpWq1FqVgIhy7EXP9sMeVOMCxMISIu4xWD6MYixa6FTl0tE45KvDxg8b-OPGURWOTdCMnYKxheMkShI9zhKMD6RDgS_0PwTj-4B_NV3ebX7KamV2Laisnlezoa1GQ5gJ1Rj7HYAGv8uJxrfT-dFboAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2Pc90N09CQiBYOXwu65eOA32Z_4w%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-239-217.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Wed, 01 Sep 2021 18:35:39 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0
GET H2	200	188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410 assets.ad4m.at/logo/ Frame 5BF2	8 KB 9 KB	74ms 46ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=MInmF05_CaZFcRpKv2H_2EewNtCCUBaN&g=e739bab853e479dc33ee98637b984eae%2F198757594679245095&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338489&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jcrq339m6f2kafkmq316x7yfv6cs0f088g79h6wk2m3wtma4a54b1f10gxwbh1rgeexccg6mpk5hg0q0asd9sztcbxcc8p3n5wj793n3jjhs65mcmfm706qntxmykbcq0nxc2vyec9w7ktmrh8mbp2wq9kf2dek0fy5g5wwgtsz3f3vsk6cjx50tnqke4mbhnwz41f2xjmytxkmn8r8yknypvh2t7yje706c4fqf8b8hj3ma7nrcj4p9q2d3vqh1wjwyesvx9jw2%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjT7Q-ccvYcTcJ4-e-wbe467wCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTGAU_QwGxrHvfElCQXZL7vCXohidUAcO8FLkRORdPLC3cB4iI0k4mcA0NcKnkId7_Y9KCcyr8D6Lno7yocBMQ-4QvrENGGrxtG373w92BNkuPoMFMxtMI4lcVgrH_ZVH-kuCSBHpWq1FqVgIhy7EXP9sMeVOMCxMISIu4xWD6MYixa6FTl0tE45KvDxg8b-OPGURWOTdCMnYKxheMkShI9zhKMD6RDgS_0PwTj-4B_NV3ebX7KamV2Laisnlezoa1GQ5gJ1Rj7HYAGv8uJxrfT-dFboAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2Pc90N09CQiBYOXwu65eOA32Z_4w%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 514302 cf-polished qual=85, origFmt=jpeg, origSize=16723 x-guploader-uploadid ADPycdsWB__4IqPBYYG7Kpds-Oh9NiwUdYDgeYBeMRDoFkaGpviNrqYfQBH9SobGtpzf_sMJli3KEJKiwZt5MukWKlUq4QX9PA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 8354 last-modified Wed, 22 Jan 2020 13:13:07 GMT server cloudflare etag "04cb7ec205cea351157aeffb998f3a85" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FyVTOVbMm4VoTTYIcaN14QzJ6TkC%2FWnumeOrSP%2FZCGjJhAxj%2Fbnyl%2BHxycuTzeChtrRAcQmO97U054rczpwQWKCDk49XEZXwV3m%2BrHv%2FdMXd7WmlSTiO28Kc6WUZfw%2FqSOsS00tpZPJW1cOn"}],"group":"cf-nel","max_age":604800} x-goog-generation 1579698787150900 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 16723 accept-ranges bytes cf-ray 6880997e3ace4eeb-FRA cf-bgj imgq:85,h2pri
GET H2	200	FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B assets.ad4m.at/product_image/ Frame 5BF2	30 KB 30 KB	63ms 35ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=MInmF05_CaZFcRpKv2H_2EewNtCCUBaN&g=e739bab853e479dc33ee98637b984eae%2F198757594679245095&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338489&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jcrq339m6f2kafkmq316x7yfv6cs0f088g79h6wk2m3wtma4a54b1f10gxwbh1rgeexccg6mpk5hg0q0asd9sztcbxcc8p3n5wj793n3jjhs65mcmfm706qntxmykbcq0nxc2vyec9w7ktmrh8mbp2wq9kf2dek0fy5g5wwgtsz3f3vsk6cjx50tnqke4mbhnwz41f2xjmytxkmn8r8yknypvh2t7yje706c4fqf8b8hj3ma7nrcj4p9q2d3vqh1wjwyesvx9jw2%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjT7Q-ccvYcTcJ4-e-wbe467wCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTGAU_QwGxrHvfElCQXZL7vCXohidUAcO8FLkRORdPLC3cB4iI0k4mcA0NcKnkId7_Y9KCcyr8D6Lno7yocBMQ-4QvrENGGrxtG373w92BNkuPoMFMxtMI4lcVgrH_ZVH-kuCSBHpWq1FqVgIhy7EXP9sMeVOMCxMISIu4xWD6MYixa6FTl0tE45KvDxg8b-OPGURWOTdCMnYKxheMkShI9zhKMD6RDgS_0PwTj-4B_NV3ebX7KamV2Laisnlezoa1GQ5gJ1Rj7HYAGv8uJxrfT-dFboAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2Pc90N09CQiBYOXwu65eOA32Z_4w%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 249513 cf-polished qual=85, origFmt=jpeg, origSize=81547 x-guploader-uploadid ADPycdshaSqQ24WpitH9jKkfFmURKTsmZPlBkDLtXQlt5GOx9BOsjNF_GQXRfV_MeQTdXbgICygfEUEbzTCJvQk7pGQTEMd_wQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 30226 last-modified Thu, 09 Apr 2020 08:50:22 GMT server cloudflare etag "f7c8b1c28756e1f042414e043a02e1fa" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFlmqeQzwwgaNzNq7VN4tGrk%2B2wHhQGJTBLsw4ngEV2p7GylgaObNaRI1E7r%2BAtiHmr4wI2PVuJylUlqL7zs0YTqOf9BCs6guhkQcjuWXDhrCjnEnczQlwvrJ95iQciM1pAl2MYP%2Fnzu5il9"}],"group":"cf-nel","max_age":604800} x-goog-generation 1586422222365290 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 81547 accept-ranges bytes cf-ray 6880997e3acf4eeb-FRA cf-bgj imgq:85,h2pri
GET H/1.1	200	/ banner.congstar.de/cookie/ Frame 5BF2 Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%... https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CNiBxqm13vICFVRN4AodE8kL9w;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d... https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__asuidMInmF05_CaZFcRpKv2H_2EewNtCCUBaNasuid__dc_reach_suite02wkz&gdpr_cons... https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630521339_67fabf00-0b53-11ec-9917-692d0f70657e	0 517 B	50ms 50ms	Image text/plain	148.251.139.77 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630521339_67fabf00-0b53-11ec-9917-692d0f70657e Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=728&d=90&e=MInmF05_CaZFcRpKv2H_2EewNtCCUBaN&g=e739bab853e479dc33ee98637b984eae%2F198757594679245095&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338489&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jcrq339m6f2kafkmq316x7yfv6cs0f088g79h6wk2m3wtma4a54b1f10gxwbh1rgeexccg6mpk5hg0q0asd9sztcbxcc8p3n5wj793n3jjhs65mcmfm706qntxmykbcq0nxc2vyec9w7ktmrh8mbp2wq9kf2dek0fy5g5wwgtsz3f3vsk6cjx50tnqke4mbhnwz41f2xjmytxkmn8r8yknypvh2t7yje706c4fqf8b8hj3ma7nrcj4p9q2d3vqh1wjwyesvx9jw2%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCjT7Q-ccvYcTcJ4-e-wbe467wCJDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAkRdscZp3rM-qAMBqgTGAU_QwGxrHvfElCQXZL7vCXohidUAcO8FLkRORdPLC3cB4iI0k4mcA0NcKnkId7_Y9KCcyr8D6Lno7yocBMQ-4QvrENGGrxtG373w92BNkuPoMFMxtMI4lcVgrH_ZVH-kuCSBHpWq1FqVgIhy7EXP9sMeVOMCxMISIu4xWD6MYixa6FTl0tE45KvDxg8b-OPGURWOTdCMnYKxheMkShI9zhKMD6RDgS_0PwTj-4B_NV3ebX7KamV2Laisnlezoa1GQ5gJ1Rj7HYAGv8uJxrfT-dFboAYhqAemvhuoB_DZG6gH8tkbqAfs1RuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_2Pc90N09CQiBYOXwu65eOA32Z_4w%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.77.139.251.148.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Wed, 01 Sep 2021 18:35:39 GMT Server Apache P3P CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Keep-Alive timeout=5, max=98 Content-Length 0 Redirect headers Date Wed, 01 Sep 2021 18:35:39 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Location https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630521339_67fabf00-0b53-11ec-9917-692d0f70657e Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Length 0
GET H3-29	200	default.css as.ad4m.at/ad/style/0.1.8/one-ad/ Frame FCE0	64 KB 8 KB	39ms 31ms	Stylesheet text/css	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=YE_QH4q1sR6ldDPdlFwgUNsyoQ5Ywyrk&g=ccb1f6f97ae7f0d04088fe3ccd84cb50%2F8675000444757962647&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338496&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gvb965ttyr5128t651drhq209548mwvfxe3xtv6apt5gkh2dhz6vvesagagxfvtj2wbvgx3cz5s1kk1q1hkwtzpm2jyrgz3wa41sx3j6x35kzzne7a04s80t9s94vav4a0nez35y3mz6ked32ew53t4m797cz9dgsgfghe3bctgvr176ckwmcfzg0f13cj2k5cbsakw315ptpcyef255cmc8x228assttfyfjjjc1k9gxp63bc41s24wbh2e5db1v4gfmzwrm5ky%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC05s6-ccvYfmaKuS8-wb9nLGACZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QYWppESivUahUKCItYHyM8FMBEiUagLmZ-nKoczYlWT0IzdEOj6YDA1cbyGJI69Gfp7HX7x0PcV1ueVa2an7OXfmmhhdp7OLnEK8zfmDUH5wyvCxY2HKhyJ-S-QBbs-cpjnalFLH5OzS83RFkOTZGytcDPAfpXdu9LZ9IL80Hdn0e0d85bwZzYQ4FdyUR6li6IgRA0wYSjONH3ROQheE3qLjNJj7ZzXAgM7Mzx8YnovejJSXFjIZNzv3UjXOdJgdgC7a4NUeABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3Ux-yqD21JAJP2tCNFMeU3vbTKwQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=YE_QH4q1sR6ldDPdlFwgUNsyoQ5Ywyrk&g=ccb1f6f97ae7f0d04088fe3ccd84cb50%2F8675000444757962647&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338496&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gvb965ttyr5128t651drhq209548mwvfxe3xtv6apt5gkh2dhz6vvesagagxfvtj2wbvgx3cz5s1kk1q1hkwtzpm2jyrgz3wa41sx3j6x35kzzne7a04s80t9s94vav4a0nez35y3mz6ked32ew53t4m797cz9dgsgfghe3bctgvr176ckwmcfzg0f13cj2k5cbsakw315ptpcyef255cmc8x228assttfyfjjjc1k9gxp63bc41s24wbh2e5db1v4gfmzwrm5ky%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC05s6-ccvYfmaKuS8-wb9nLGACZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QYWppESivUahUKCItYHyM8FMBEiUagLmZ-nKoczYlWT0IzdEOj6YDA1cbyGJI69Gfp7HX7x0PcV1ueVa2an7OXfmmhhdp7OLnEK8zfmDUH5wyvCxY2HKhyJ-S-QBbs-cpjnalFLH5OzS83RFkOTZGytcDPAfpXdu9LZ9IL80Hdn0e0d85bwZzYQ4FdyUR6li6IgRA0wYSjONH3ROQheE3qLjNJj7ZzXAgM7Mzx8YnovejJSXFjIZNzv3UjXOdJgdgC7a4NUeABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3Ux-yqD21JAJP2tCNFMeU3vbTKwQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} age 9899 cf-polished origSize=65497 surrogate-control no-store strict-transport-security max-age=86400; includeSubDomains; preload content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 x-xss-protection 1; mode=block pragma no-cache referrer-policy same-origin expires 0 last-modified Wed, 01 Sep 2021 15:50:39 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-download-options noopen report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} content-type text/css; charset=utf-8 vary Accept-Encoding cache-control max-age=3600, must-revalidate, proxy-revalidate cf-ray 6880997e087b4e9e-FRA cf-bgj minify
GET H2	200	B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528 assets.ad4m.at/logo/ Frame FCE0	18 KB 19 KB	74ms 41ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=YE_QH4q1sR6ldDPdlFwgUNsyoQ5Ywyrk&g=ccb1f6f97ae7f0d04088fe3ccd84cb50%2F8675000444757962647&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338496&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gvb965ttyr5128t651drhq209548mwvfxe3xtv6apt5gkh2dhz6vvesagagxfvtj2wbvgx3cz5s1kk1q1hkwtzpm2jyrgz3wa41sx3j6x35kzzne7a04s80t9s94vav4a0nez35y3mz6ked32ew53t4m797cz9dgsgfghe3bctgvr176ckwmcfzg0f13cj2k5cbsakw315ptpcyef255cmc8x228assttfyfjjjc1k9gxp63bc41s24wbh2e5db1v4gfmzwrm5ky%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC05s6-ccvYfmaKuS8-wb9nLGACZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QYWppESivUahUKCItYHyM8FMBEiUagLmZ-nKoczYlWT0IzdEOj6YDA1cbyGJI69Gfp7HX7x0PcV1ueVa2an7OXfmmhhdp7OLnEK8zfmDUH5wyvCxY2HKhyJ-S-QBbs-cpjnalFLH5OzS83RFkOTZGytcDPAfpXdu9LZ9IL80Hdn0e0d85bwZzYQ4FdyUR6li6IgRA0wYSjONH3ROQheE3qLjNJj7ZzXAgM7Mzx8YnovejJSXFjIZNzv3UjXOdJgdgC7a4NUeABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3Ux-yqD21JAJP2tCNFMeU3vbTKwQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 249310 cf-polished origFmt=png, origSize=35453 x-guploader-uploadid ADPycdu2nByeXjfOPqT7lHlpnmMnylP_Z-2k3HhkuK50aTjzxwkOZcUSFNaqrm-tSEobBJU8iJM1Ek0-aWiub8kzNX0gGyoY0A x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 18872 last-modified Mon, 18 May 2020 12:30:29 GMT server cloudflare etag "e18c9634cdd319e69c2765475f29cd13" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uX6tUc2E324gVSm9DK3Wx49esIN2sR%2FHrKETS1PNwXjSZWupEmiRDYGg1kaKR8it3eqFxfvLz60XojnPPrpasV2DdcOj418PdyOzgGMa6kS%2BICJDSW3B8gUObgaU3tpZfL%2BD%2FvbMtF%2BuFXAQ"}],"group":"cf-nel","max_age":604800} x-goog-generation 1589805029334103 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 35453 accept-ranges bytes cf-ray 6880997e3ad44eeb-FRA cf-bgj imgq:85,h2pri
GET H2	200	A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C assets.ad4m.at/product_image/ Frame FCE0	2 KB 2 KB	72ms 39ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=YE_QH4q1sR6ldDPdlFwgUNsyoQ5Ywyrk&g=ccb1f6f97ae7f0d04088fe3ccd84cb50%2F8675000444757962647&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338496&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gvb965ttyr5128t651drhq209548mwvfxe3xtv6apt5gkh2dhz6vvesagagxfvtj2wbvgx3cz5s1kk1q1hkwtzpm2jyrgz3wa41sx3j6x35kzzne7a04s80t9s94vav4a0nez35y3mz6ked32ew53t4m797cz9dgsgfghe3bctgvr176ckwmcfzg0f13cj2k5cbsakw315ptpcyef255cmc8x228assttfyfjjjc1k9gxp63bc41s24wbh2e5db1v4gfmzwrm5ky%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC05s6-ccvYfmaKuS8-wb9nLGACZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QYWppESivUahUKCItYHyM8FMBEiUagLmZ-nKoczYlWT0IzdEOj6YDA1cbyGJI69Gfp7HX7x0PcV1ueVa2an7OXfmmhhdp7OLnEK8zfmDUH5wyvCxY2HKhyJ-S-QBbs-cpjnalFLH5OzS83RFkOTZGytcDPAfpXdu9LZ9IL80Hdn0e0d85bwZzYQ4FdyUR6li6IgRA0wYSjONH3ROQheE3qLjNJj7ZzXAgM7Mzx8YnovejJSXFjIZNzv3UjXOdJgdgC7a4NUeABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3Ux-yqD21JAJP2tCNFMeU3vbTKwQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 507839 cf-polished origFmt=png, origSize=4031 x-guploader-uploadid ADPycduw6T2ge-dcMCB8q8PQRkN5ddfV5p1F05xdj5QIjyKx_lBHIAoQcv69zW7h0C0ikAUfnJqs8jpQ-4HqCJYqLcg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 1598 last-modified Wed, 20 Jan 2021 17:03:56 GMT server cloudflare etag "7a3a98fe673db7b2502bd5c6d1316e2c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vw18JK7UQ7w4zytfjeMabTmlpEg1igOQORCWqqGM8JLpXif06xSYVgdhXZoQrd8yXddAmcfBqB7ufI%2B8rqTrceeSGJR5BeUqjfFpzVYqYh5pPhzuAAyraQaEsw0J9niCrZrLXbTsIXXHYIY4"}],"group":"cf-nel","max_age":604800} x-goog-generation 1611162235947637 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 4031 accept-ranges bytes cf-ray 6880997e3ad54eeb-FRA cf-bgj imgq:85,h2pri
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame FCE0	43 B 705 B	600ms 67ms	Image image/gif	104.111.239.217 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneide7RC3fVfxBVcjHZHet1teW3sjTQTx8Joneid__asuidYE_QH4q1sR6ldDPdlFwgUNsyoQ5Ywyrkasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=YE_QH4q1sR6ldDPdlFwgUNsyoQ5Ywyrk&g=ccb1f6f97ae7f0d04088fe3ccd84cb50%2F8675000444757962647&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338496&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gvb965ttyr5128t651drhq209548mwvfxe3xtv6apt5gkh2dhz6vvesagagxfvtj2wbvgx3cz5s1kk1q1hkwtzpm2jyrgz3wa41sx3j6x35kzzne7a04s80t9s94vav4a0nez35y3mz6ked32ew53t4m797cz9dgsgfghe3bctgvr176ckwmcfzg0f13cj2k5cbsakw315ptpcyef255cmc8x228assttfyfjjjc1k9gxp63bc41s24wbh2e5db1v4gfmzwrm5ky%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC05s6-ccvYfmaKuS8-wb9nLGACZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QYWppESivUahUKCItYHyM8FMBEiUagLmZ-nKoczYlWT0IzdEOj6YDA1cbyGJI69Gfp7HX7x0PcV1ueVa2an7OXfmmhhdp7OLnEK8zfmDUH5wyvCxY2HKhyJ-S-QBbs-cpjnalFLH5OzS83RFkOTZGytcDPAfpXdu9LZ9IL80Hdn0e0d85bwZzYQ4FdyUR6li6IgRA0wYSjONH3ROQheE3qLjNJj7ZzXAgM7Mzx8YnovejJSXFjIZNzv3UjXOdJgdgC7a4NUeABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3Ux-yqD21JAJP2tCNFMeU3vbTKwQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-239-217.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Wed, 01 Sep 2021 18:35:39 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0
GET H2	200	092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399 assets.ad4m.at/logo/ Frame FCE0	38 KB 39 KB	70ms 37ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=YE_QH4q1sR6ldDPdlFwgUNsyoQ5Ywyrk&g=ccb1f6f97ae7f0d04088fe3ccd84cb50%2F8675000444757962647&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338496&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gvb965ttyr5128t651drhq209548mwvfxe3xtv6apt5gkh2dhz6vvesagagxfvtj2wbvgx3cz5s1kk1q1hkwtzpm2jyrgz3wa41sx3j6x35kzzne7a04s80t9s94vav4a0nez35y3mz6ked32ew53t4m797cz9dgsgfghe3bctgvr176ckwmcfzg0f13cj2k5cbsakw315ptpcyef255cmc8x228assttfyfjjjc1k9gxp63bc41s24wbh2e5db1v4gfmzwrm5ky%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC05s6-ccvYfmaKuS8-wb9nLGACZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QYWppESivUahUKCItYHyM8FMBEiUagLmZ-nKoczYlWT0IzdEOj6YDA1cbyGJI69Gfp7HX7x0PcV1ueVa2an7OXfmmhhdp7OLnEK8zfmDUH5wyvCxY2HKhyJ-S-QBbs-cpjnalFLH5OzS83RFkOTZGytcDPAfpXdu9LZ9IL80Hdn0e0d85bwZzYQ4FdyUR6li6IgRA0wYSjONH3ROQheE3qLjNJj7ZzXAgM7Mzx8YnovejJSXFjIZNzv3UjXOdJgdgC7a4NUeABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3Ux-yqD21JAJP2tCNFMeU3vbTKwQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 507159 cf-polished origFmt=png, origSize=44613 x-guploader-uploadid ADPycdtPzXlOqwPBuDjLXeT9INqbT1JQ4K2k-jWqmum-TWLhnCwpfCYxD6FfzMw5S2NgH5j7NXT7v42JG-PNGqGGzg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 39202 last-modified Wed, 22 Jan 2020 13:11:41 GMT server cloudflare etag "c2a4f822e5a831f3b5cab39c8bcae61d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wwm3E4PKRr1uuWC1zOnEqBrJbI2FD8SXXaAR8RR%2BgjPaBg5YS62dJwNQXN1sNUBqefyYqQS%2FEj%2BLO20TsVoT1mlpNoaVT0SowwgK%2FPSxdbhNTP3BtJkgDBcFzHekEI8Ahb6rx4jYb%2FiCFORi"}],"group":"cf-nel","max_age":604800} x-goog-generation 1579698701189315 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 44613 accept-ranges bytes cf-ray 6880997e3ad64eeb-FRA cf-bgj imgq:85,h2pri
GET H2	200	69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A assets.ad4m.at/ Frame FCE0	113 KB 113 KB	72ms 40ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=YE_QH4q1sR6ldDPdlFwgUNsyoQ5Ywyrk&g=ccb1f6f97ae7f0d04088fe3ccd84cb50%2F8675000444757962647&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338496&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gvb965ttyr5128t651drhq209548mwvfxe3xtv6apt5gkh2dhz6vvesagagxfvtj2wbvgx3cz5s1kk1q1hkwtzpm2jyrgz3wa41sx3j6x35kzzne7a04s80t9s94vav4a0nez35y3mz6ked32ew53t4m797cz9dgsgfghe3bctgvr176ckwmcfzg0f13cj2k5cbsakw315ptpcyef255cmc8x228assttfyfjjjc1k9gxp63bc41s24wbh2e5db1v4gfmzwrm5ky%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC05s6-ccvYfmaKuS8-wb9nLGACZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QYWppESivUahUKCItYHyM8FMBEiUagLmZ-nKoczYlWT0IzdEOj6YDA1cbyGJI69Gfp7HX7x0PcV1ueVa2an7OXfmmhhdp7OLnEK8zfmDUH5wyvCxY2HKhyJ-S-QBbs-cpjnalFLH5OzS83RFkOTZGytcDPAfpXdu9LZ9IL80Hdn0e0d85bwZzYQ4FdyUR6li6IgRA0wYSjONH3ROQheE3qLjNJj7ZzXAgM7Mzx8YnovejJSXFjIZNzv3UjXOdJgdgC7a4NUeABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3Ux-yqD21JAJP2tCNFMeU3vbTKwQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 511143 cf-polished origFmt=png, origSize=136328 x-guploader-uploadid ADPycduj874xBwWers7A0rvM5jKeVfBW1MVoviMq067fpwP36KmZ5H_UxJMVWZkp4S1GZRvF8zE9V0jaBG58OyvE-DY x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 115268 last-modified Tue, 29 Oct 2019 09:42:57 GMT server cloudflare etag "0357ac79cb3ff45b9d567eab80c7e34c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k5Bq39kyXk3X640ydOx9i5UxSg2hIqjnDdf5HKOxWyiFdqWTnk1CC1ylPhgz9Hntp8ww%2BuRMUumJ0ysoOPl%2BMJ5eK5UGL3EQ1BGs%2BfaRluomWMeBJyQh01Mdo%2Fgqa9PcG1C3Si9oPdRSPTH3"}],"group":"cf-nel","max_age":604800} x-goog-generation 1572342177666668 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 136328 accept-ranges bytes cf-ray 6880997e3ad84eeb-FRA cf-bgj imgq:85,h2pri
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame FCE0	43 B 702 B	673ms 69ms	Image image/gif	104.111.239.217 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneide7RC3fVfYpcjHZHet1tbrzUjTQTx8Joneid__asuidYE_QH4q1sR6ldDPdlFwgUNsyoQ5Ywyrkasuid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=YE_QH4q1sR6ldDPdlFwgUNsyoQ5Ywyrk&g=ccb1f6f97ae7f0d04088fe3ccd84cb50%2F8675000444757962647&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338496&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gvb965ttyr5128t651drhq209548mwvfxe3xtv6apt5gkh2dhz6vvesagagxfvtj2wbvgx3cz5s1kk1q1hkwtzpm2jyrgz3wa41sx3j6x35kzzne7a04s80t9s94vav4a0nez35y3mz6ked32ew53t4m797cz9dgsgfghe3bctgvr176ckwmcfzg0f13cj2k5cbsakw315ptpcyef255cmc8x228assttfyfjjjc1k9gxp63bc41s24wbh2e5db1v4gfmzwrm5ky%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC05s6-ccvYfmaKuS8-wb9nLGACZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QYWppESivUahUKCItYHyM8FMBEiUagLmZ-nKoczYlWT0IzdEOj6YDA1cbyGJI69Gfp7HX7x0PcV1ueVa2an7OXfmmhhdp7OLnEK8zfmDUH5wyvCxY2HKhyJ-S-QBbs-cpjnalFLH5OzS83RFkOTZGytcDPAfpXdu9LZ9IL80Hdn0e0d85bwZzYQ4FdyUR6li6IgRA0wYSjONH3ROQheE3qLjNJj7ZzXAgM7Mzx8YnovejJSXFjIZNzv3UjXOdJgdgC7a4NUeABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3Ux-yqD21JAJP2tCNFMeU3vbTKwQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-239-217.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Wed, 01 Sep 2021 18:35:39 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0
GET H2	200	188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410 assets.ad4m.at/logo/ Frame FCE0	8 KB 9 KB	72ms 40ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=YE_QH4q1sR6ldDPdlFwgUNsyoQ5Ywyrk&g=ccb1f6f97ae7f0d04088fe3ccd84cb50%2F8675000444757962647&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338496&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gvb965ttyr5128t651drhq209548mwvfxe3xtv6apt5gkh2dhz6vvesagagxfvtj2wbvgx3cz5s1kk1q1hkwtzpm2jyrgz3wa41sx3j6x35kzzne7a04s80t9s94vav4a0nez35y3mz6ked32ew53t4m797cz9dgsgfghe3bctgvr176ckwmcfzg0f13cj2k5cbsakw315ptpcyef255cmc8x228assttfyfjjjc1k9gxp63bc41s24wbh2e5db1v4gfmzwrm5ky%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC05s6-ccvYfmaKuS8-wb9nLGACZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QYWppESivUahUKCItYHyM8FMBEiUagLmZ-nKoczYlWT0IzdEOj6YDA1cbyGJI69Gfp7HX7x0PcV1ueVa2an7OXfmmhhdp7OLnEK8zfmDUH5wyvCxY2HKhyJ-S-QBbs-cpjnalFLH5OzS83RFkOTZGytcDPAfpXdu9LZ9IL80Hdn0e0d85bwZzYQ4FdyUR6li6IgRA0wYSjONH3ROQheE3qLjNJj7ZzXAgM7Mzx8YnovejJSXFjIZNzv3UjXOdJgdgC7a4NUeABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3Ux-yqD21JAJP2tCNFMeU3vbTKwQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 514302 cf-polished qual=85, origFmt=jpeg, origSize=16723 x-guploader-uploadid ADPycdsWB__4IqPBYYG7Kpds-Oh9NiwUdYDgeYBeMRDoFkaGpviNrqYfQBH9SobGtpzf_sMJli3KEJKiwZt5MukWKlUq4QX9PA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 8354 last-modified Wed, 22 Jan 2020 13:13:07 GMT server cloudflare etag "04cb7ec205cea351157aeffb998f3a85" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzZDpCQYolV3fnx%2BzuWEA%2BdMWAOB4QB2N6PCBL51lnOhyM6DvQMeVxHHBBGITPhMF8SmaK1jN6THRKx08PUdn0%2BfoQBKq42lgHnGAzaZyg7tTvWAkr8pg5M5NIdRmvz5Jlwdla8hQAEbSD7m"}],"group":"cf-nel","max_age":604800} x-goog-generation 1579698787150900 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 16723 accept-ranges bytes cf-ray 6880997e3ad94eeb-FRA cf-bgj imgq:85,h2pri
GET H3-29	200	F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485 assets.ad4m.at/ Frame FCE0	35 KB 36 KB	57ms 31ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/F49C2EAC44796C3CC36B7EB8176E57DD4979BB6953D52AE3EC354AC4722C65BE111766AA7B1FD623B46255E02B9A1FD3C70187E6A3B399F7EA1DA8FBFD78D485 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=YE_QH4q1sR6ldDPdlFwgUNsyoQ5Ywyrk&g=ccb1f6f97ae7f0d04088fe3ccd84cb50%2F8675000444757962647&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338496&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gvb965ttyr5128t651drhq209548mwvfxe3xtv6apt5gkh2dhz6vvesagagxfvtj2wbvgx3cz5s1kk1q1hkwtzpm2jyrgz3wa41sx3j6x35kzzne7a04s80t9s94vav4a0nez35y3mz6ked32ew53t4m797cz9dgsgfghe3bctgvr176ckwmcfzg0f13cj2k5cbsakw315ptpcyef255cmc8x228assttfyfjjjc1k9gxp63bc41s24wbh2e5db1v4gfmzwrm5ky%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC05s6-ccvYfmaKuS8-wb9nLGACZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QYWppESivUahUKCItYHyM8FMBEiUagLmZ-nKoczYlWT0IzdEOj6YDA1cbyGJI69Gfp7HX7x0PcV1ueVa2an7OXfmmhhdp7OLnEK8zfmDUH5wyvCxY2HKhyJ-S-QBbs-cpjnalFLH5OzS83RFkOTZGytcDPAfpXdu9LZ9IL80Hdn0e0d85bwZzYQ4FdyUR6li6IgRA0wYSjONH3ROQheE3qLjNJj7ZzXAgM7Mzx8YnovejJSXFjIZNzv3UjXOdJgdgC7a4NUeABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3Ux-yqD21JAJP2tCNFMeU3vbTKwQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ffbf2d2525e0baabd5fdf5289510e03e86ccb28dc9767ef58bf483077f3bfc75 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=DWwdxw==, md5=nrQF3oFd2dnh8eRzIt323A== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 602570 cf-polished qual=85, origFmt=jpeg, origSize=40264 x-guploader-uploadid ADPycdshetqKJwndrHOH-lFCXPqJhWewdUcIkQfLaob_OeIRhD69yNjft6_UWg4G8QIF6IJwHcgiACP4KXnOYTeFqnE x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 35504 last-modified Wed, 19 Feb 2020 17:37:15 GMT server cloudflare etag "9eb405de815dd9d9e1f1e47322ddf6dc" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4GG3N1Eb%2FGcU8UmIZbupyagrARq%2Fz%2BUpc%2FhA17pLiA3o9pN2NoWtuXS%2FbjMmBL2SJvg57LlwG8J1vj7LgfXxYl3gRMl9GLQUcnoPBQ0SBJ7PNX%2F878ZXM33OMzi%2BYN%2F1YJ8NR7IL01KQGTe"}],"group":"cf-nel","max_age":604800} x-goog-generation 1582133835673152 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 40264 accept-ranges bytes cf-ray 6880997e38e94e9e-FRA cf-bgj imgq:85,h2pri
GET H/1.1	200	/ banner.congstar.de/cookie/ Frame FCE0 Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%... https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CML_xam13vICFVqy3godw0MCow;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d... https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneid62Zcef3f6wmheHmHYtkt5kmt2T1T2qJoneid__asuidYE_QH4q1sR6ldDPdlFwgUNsyoQ5Ywyrkasuid__dc_reach_suite02wkz&gdpr_cons... https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630521339_67e56241-0b53-11ec-bb85-692d07ad2270	0 517 B	124ms 52ms	Image text/plain	148.251.139.77 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630521339_67e56241-0b53-11ec-bb85-692d07ad2270 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C15255&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2C62Zcef3f6wmheHmHYtkt5kmt2T1T2qJ&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2CXxVfzfrfp3Bh6H4Het1CxXpUBTkTXKP&c=300&d=250&e=YE_QH4q1sR6ldDPdlFwgUNsyoQ5Ywyrk&g=ccb1f6f97ae7f0d04088fe3ccd84cb50%2F8675000444757962647&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338496&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gvb965ttyr5128t651drhq209548mwvfxe3xtv6apt5gkh2dhz6vvesagagxfvtj2wbvgx3cz5s1kk1q1hkwtzpm2jyrgz3wa41sx3j6x35kzzne7a04s80t9s94vav4a0nez35y3mz6ked32ew53t4m797cz9dgsgfghe3bctgvr176ckwmcfzg0f13cj2k5cbsakw315ptpcyef255cmc8x228assttfyfjjjc1k9gxp63bc41s24wbh2e5db1v4gfmzwrm5ky%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DC05s6-ccvYfmaKuS8-wb9nLGACZDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QYWppESivUahUKCItYHyM8FMBEiUagLmZ-nKoczYlWT0IzdEOj6YDA1cbyGJI69Gfp7HX7x0PcV1ueVa2an7OXfmmhhdp7OLnEK8zfmDUH5wyvCxY2HKhyJ-S-QBbs-cpjnalFLH5OzS83RFkOTZGytcDPAfpXdu9LZ9IL80Hdn0e0d85bwZzYQ4FdyUR6li6IgRA0wYSjONH3ROQheE3qLjNJj7ZzXAgM7Mzx8YnovejJSXFjIZNzv3UjXOdJgdgC7a4NUeABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3Ux-yqD21JAJP2tCNFMeU3vbTKwQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=1&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.77.139.251.148.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Wed, 01 Sep 2021 18:35:39 GMT Server Apache P3P CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 0 Redirect headers Date Wed, 01 Sep 2021 18:35:39 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Location https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630521339_67e56241-0b53-11ec-bb85-692d07ad2270 Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Length 0
GET H3-29	200	default.css as.ad4m.at/ad/style/0.1.8/one-ad/ Frame 5AE5	64 KB 8 KB	40ms 24ms	Stylesheet text/css	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://as.ad4m.at/ad/style/0.1.8/one-ad/default.css Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=a93ea71c819e98155f38500b6a3abbb8%2F8622651632706915320&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338516&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h0c9mxsq761tvhg3fzkh03hwfcqcegv97yxt80dzz9pytac0h11r3x0sh82qwcath42csx8edwy9a88qyr1yv7be9xcqjhh6wnza6aee7z8fmpnzcck7sjy014v56vndbjh6br7c1068qw4339cf4d2s5td80nhqvrkvk87vsxcxv7n72ch2eqqejaxmcycsa1xjybdr94nh502s0v55y5d51rdafxgqgpc8xk1fy9jkxkz1647amfcs16xn6deq860mvzazhszc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCTIqj-ccvYffYL8On-wbDjpDwApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QfWyJ_iinIs3bkHdTHCHUOBrsO-oQRJ2Lz30kLd5fY1zpO1Xznl0zob6dXHIQr4r0qJvN6aMUIJo9jbhq4LY-7U3Tj7vBSP4DHPzWxv7uEHURmpIRh0tDHyHRnhW9nUeuDCx_hTGhw58i95WHIoDCPEJ3HCKz_k-rYxhxQcWyE6vXKelas8b9oo9G3nEFNl9NDFsGTEElh5_sqECzH7aVWrMc90xe6KtvohDkKhf6kF8TJdhG_IiZzvvLNceBgpXfCpCdB_uABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1k2Ld48m18tUfHbxcmSc9kCtfXFQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=0&z=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 611d8874cd6a661e6779751ba6a62bfbb7fa496d36b847c4e7fcf69279c70f44 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=a93ea71c819e98155f38500b6a3abbb8%2F8622651632706915320&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338516&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h0c9mxsq761tvhg3fzkh03hwfcqcegv97yxt80dzz9pytac0h11r3x0sh82qwcath42csx8edwy9a88qyr1yv7be9xcqjhh6wnza6aee7z8fmpnzcck7sjy014v56vndbjh6br7c1068qw4339cf4d2s5td80nhqvrkvk87vsxcxv7n72ch2eqqejaxmcycsa1xjybdr94nh502s0v55y5d51rdafxgqgpc8xk1fy9jkxkz1647amfcs16xn6deq860mvzazhszc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCTIqj-ccvYffYL8On-wbDjpDwApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QfWyJ_iinIs3bkHdTHCHUOBrsO-oQRJ2Lz30kLd5fY1zpO1Xznl0zob6dXHIQr4r0qJvN6aMUIJo9jbhq4LY-7U3Tj7vBSP4DHPzWxv7uEHURmpIRh0tDHyHRnhW9nUeuDCx_hTGhw58i95WHIoDCPEJ3HCKz_k-rYxhxQcWyE6vXKelas8b9oo9G3nEFNl9NDFsGTEElh5_sqECzH7aVWrMc90xe6KtvohDkKhf6kF8TJdhG_IiZzvvLNceBgpXfCpCdB_uABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1k2Ld48m18tUfHbxcmSc9kCtfXFQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=0&z=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:38 GMT via 1.1 google x-content-type-options nosniff cf-cache-status HIT nel {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true} age 9899 cf-polished origSize=65497 surrogate-control no-store strict-transport-security max-age=86400; includeSubDomains; preload content-encoding br alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 x-xss-protection 1; mode=block pragma no-cache referrer-policy same-origin expires 0 last-modified Wed, 01 Sep 2021 15:50:39 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-download-options noopen report-to {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400} content-type text/css; charset=utf-8 vary Accept-Encoding cache-control max-age=3600, must-revalidate, proxy-revalidate cf-ray 6880997e59374e9e-FRA cf-bgj minify
GET H3-29	200	B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528 assets.ad4m.at/logo/ Frame 5AE5	18 KB 19 KB	50ms 35ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=a93ea71c819e98155f38500b6a3abbb8%2F8622651632706915320&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338516&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h0c9mxsq761tvhg3fzkh03hwfcqcegv97yxt80dzz9pytac0h11r3x0sh82qwcath42csx8edwy9a88qyr1yv7be9xcqjhh6wnza6aee7z8fmpnzcck7sjy014v56vndbjh6br7c1068qw4339cf4d2s5td80nhqvrkvk87vsxcxv7n72ch2eqqejaxmcycsa1xjybdr94nh502s0v55y5d51rdafxgqgpc8xk1fy9jkxkz1647amfcs16xn6deq860mvzazhszc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCTIqj-ccvYffYL8On-wbDjpDwApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QfWyJ_iinIs3bkHdTHCHUOBrsO-oQRJ2Lz30kLd5fY1zpO1Xznl0zob6dXHIQr4r0qJvN6aMUIJo9jbhq4LY-7U3Tj7vBSP4DHPzWxv7uEHURmpIRh0tDHyHRnhW9nUeuDCx_hTGhw58i95WHIoDCPEJ3HCKz_k-rYxhxQcWyE6vXKelas8b9oo9G3nEFNl9NDFsGTEElh5_sqECzH7aVWrMc90xe6KtvohDkKhf6kF8TJdhG_IiZzvvLNceBgpXfCpCdB_uABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1k2Ld48m18tUfHbxcmSc9kCtfXFQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=0&z=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 249310 cf-polished origFmt=png, origSize=35453 x-guploader-uploadid ADPycdu2nByeXjfOPqT7lHlpnmMnylP_Z-2k3HhkuK50aTjzxwkOZcUSFNaqrm-tSEobBJU8iJM1Ek0-aWiub8kzNX0gGyoY0A x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 18872 last-modified Mon, 18 May 2020 12:30:29 GMT server cloudflare etag "e18c9634cdd319e69c2765475f29cd13" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iOPH6ilooJq3%2BXeKK5eBmdPZVTB%2BgW7v8upWf8WTJHgx9mR5mphs0a3ChShdhUiNVGfTa7mNdMQwbVDiKhcC1dsfkPTg%2B1%2F5I0di0HAcx9mvXm3JK4%2F6ABkC3x3jobsslUjtUES%2Fp5jKIfFT"}],"group":"cf-nel","max_age":604800} x-goog-generation 1589805029334103 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 35453 accept-ranges bytes cf-ray 6880997e593b4e9e-FRA cf-bgj imgq:85,h2pri
GET H3-29	200	A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C assets.ad4m.at/product_image/ Frame 5AE5	2 KB 3 KB	35ms 24ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/A012F5D8E216B662BCC639EFCE48E0BB093DAE488B3795D30A56E98E58F3F85831088246988EB178E8D9AAEC22C831FEB67C179E776973AC655CFF57EDC5D13C Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=a93ea71c819e98155f38500b6a3abbb8%2F8622651632706915320&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338516&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h0c9mxsq761tvhg3fzkh03hwfcqcegv97yxt80dzz9pytac0h11r3x0sh82qwcath42csx8edwy9a88qyr1yv7be9xcqjhh6wnza6aee7z8fmpnzcck7sjy014v56vndbjh6br7c1068qw4339cf4d2s5td80nhqvrkvk87vsxcxv7n72ch2eqqejaxmcycsa1xjybdr94nh502s0v55y5d51rdafxgqgpc8xk1fy9jkxkz1647amfcs16xn6deq860mvzazhszc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCTIqj-ccvYffYL8On-wbDjpDwApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QfWyJ_iinIs3bkHdTHCHUOBrsO-oQRJ2Lz30kLd5fY1zpO1Xznl0zob6dXHIQr4r0qJvN6aMUIJo9jbhq4LY-7U3Tj7vBSP4DHPzWxv7uEHURmpIRh0tDHyHRnhW9nUeuDCx_hTGhw58i95WHIoDCPEJ3HCKz_k-rYxhxQcWyE6vXKelas8b9oo9G3nEFNl9NDFsGTEElh5_sqECzH7aVWrMc90xe6KtvohDkKhf6kF8TJdhG_IiZzvvLNceBgpXfCpCdB_uABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1k2Ld48m18tUfHbxcmSc9kCtfXFQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=0&z=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79a1fd9f71c69648edfe742cc8b1d2141a95d063e630aaa06a5cdf5faa50650d Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=bJ9ALA==, md5=ejqY/mc9t7JQK9XG0TFuLA== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 507839 cf-polished origFmt=png, origSize=4031 x-guploader-uploadid ADPycduw6T2ge-dcMCB8q8PQRkN5ddfV5p1F05xdj5QIjyKx_lBHIAoQcv69zW7h0C0ikAUfnJqs8jpQ-4HqCJYqLcg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 1598 last-modified Wed, 20 Jan 2021 17:03:56 GMT server cloudflare etag "7a3a98fe673db7b2502bd5c6d1316e2c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VGYELWMc4pzaQuri2SnLL1oTkYpiJKKkqfLBp7dH%2BMaCsFPPuW%2BR5T97%2FJ3ELB4BI%2FWmPFHCYkvx8aRgzYYsL%2Br4Def9hi7PlRImtqqRNRNHbbSaCkcclqfluYOBhILI%2B%2F1Zx5R4IBXfyurN"}],"group":"cf-nel","max_age":604800} x-goog-generation 1611162235947637 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 4031 accept-ranges bytes cf-ray 6880997e593e4e9e-FRA cf-bgj imgq:85,h2pri
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame 5AE5	43 B 705 B	701ms 68ms	Image image/gif	104.111.239.217 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneide7RC3fVfxBVcjHZHet1teW3sjTQTx8Joneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=a93ea71c819e98155f38500b6a3abbb8%2F8622651632706915320&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338516&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h0c9mxsq761tvhg3fzkh03hwfcqcegv97yxt80dzz9pytac0h11r3x0sh82qwcath42csx8edwy9a88qyr1yv7be9xcqjhh6wnza6aee7z8fmpnzcck7sjy014v56vndbjh6br7c1068qw4339cf4d2s5td80nhqvrkvk87vsxcxv7n72ch2eqqejaxmcycsa1xjybdr94nh502s0v55y5d51rdafxgqgpc8xk1fy9jkxkz1647amfcs16xn6deq860mvzazhszc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCTIqj-ccvYffYL8On-wbDjpDwApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QfWyJ_iinIs3bkHdTHCHUOBrsO-oQRJ2Lz30kLd5fY1zpO1Xznl0zob6dXHIQr4r0qJvN6aMUIJo9jbhq4LY-7U3Tj7vBSP4DHPzWxv7uEHURmpIRh0tDHyHRnhW9nUeuDCx_hTGhw58i95WHIoDCPEJ3HCKz_k-rYxhxQcWyE6vXKelas8b9oo9G3nEFNl9NDFsGTEElh5_sqECzH7aVWrMc90xe6KtvohDkKhf6kF8TJdhG_IiZzvvLNceBgpXfCpCdB_uABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1k2Ld48m18tUfHbxcmSc9kCtfXFQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=0&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-239-217.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Wed, 01 Sep 2021 18:35:39 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0
GET H3-29	200	092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399 assets.ad4m.at/logo/ Frame 5AE5	38 KB 39 KB	37ms 27ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/092AF182BFAEB6FB9384BCD487C1B5A43125CF153AA6D3EDEC71241055FD8B61372C6BFDCCACC22CAB8E52B77906D491F783793EC97701304A15CA510282E399 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=a93ea71c819e98155f38500b6a3abbb8%2F8622651632706915320&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338516&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h0c9mxsq761tvhg3fzkh03hwfcqcegv97yxt80dzz9pytac0h11r3x0sh82qwcath42csx8edwy9a88qyr1yv7be9xcqjhh6wnza6aee7z8fmpnzcck7sjy014v56vndbjh6br7c1068qw4339cf4d2s5td80nhqvrkvk87vsxcxv7n72ch2eqqejaxmcycsa1xjybdr94nh502s0v55y5d51rdafxgqgpc8xk1fy9jkxkz1647amfcs16xn6deq860mvzazhszc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCTIqj-ccvYffYL8On-wbDjpDwApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QfWyJ_iinIs3bkHdTHCHUOBrsO-oQRJ2Lz30kLd5fY1zpO1Xznl0zob6dXHIQr4r0qJvN6aMUIJo9jbhq4LY-7U3Tj7vBSP4DHPzWxv7uEHURmpIRh0tDHyHRnhW9nUeuDCx_hTGhw58i95WHIoDCPEJ3HCKz_k-rYxhxQcWyE6vXKelas8b9oo9G3nEFNl9NDFsGTEElh5_sqECzH7aVWrMc90xe6KtvohDkKhf6kF8TJdhG_IiZzvvLNceBgpXfCpCdB_uABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1k2Ld48m18tUfHbxcmSc9kCtfXFQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=0&z=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 79a636d2c8ace706866349aaf2d1661b25c94a9523ab602e32d106fbba2a2b23 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=EKOc3w==, md5=wqT4IuWoMfO1yrOci8rmHQ== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 507159 cf-polished origFmt=png, origSize=44613 x-guploader-uploadid ADPycdtPzXlOqwPBuDjLXeT9INqbT1JQ4K2k-jWqmum-TWLhnCwpfCYxD6FfzMw5S2NgH5j7NXT7v42JG-PNGqGGzg x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 39202 last-modified Wed, 22 Jan 2020 13:11:41 GMT server cloudflare etag "c2a4f822e5a831f3b5cab39c8bcae61d" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbAqLE%2BGccOzlbHMjBDNLKB3u4GhutbRy4OpnwyDa0xcy%2FBlF2FCovfh8Y%2BPMPlqgxLmufyboP9%2FEUQemnlY6k%2BieFFOSg%2FPfC%2BKTprPYqoJT%2Bb9nqGPsx3tsCN9M5j7y0hf%2FvV2mZUhY5F3"}],"group":"cf-nel","max_age":604800} x-goog-generation 1579698701189315 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 44613 accept-ranges bytes cf-ray 6880997e593f4e9e-FRA cf-bgj imgq:85,h2pri
GET H3-29	200	69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A assets.ad4m.at/ Frame 5AE5	113 KB 114 KB	25ms 14ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/69E7FB78A72BC29D22049638675F152BD0F020C6E7E7DD83AC85D812D70F34E088215F53E301063143245A4B72ED47974DE7618A14B827D305F065371D2DBE4A Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=a93ea71c819e98155f38500b6a3abbb8%2F8622651632706915320&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338516&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h0c9mxsq761tvhg3fzkh03hwfcqcegv97yxt80dzz9pytac0h11r3x0sh82qwcath42csx8edwy9a88qyr1yv7be9xcqjhh6wnza6aee7z8fmpnzcck7sjy014v56vndbjh6br7c1068qw4339cf4d2s5td80nhqvrkvk87vsxcxv7n72ch2eqqejaxmcycsa1xjybdr94nh502s0v55y5d51rdafxgqgpc8xk1fy9jkxkz1647amfcs16xn6deq860mvzazhszc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCTIqj-ccvYffYL8On-wbDjpDwApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QfWyJ_iinIs3bkHdTHCHUOBrsO-oQRJ2Lz30kLd5fY1zpO1Xznl0zob6dXHIQr4r0qJvN6aMUIJo9jbhq4LY-7U3Tj7vBSP4DHPzWxv7uEHURmpIRh0tDHyHRnhW9nUeuDCx_hTGhw58i95WHIoDCPEJ3HCKz_k-rYxhxQcWyE6vXKelas8b9oo9G3nEFNl9NDFsGTEElh5_sqECzH7aVWrMc90xe6KtvohDkKhf6kF8TJdhG_IiZzvvLNceBgpXfCpCdB_uABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1k2Ld48m18tUfHbxcmSc9kCtfXFQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=0&z=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85a096c073faa7b2f0cd16adf42aef4c64f0e2b34dedcd1379b6cc48e126f7fa Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=UWAYGw==, md5=A1esecs/9FudVn6rgMfjTA== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 511143 cf-polished origFmt=png, origSize=136328 x-guploader-uploadid ADPycduj874xBwWers7A0rvM5jKeVfBW1MVoviMq067fpwP36KmZ5H_UxJMVWZkp4S1GZRvF8zE9V0jaBG58OyvE-DY x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 115268 last-modified Tue, 29 Oct 2019 09:42:57 GMT server cloudflare etag "0357ac79cb3ff45b9d567eab80c7e34c" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2BE2cIs1v9IelHU39kwAJlg5vQjAZkBl%2Fw9PpE7eDVeQLx0daYsyD0MF3gadtalb2Fpa1vMksl6Eb3gR7ub4%2FfNXkZOPrffPy5wiycDSQ83cWBGCiVmzbZcYj5CjbR5V9KNxv02YQ1m22Hrw"}],"group":"cf-nel","max_age":604800} x-goog-generation 1572342177666668 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 136328 accept-ranges bytes cf-ray 6880997e59424e9e-FRA cf-bgj imgq:85,h2pri
GET H/1.1	200 OK	cshow.php www.awin1.com/ Frame 5AE5	43 B 702 B	772ms 70ms	Image image/gif	104.111.239.217 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.awin1.com/cshow.php?s=2338586&v=11830&q=357066&r=412871&pv=1&pref3=oneide7RC3fVfYpcjHZHet1tbrzUjTQTx8Joneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=a93ea71c819e98155f38500b6a3abbb8%2F8622651632706915320&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338516&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h0c9mxsq761tvhg3fzkh03hwfcqcegv97yxt80dzz9pytac0h11r3x0sh82qwcath42csx8edwy9a88qyr1yv7be9xcqjhh6wnza6aee7z8fmpnzcck7sjy014v56vndbjh6br7c1068qw4339cf4d2s5td80nhqvrkvk87vsxcxv7n72ch2eqqejaxmcycsa1xjybdr94nh502s0v55y5d51rdafxgqgpc8xk1fy9jkxkz1647amfcs16xn6deq860mvzazhszc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCTIqj-ccvYffYL8On-wbDjpDwApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QfWyJ_iinIs3bkHdTHCHUOBrsO-oQRJ2Lz30kLd5fY1zpO1Xznl0zob6dXHIQr4r0qJvN6aMUIJo9jbhq4LY-7U3Tj7vBSP4DHPzWxv7uEHURmpIRh0tDHyHRnhW9nUeuDCx_hTGhw58i95WHIoDCPEJ3HCKz_k-rYxhxQcWyE6vXKelas8b9oo9G3nEFNl9NDFsGTEElh5_sqECzH7aVWrMc90xe6KtvohDkKhf6kF8TJdhG_IiZzvvLNceBgpXfCpCdB_uABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1k2Ld48m18tUfHbxcmSc9kCtfXFQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=0&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-111-239-217.deploy.static.akamaitechnologies.com Software / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Wed, 01 Sep 2021 18:35:39 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Cache-Control no-store, no-cache, max-age=0, must-revalidate Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Type image/gif Content-Length 43 Expires 0
GET H3-29	200	188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410 assets.ad4m.at/logo/ Frame 5AE5	8 KB 9 KB	44ms 34ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=a93ea71c819e98155f38500b6a3abbb8%2F8622651632706915320&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338516&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h0c9mxsq761tvhg3fzkh03hwfcqcegv97yxt80dzz9pytac0h11r3x0sh82qwcath42csx8edwy9a88qyr1yv7be9xcqjhh6wnza6aee7z8fmpnzcck7sjy014v56vndbjh6br7c1068qw4339cf4d2s5td80nhqvrkvk87vsxcxv7n72ch2eqqejaxmcycsa1xjybdr94nh502s0v55y5d51rdafxgqgpc8xk1fy9jkxkz1647amfcs16xn6deq860mvzazhszc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCTIqj-ccvYffYL8On-wbDjpDwApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QfWyJ_iinIs3bkHdTHCHUOBrsO-oQRJ2Lz30kLd5fY1zpO1Xznl0zob6dXHIQr4r0qJvN6aMUIJo9jbhq4LY-7U3Tj7vBSP4DHPzWxv7uEHURmpIRh0tDHyHRnhW9nUeuDCx_hTGhw58i95WHIoDCPEJ3HCKz_k-rYxhxQcWyE6vXKelas8b9oo9G3nEFNl9NDFsGTEElh5_sqECzH7aVWrMc90xe6KtvohDkKhf6kF8TJdhG_IiZzvvLNceBgpXfCpCdB_uABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1k2Ld48m18tUfHbxcmSc9kCtfXFQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=0&z=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 514302 cf-polished qual=85, origFmt=jpeg, origSize=16723 x-guploader-uploadid ADPycdsWB__4IqPBYYG7Kpds-Oh9NiwUdYDgeYBeMRDoFkaGpviNrqYfQBH9SobGtpzf_sMJli3KEJKiwZt5MukWKlUq4QX9PA x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 2 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 8354 last-modified Wed, 22 Jan 2020 13:13:07 GMT server cloudflare etag "04cb7ec205cea351157aeffb998f3a85" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RCJzgUvf%2BnJgFG3%2FBfKkn5WCj48J%2FvBS4OAQuDesJbu92liOiQhtVZ1D6HDuxPxO2ZdIQrDPiraMe2sUtiW5P8S%2F3F%2FdRUbMIOnL62Zm8vDetFDgZyR0D3lrjR6NQax34PStmowCQAMaCKra"}],"group":"cf-nel","max_age":604800} x-goog-generation 1579698787150900 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 16723 accept-ranges bytes cf-ray 6880997e59484e9e-FRA cf-bgj imgq:85,h2pri
GET H3-29	200	FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B assets.ad4m.at/product_image/ Frame 5AE5	30 KB 30 KB	44ms 34ms	Image image/webp	2606:4700:20::681a:bd1 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=a93ea71c819e98155f38500b6a3abbb8%2F8622651632706915320&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338516&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h0c9mxsq761tvhg3fzkh03hwfcqcegv97yxt80dzz9pytac0h11r3x0sh82qwcath42csx8edwy9a88qyr1yv7be9xcqjhh6wnza6aee7z8fmpnzcck7sjy014v56vndbjh6br7c1068qw4339cf4d2s5td80nhqvrkvk87vsxcxv7n72ch2eqqejaxmcycsa1xjybdr94nh502s0v55y5d51rdafxgqgpc8xk1fy9jkxkz1647amfcs16xn6deq860mvzazhszc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCTIqj-ccvYffYL8On-wbDjpDwApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QfWyJ_iinIs3bkHdTHCHUOBrsO-oQRJ2Lz30kLd5fY1zpO1Xznl0zob6dXHIQr4r0qJvN6aMUIJo9jbhq4LY-7U3Tj7vBSP4DHPzWxv7uEHURmpIRh0tDHyHRnhW9nUeuDCx_hTGhw58i95WHIoDCPEJ3HCKz_k-rYxhxQcWyE6vXKelas8b9oo9G3nEFNl9NDFsGTEElh5_sqECzH7aVWrMc90xe6KtvohDkKhf6kF8TJdhG_IiZzvvLNceBgpXfCpCdB_uABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1k2Ld48m18tUfHbxcmSc9kCtfXFQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=0&z=0 Protocol H3-29 Security QUIC, , AES_128_GCM Server 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers x-goog-hash crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g== date Wed, 01 Sep 2021 18:35:38 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 249513 cf-polished qual=85, origFmt=jpeg, origSize=81547 x-guploader-uploadid ADPycdshaSqQ24WpitH9jKkfFmURKTsmZPlBkDLtXQlt5GOx9BOsjNF_GQXRfV_MeQTdXbgICygfEUEbzTCJvQk7pGQTEMd_wQ x-goog-storage-class MULTI_REGIONAL x-goog-metageneration 1 x-goog-stored-content-encoding identity alt-svc h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400 content-length 30226 last-modified Thu, 09 Apr 2020 08:50:22 GMT server cloudflare etag "f7c8b1c28756e1f042414e043a02e1fa" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q6pIYGk8apZ5VXPYAL0NQa50cEa7wcSmZ4orM1tdsYtaIYLWR%2F5%2BRW%2F7%2FA%2BuG7Qs5yUPa0xh5IWMjSeGBMdZkNsPisIY6PI4YIvHzJRhFPQkd2mAXe0LglPUdAZRmu3ao7MAyJHrVqtiKHno"}],"group":"cf-nel","max_age":604800} x-goog-generation 1586422222365290 content-type image/webp expires Thu, 02 Sep 2021 18:35:38 GMT cache-control public, max-age=86400 x-goog-stored-content-length 81547 accept-ranges bytes cf-ray 6880997e594a4e9e-FRA cf-bgj imgq:85,h2pri
GET H/1.1	200	/ banner.congstar.de/cookie/ Frame 5AE5 Redirect Chain https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%... https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CPL_xam13vICFRI34AodzAIGdA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d... https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidbM4CQfZfmzVaYHbHztKtpb1txTJT5Weoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630521339_67f05ec0-0b53-11ec-bb85-692d07ad2270	0 518 B	93ms 54ms	Image text/plain	148.251.139.77 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630521339_67f05ec0-0b53-11ec-bb85-692d07ad2270 Requested by Host: as.ad4m.at URL: https://as.ad4m.at/ad/rar?a=14044%2C823%2C22451&b=e7RC3fVfxBVcjHZHet1teW3sjTQTx8J%2Ce7RC3fVfYpcjHZHet1tbrzUjTQTx8J%2CbM4CQfZfmzVaYHbHztKtpb1txTJT5We&f=DjeT3fwfbqPS3HmH9twCwAmFWTmTk8r%2CDjeT3fwfe9T3HmH9twCEjxTWTmTk8r%2C3PZfpf4fjz2C7HrHAtXCpY1t8TWTA14&c=300&d=250&e=&g=a93ea71c819e98155f38500b6a3abbb8%2F8622651632706915320&i=25007%2C9719%2C25174&j=16%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1630521338516&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1h0c9mxsq761tvhg3fzkh03hwfcqcegv97yxt80dzz9pytac0h11r3x0sh82qwcath42csx8edwy9a88qyr1yv7be9xcqjhh6wnza6aee7z8fmpnzcck7sjy014v56vndbjh6br7c1068qw4339cf4d2s5td80nhqvrkvk87vsxcxv7n72ch2eqqejaxmcycsa1xjybdr94nh502s0v55y5d51rdafxgqgpc8xk1fy9jkxkz1647amfcs16xn6deq860mvzazhszc%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCTIqj-ccvYffYL8On-wbDjpDwApDhgYRctqjCivACwI23ARABIABglQKCARdjYS1wdWItNDI5ODI1NjMxMDYyNjc3OaABwq7o3QPIAQmpAgObrqwH4rM-qAMBqgTHAU_QfWyJ_iinIs3bkHdTHCHUOBrsO-oQRJ2Lz30kLd5fY1zpO1Xznl0zob6dXHIQr4r0qJvN6aMUIJo9jbhq4LY-7U3Tj7vBSP4DHPzWxv7uEHURmpIRh0tDHyHRnhW9nUeuDCx_hTGhw58i95WHIoDCPEJ3HCKz_k-rYxhxQcWyE6vXKelas8b9oo9G3nEFNl9NDFsGTEElh5_sqECzH7aVWrMc90xe6KtvohDkKhf6kF8TJdhG_IiZzvvLNceBgpXfCpCdB_uABvG6vsHMg5-1_AGgBiGoB6a-G6gH8NkbqAfy2RuoB-zVG6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1k2Ld48m18tUfHbxcmSc9kCtfXFQ%252526client%25253Dca-pub-4298256310626779%252526adurl%25253D&y=0&z=0 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.77.139.251.148.clients.your-server.de Software Apache / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Pragma no-cache Date Wed, 01 Sep 2021 18:35:39 GMT Server Apache P3P CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" Cache-Control no-cache, no-store, must-revalidate Connection Keep-Alive Keep-Alive timeout=5, max=100 Content-Length 0 Redirect headers Date Wed, 01 Sep 2021 18:35:39 GMT Strict-Transport-Security max-age=86400 P3P policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV" Location https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1630521339_67f05ec0-0b53-11ec-bb85-692d07ad2270 Awin-Akamai-Rule-Set default Node Helix Connection keep-alive Content-Length 0
GET H/1.1	200 OK	jot.html Show response platform.twitter.com/ Frame 4C88 Redirect Chain https://syndication.twitter.com/i/jot https://platform.twitter.com/jot.html	80 B 569 B	24ms 6ms	Document text/html	2606:2800:234:59:254c:406:2366:268c EDGECAST
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/jot.html Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/files/iframe.html Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECS (frb/669F) / Resource Hash 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88 Request headers Host platform.twitter.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 Origin http://beyondhallyu.com Content-Type application/x-www-form-urlencoded User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers Accept-Ranges bytes Access-Control-Allow-Methods GET Access-Control-Allow-Origin * Age 4352 Cache-Control public, max-age=315360000 Content-Type text/html; charset=utf-8 Date Wed, 01 Sep 2021 18:35:39 GMT Etag "d9592a6c704736fa4da218d4357976dd" Last-Modified Mon, 02 Aug 2021 20:34:56 GMT P3P CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" Server ECS (frb/669F) X-Cache HIT x-tw-cdn VZ Content-Length 80 Redirect headers date Wed, 01 Sep 2021 18:35:39 GMT pragma no-cache server tsa_o status 302 Found expires Tue, 31 Mar 1981 05:00:00 GMT location https://platform.twitter.com/jot.html content-type text/html;charset=utf-8 cache-control no-cache, no-store, must-revalidate, pre-check=0, post-check=0 last-modified Wed, 01 Sep 2021 18:35:39 GMT x-transaction 294100ee657de35d content-length 0 x-frame-options SAMEORIGIN x-xss-protection 0 x-content-type-options nosniff x-twitter-response-tags BouncerCompliant strict-transport-security max-age=631138519 x-connection-hash 7e07bf3929849172efbcfc887d8bad8b7fd90382cff72840003f87b6d7d2285f
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/ Frame F1E2	11 KB 8 KB	19ms 19ms	XHR application/json	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210830&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4298256310626779&plah=beyondhallyu.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash d5378b24264d672a6603e5e5ffbfc53f88cdfc84944a2cca4e3441967abc24f5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers timing-allow-origin * date Wed, 01 Sep 2021 18:35:39 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" access-control-allow-origin * cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/json; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8418 x-xss-protection 0
GET H2	200	fs0ib8oitwYFqLdNZ2p6 ok6static.oktacdn.com/fs/bco/7/	104 KB 105 KB	54ms 54ms	Image image/jpeg	65.9.71.16 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ok6static.oktacdn.com/fs/bco/7/fs0ib8oitwYFqLdNZ2p6 Requested by Host: beyondhallyu.com URL: http://beyondhallyu.com/gamest/HomeLogin/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.71.16 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash 9b7bb3dd9f98a308db3a6d44c46327a96bf2bbf0d2e13ca1c4926e747d976f92 Security Headers Name Value Strict-Transport-Security max-age=315360000; includeSubDomains Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Mon, 30 Aug 2021 17:58:22 GMT via 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront) age 175037 x-cache Hit from cloudfront content-length 106182 last-modified Wed, 07 Aug 2019 20:19:29 GMT server nginx etag "82cda7027bfcc4e0b32586792bf520dd" strict-transport-security max-age=315360000; includeSubDomains public-key-pins-report-only pin-sha256="r5EfzZxQVvQpKo3AgYRaT7X2bDO/kj3ACwmxfdT2zt8="; pin-sha256="MaqlcUgk2mvY/RFSGeSwBRkI+rZ6/dxe/DuQfBT/vnQ="; pin-sha256="72G5IEvDEWn+EThf3qjR7/bQSWaS2ZSLqolhnO6iyJI="; pin-sha256="rrV6CLCCvqnk89gWibYT0JO6fNQ8cCit7GGoiVTjCOg="; max-age=60; report-uri="https://okta.report-uri.com/r/default/hpkp/reportOnly" access-control-allow-origin * cache-control max-age=31536000, public,max-age=31536000,s-maxage=1814400 x-amz-cf-pop FRA56-C1 accept-ranges bytes content-type image/jpeg x-amz-cf-id Udhqegz1QanKtJGNT8FDDQZRs1kBbncItnseZR1CkAV0jRQ0_oWRuA== expires Tue, 30 Aug 2022 17:58:22 GMT
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/ Frame F1E2	17 KB 6 KB	15ms 14ms	Script text/javascript	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108310101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4298256310626779&plah=beyondhallyu.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 18:35:39 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "1624308425655142" vary Accept-Encoding content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 6467 x-xss-protection 0 expires Wed, 01 Sep 2021 18:35:39 GMT
GET H3-29	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/224/ Frame 57C6	12 KB 5 KB	8ms 7ms	Document text/html	2a00:1450:4001:813::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority tpc.googlesyndication.com :scheme https :path /sodar/sodar2/224/runner.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://beyondhallyu.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer http://beyondhallyu.com/ Response headers accept-ranges bytes vary Accept-Encoding content-encoding gzip content-type text/html cross-origin-resource-policy cross-origin content-length 5029 date Wed, 01 Sep 2021 18:14:03 GMT expires Thu, 01 Sep 2022 18:14:03 GMT last-modified Wed, 02 Jun 2021 17:09:45 GMT x-content-type-options nosniff server sffe x-xss-protection 0 cache-control public, max-age=31536000 age 1296 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 08FB	783 B 827 B	17ms 17ms	Document text/html	2a00:1450:4001:830::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 28d18d0df007c6a17790e5c6741e5c6a811a8c17efd8231ce41275bb13fe3679 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-2UAt/JLuTJQuwxKdLHCobQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers :method GET :authority www.google.com :scheme https :path /recaptcha/api2/aframe pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer http://beyondhallyu.com/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Referer http://beyondhallyu.com/ Response headers expires Wed, 01 Sep 2021 18:35:39 GMT date Wed, 01 Sep 2021 18:35:39 GMT cache-control private, max-age=300 content-type text/html; charset=utf-8 content-security-policy script-src 'report-sample' 'nonce-2UAt/JLuTJQuwxKdLHCobQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-encoding gzip x-content-type-options nosniff x-xss-protection 1; mode=block content-length 512 server GSE alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-29	200	3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js Show response pagead2.googlesyndication.com/bg/ Frame 57C6	35 KB 13 KB	11ms 11ms	Script text/javascript	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dd5042c5032e15e7e537795d9d7213ed842dc3c40f9bedc896ec5fa4af157f47 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers date Wed, 01 Sep 2021 09:13:15 GMT content-encoding br x-content-type-options nosniff age 33744 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13381 x-xss-protection 0 last-modified Mon, 23 Aug 2021 08:38:00 GMT server sffe vary Accept-Encoding content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 01 Sep 2022 09:13:15 GMT
GET H3-29	204	sodar pagead2.googlesyndication.com/pagead/ Frame F1E2	0 0	48ms 47ms	Image text/html	2a00:1450:4001:82a::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210830&jk=1510762985781329&bg=!EBOlE1fNAAZOkH6FTpA7ACkAdvg8WnwjQZyo6cHgomTVbzzNC0g4YMK_C_zr3tImkAEYKMBl4s9cAQIAAABwUgAAAA5oAQcKAGnj04o78Llmfd_9d9OPvBYn0_ZP0U-kxHgmaFcYeojQ8C9MYA5Tm_PrwH8lPxHDHzL82Yz2Bm7ePcfB1g7pecrb5vDc8s1v8u-WzFk_1fUQSWaAjidG-JpQlDdKsnWfIHuaUMs-ixvQNh-ZAp2AsvmgmvOaa44ffAajIFVOYVBWbQIXVKy8wks8RIRpe4hUqc7xBC1AzFtPQI46SE7TEzCvvUckV-oo0tqKGkci6RMHBHgDh6SrVbWTnnBA3_jK-yQm-OmoDsk8ezMGPlNBrbDMOVrkFTm1DKa2-Qkv04fQy-cCr5IHFdPTbq7zr6wSfEm5mAYAtq-xv6WZjLFhCCZ6fL12iSPaes10np4CN8o5jcTIlBni5tPx_xCN3n3W8aITy8p_am6vHqaZHhFhI6pTklhwnm6ehVkHuRecE6FxessBd6mJHCeL4g4wWg6Ka9O8hRQ6-m9c7YJ36nGXapmWMl3tdsu-ECIQg-m2cXmXy9s2Sp3692caUHR_7kevhxOWg0Oni01HhqpqEBWBXf_HpJwyJ93HlW16TbcyIL6FPR-SMig1v5Sw2DCpqP3bYO-3JU5juuVMWy6G0CaeA3BajH0tp6pTgf2bRFHl5k7yS8Rq8WOJttmfAdzquD83hamjGdSR3vsI7drx7Sv_X5QpasjDLU_XwPZSQM8g27eQjc00-VNnqHTgT55Tg0-O_BOn8v34CEKUZEZN2air1lSZuPf6OICRTvF5KfSaEU2ohTgs3KIRQOGjjo2LkFaEMuV82Pm6cMQhppBOuy_iiBClb8S6NLUia3nGlRbQWrsE95gdew-ytlcsr7k7lAwx_kMTZ8WA-_QTblac49MyvMovQaD8UX-PYUuANIYSRsgSL_vdpfZbVzvzP6E9UMlVaiT4sI7Aa4E7Ic22RZsWQrJzOYztmnZ3mXgC4KWJ8Q1u3c_5IxcO8lhmxMCLUoACLjGb1I5eRP_stIC8YlaiKCh1BWxw7NXvkqCYELyEPXSSgNvb1voSwzVaLlsN2B0RRNQ2OxQRN-oYZ4o Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer http://beyondhallyu.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36 Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-0PrwJv-pcEoJ8peywAABJ4AAAIB&google_push=AYg5qPKjeambGSnwFcJgXDRidoz7qoe3_LGmMHBbezLDLOpBNirqSWcEYrZ8_EN0fCz1VhpWTYB_blRK9RzNfQgAgaC0YlpArPot&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPJBZP5J0HuBUdrPoHDxi96-flL-zpuOJSw0Pkwq0c_EyPo2ni0_Gw9dfPqL-rJr9NF48DHrsKtNS4-prW6yz9YuKOEff4et&google_cver=1

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2T0AAABJ4AAAIB&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPLOwZOoIUNJMqDDFOcOFxOmJutAXmnSLXRZgfoJoQy8Jc7QUxn3LnO43xnYzytMQEwA_a6tMAIq0ElYoQpqRkQKN7_je5jmZJ4Ng2PnWseH1w4dFUgnP1JOlEZXHzXjM4wr0lg1PbY&google_cver=1

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-6Qfkt6Nv_dNN4_X1AAABF8AAAIB&google_cver=1&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_push=AYg5qPK2A5heAHepk9L7sxO7ZL6lLTmqD9thXFAYQeIxPLUeZ8kO_05A-YwlbTSssF128n4e0r_4-eosP85DuWdmXOKFGTsumvtFPxqn6mLIx1ukI088Vvdf0YwUx9629oLwLcksrsv3r2I

Domain

cm.g.doubleclick.net

URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YS_H-1VnilQmAycVrv2TzwAABHwAAAAB&google_push=AYg5qPKEncnE3ZZL7iPz-ss7zw8FDBRR54kkhmHXvybD9W9S1L1OfBCEItGqwVvSTHDdbiUhtd1sY1VBYsRsbuJpGDltFUHcOQ&google_gid=CAESEEaa6jrctIyaaIimMjWC-CE&google_cver=1