lihkg.com Open in urlscan Pro
2606:4700::6811:d5c1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lihkg.com/thread/3470022/page/2
Submission: On August 29 via api (August 29th 2023, 10:38:42 pm UTC) from US — Scanned from DE

Summary HTTP 435 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 51 IPs in 11 countries across 52 domains to perform 435 HTTP transactions. The main IP is 2606:4700::6811:d5c1, located in United States and belongs to CLOUDFLARENET, US. The main domain is lihkg.com. The Cisco Umbrella rank of the primary domain is 102956.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 14th 2023. Valid for: a year.

This is the only time lihkg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 54	2606:4700::68... 2606:4700::6811:d5c1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
42	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
3 21	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
12	108.128.215.42 108.128.215.42	16509 (AMAZON-02) (AMAZON-02)
6	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
6	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
28	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
7	87.248.100.137 87.248.100.137	34010 (YAHOO-IRD) (YAHOO-IRD)
7	2a00:1288:110... 2a00:1288:110:c204::b000	34010 (YAHOO-IRD) (YAHOO-IRD)
4	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
40	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
60	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 29	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
4 4	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
4 4	216.52.2.91 216.52.2.91	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
3 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:5341:747:cc9:c512	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.7.11 178.250.7.11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 4	172.64.148.101 172.64.148.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	2600:9000:211... 2600:9000:211e:3800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
3 3	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
1 2	2.16.97.41 2.16.97.41	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2606:4700:20:... 2606:4700:20::ac43:444e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.50.63.74 52.50.63.74	16509 (AMAZON-02) (AMAZON-02)
3	52.57.100.136 52.57.100.136	16509 (AMAZON-02) (AMAZON-02)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
2	185.86.139.94 185.86.139.94	201081 (SMARTADSE...) (SMARTADSERVER)
5	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
10	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400f:804::2003	15169 (GOOGLE) (GOOGLE)
2 5	104.64.118.247 104.64.118.247	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2606:4700::68... 2606:4700::6810:c0cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8 8	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
8 8	84.200.5.215 84.200.5.215	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
4	167.233.13.224 167.233.13.224	24940 (HETZNER-AS) (HETZNER-AS)
6	3.10.47.90 3.10.47.90	16509 (AMAZON-02) (AMAZON-02)
2	18.66.147.120 18.66.147.120	16509 (AMAZON-02) (AMAZON-02)
2	99.86.4.94 99.86.4.94	16509 (AMAZON-02) (AMAZON-02)
6	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
4	35.179.59.129 35.179.59.129	16509 (AMAZON-02) (AMAZON-02)
8	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
4	2a04:4e42::300 2a04:4e42::300	() ()
3	141.226.224.32 141.226.224.32	() ()
1	151.101.65.44 151.101.65.44	() ()
435	51

54 2606:4700::6811:d5c1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lihkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.lihkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adv.lihkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pb.lihkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 108.128.215.42 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-215-42.eu-west-1.compute.amazonaws.com

prebid.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

cpm.bidmyqps.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

hb.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 87.248.100.137 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o2.ycpi.vip.ir2.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1288:110:c204::b000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
videos.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

60 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 142.250.186.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.2.234 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.52.2.91 (United States) 4 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 3 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:5341:747:cc9:c512 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.11 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.148.101 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:3800:1b:5138:8a40:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.89.9.253 (London, United Kingdom) 3 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.97.41 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-97-41.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:20::ac43:444e (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.50.63.74 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-63-74.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.100.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-100-136.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400f:804::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.64.118.247 (Prague, Czech Republic) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-118-247.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:c0cb (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.70 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 84.200.5.215 (Germany) 8 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

www.telefonica-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.lead-alliance.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 167.233.13.224 (Hallbergmoos, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.224.13.233.167.clients.your-server.de

partner.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 3.10.47.90 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-10-47-90.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-120.fra60.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-94.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 162.210.196.208 (Fairfax, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.179.59.129 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-179-59-129.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42::300 (None, )

ASN- ()

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.224.32 (None, )

ASN- ()

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (None, )

ASN- ()

tsdtocl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
70	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 33567 ad4m.at — Cisco Umbrella Rank: 11581 assets.ad4m.at — Cisco Umbrella Rank: 43002	4 MB
70	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 116 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	1 MB
57	doubleclick.net 12 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 stats.g.doubleclick.net — Cisco Umbrella Rank: 93 cm.g.doubleclick.net — Cisco Umbrella Rank: 242 ad.doubleclick.net — Cisco Umbrella Rank: 175	276 KB
55	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 990 trc.taboola.com — Cisco Umbrella Rank: 629 am-trc-events.taboola.com — Cisco Umbrella Rank: 15028 images.taboola.com — Cisco Umbrella Rank: 1861 videos.taboola.com — Cisco Umbrella Rank: 16103 pips.taboola.com cds.taboola.com	1 MB
54	lihkg.com 1 redirects lihkg.com — Cisco Umbrella Rank: 102956 cdn.lihkg.com — Cisco Umbrella Rank: 132228 adv.lihkg.com — Cisco Umbrella Rank: 156306 pb.lihkg.com — Cisco Umbrella Rank: 152650	1 MB
17	yahoo.com 1 redirects ads.yap.yahoo.com — Cisco Umbrella Rank: 14781 geo.yahoo.com — Cisco Umbrella Rank: 1508 ups.analytics.yahoo.com — Cisco Umbrella Rank: 325 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 458	4 KB
14	smaato.net 2 redirects prebid.ad.smaato.net — Cisco Umbrella Rank: 8084 s.ad.smaato.net — Cisco Umbrella Rank: 783	5 KB
12	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3101 www.google.com — Cisco Umbrella Rank: 2	4 KB
12	aralego.com hb.aralego.com — Cisco Umbrella Rank: 26902 sync.aralego.com — Cisco Umbrella Rank: 2755	3 KB
10	ad4mat.net static-de.ad4mat.net — Cisco Umbrella Rank: 177820 prod-rtb.ad4mat.net — Cisco Umbrella Rank: 143599	19 KB
7	yimg.com s.yimg.com — Cisco Umbrella Rank: 602	207 KB
6	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 29464 api.webgains.io — Cisco Umbrella Rank: 74714	37 KB
6	webgains.com track.webgains.com — Cisco Umbrella Rank: 47454	4 KB
6	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1120	913 B
6	bidmyqps.xyz cpm.bidmyqps.xyz — Cisco Umbrella Rank: 65306	2 KB
5	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 18043	3 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 222	283 KB
4	lead-alliance.net 4 redirects www.lead-alliance.net — Cisco Umbrella Rank: 73054	1 KB
4	telefonica-partner.de 4 redirects www.telefonica-partner.de — Cisco Umbrella Rank: 72418	1 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 484	3 KB
4	lijit.com 4 redirects ap.lijit.com — Cisco Umbrella Rank: 690	3 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 597	3 KB
4	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 89702	31 KB
4	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 435 mug.criteo.com — Cisco Umbrella Rank: 2707 dis.criteo.com — Cisco Umbrella Rank: 626	8 KB
3	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 352	436 B
3	pubmatic.com 3 redirects image6.pubmatic.com — Cisco Umbrella Rank: 769	1 KB
3	onetag-sys.com 3 redirects onetag-sys.com — Cisco Umbrella Rank: 771	1000 B
2	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 92383	109 KB
2	blau.de partner.blau.de — Cisco Umbrella Rank: 157155	3 KB
2	o2online.de partner.o2online.de — Cisco Umbrella Rank: 77870	3 KB
2	conrad.de www.conrad.de — Cisco Umbrella Rank: 89079	805 B
2	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 814	89 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 782	348 B
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1339	449 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 391	957 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 565	2 KB
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 46289	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	150 KB
1	tsdtocl.com tsdtocl.com	1 KB
1	gstatic.com csi.gstatic.com	234 B
1	360yield.com match.360yield.com — Cisco Umbrella Rank: 2028	199 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 364	460 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 1116	728 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3135	104 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1251	573 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2412	54 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 621	13 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6490	408 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 45	917 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 334	2 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1024	7 KB
0	appier.net Failed gocm.c.appier.net — Cisco Umbrella Rank: 2451 Failed ad2.apx.appier.net — Cisco Umbrella Rank: 49608 Failed
435	52

	Domain	Requested by
42	pagead2.googlesyndication.com	lihkg.com pagead2.googlesyndication.com tpc.googlesyndication.com pb.lihkg.com googleads.g.doubleclick.net www.googletagservices.com
30	assets.ad4m.at	as.ad4m.at
29	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
28	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
23	cdn.lihkg.com	lihkg.com cdn.lihkg.com
21	cdn.taboola.com	ad.sitemaji.com cdn.taboola.com
20	ad4m.at	as.ad4m.at ad4m.at
20	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
20	pb.lihkg.com	cdn.lihkg.com pb.lihkg.com pagead2.googlesyndication.com
16	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
12	prebid.ad.smaato.net	cdn.lihkg.com pb.lihkg.com
10	trc.taboola.com	cdn.taboola.com
10	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
8	images.taboola.com	cdn.taboola.com
8	am-trc-events.taboola.com
8	ad.doubleclick.net	8 redirects
8	lihkg.com	1 redirects cdn.lihkg.com lihkg.com static.cloudflareinsights.com
7	geo.yahoo.com	pb.lihkg.com s.yimg.com
7	ads.yap.yahoo.com	s.yimg.com
7	s.yimg.com	pb.lihkg.com ad.sitemaji.com
6	sync.aralego.com	pb.lihkg.com
6	track.webgains.com	as.ad4m.at
6	partner.googleadservices.com	pagead2.googlesyndication.com
6	hb.aralego.com	cdn.lihkg.com pb.lihkg.com
6	cpm.bidmyqps.xyz	cdn.lihkg.com pb.lihkg.com
5	www.awin1.com	2 redirects as.ad4m.at
5	prod-rtb.ad4mat.net	googleads.g.doubleclick.net
5	static-de.ad4mat.net	as.ad4m.at
5	www.googletagservices.com	googleads.g.doubleclick.net
4	pips.taboola.com	cdn.taboola.com
4	api.webgains.io	analytics.webgains.io
4	www.lead-alliance.net	4 redirects
4	www.telefonica-partner.de	4 redirects
4	ssum-sec.casalemedia.com	4 redirects
4	ap.lijit.com	4 redirects
4	c1.adform.net	4 redirects
4	ad.sitemaji.com	pb.lihkg.com
3	cds.taboola.com	cdn.taboola.com
3	x.bidswitch.net	googleads.g.doubleclick.net
3	image6.pubmatic.com	3 redirects
3	onetag-sys.com	3 redirects
3	adv.lihkg.com	lihkg.com adv.lihkg.com
3	securepubads.g.doubleclick.net	lihkg.com securepubads.g.doubleclick.net googleads.g.doubleclick.net
2	cdn.track.production.webgains.team	as.ad4m.at
2	analytics.webgains.io	track.webgains.com
2	partner.blau.de	as.ad4m.at
2	partner.o2online.de	as.ad4m.at
2	www.conrad.de	as.ad4m.at
2	ssbsync.smartadserver.com	googleads.g.doubleclick.net
2	rtb.openx.net	googleads.g.doubleclick.net
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	s.ad.smaato.net	2 redirects
2	ups.analytics.yahoo.com	googleads.g.doubleclick.net
2	eb2.3lift.com	2 redirects
2	sync.1rx.io	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	gum.criteo.com	1 redirects static.criteo.net
2	region1.analytics.google.com	www.googletagmanager.com
2	www.googletagmanager.com	lihkg.com www.googletagmanager.com
1	tsdtocl.com	cdn.taboola.com
1	videos.taboola.com
1	csi.gstatic.com	securepubads.g.doubleclick.net
1	match.360yield.com	googleads.g.doubleclick.net
1	pixel.rubiconproject.com	1 redirects
1	sync.mathtag.com	1 redirects
1	dis.criteo.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	sync.targeting.unrulymedia.com	1 redirects
1	mug.criteo.com
1	region1.google-analytics.com	www.googletagmanager.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	fonts.googleapis.com	cdn.lihkg.com
1	cdn.jsdelivr.net	cdn.lihkg.com
1	static.cloudflareinsights.com	lihkg.com
0	ad2.apx.appier.net Failed	pb.lihkg.com
0	gocm.c.appier.net Failed
435	79

This site contains links to these domains. Also see Links.

Domain
lih.kg
itunes.apple.com
market.android.com
fb.me
instagr.am
twitter.com
help.lihkg.com

Subject Issuer	Validity	Valid
lihkg.com Cloudflare Inc ECC CA-3	`2023-05-14` - `2024-05-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
smaato.net Sectigo ECC Domain Validation Secure Server CA	`2022-09-19` - `2023-09-19`	a year	crt.sh
bidmyqps.xyz R3	`2023-08-12` - `2023-11-10`	3 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-14` - `2023-10-04`	2 months	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-14` - `2023-10-04`	2 months	crt.sh
yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-02` - `2023-10-25`	6 months	crt.sh
feebee.com.tw R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2023-07-31` - `2023-10-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M01	`2023-02-28` - `2023-10-28`	8 months	crt.sh
tsdtocl.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-15` - `2023-12-31`	a year	crt.sh

This page contains 61 frames:

Primary Page: https://lihkg.com/thread/3470022/page/2
Frame ID: 7498C978DE78EDDA007C3C4E557E5C1B
Requests: 57 HTTP requests in this frame

Frame: https://lihkg.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/invisible.js
Frame ID: 4E55C669EB9DC39E37334587C386176B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/zrt_lookup.html
Frame ID: DF3C614853C852935027A5A32CF3279A
Requests: 1 HTTP requests in this frame

Frame: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19
Frame ID: EBC738284185537D87A68979C7D97150
Requests: 14 HTTP requests in this frame

Frame: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19
Frame ID: E52B68F11468D8E9A723485012F0C0A1
Requests: 14 HTTP requests in this frame

Frame: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19
Frame ID: DBCCC8F07278B44870EF708420457CB0
Requests: 14 HTTP requests in this frame

Frame: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19
Frame ID: 2D3F7F816F8CF43BFE3DE7CCA358C61F
Requests: 14 HTTP requests in this frame

Frame: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19
Frame ID: 4A1110284FD9D61DD02651A9FDB8D8B2
Requests: 14 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=lihkg.com
Frame ID: 9BB27DBF3F4FDBE1E88099F0399E9172
Requests: 2 HTTP requests in this frame

Frame: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
Frame ID: 006C568C57A183DA007C459FD08EB5A1
Requests: 5 HTTP requests in this frame

Frame: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
Frame ID: F2C96EF70EE16B0BC4FBD7C3340B53F4
Requests: 5 HTTP requests in this frame

Frame: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
Frame ID: EF4232C97894CE248EFC0DDCECBCBBAB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3240616428100660&output=html&h=250&slotname=9808563034&adk=532204820&adf=2944989679&pi=t.ma~as.9808563034&w=320&lmt=1693341513&format=320x250&url=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F2&region=16933487131451010&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348713213&bpp=1&bdt=1196&idt=394&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&correlator=6316771326656&frm=20&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348714&ga_hid=705413750&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=4690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076839%2C31077323%2C44798934%2C31077504&oid=2&pvsid=4485397768541698&tmod=1179280563&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=6g9RXyJr3j&p=https%3A//lihkg.com&dtd=397
Frame ID: CA29AB13D8010137FC07051B847A002A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&adk=1812271804&adf=3025194257&lmt=1693341513&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x945_r&format=0x0&url=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F2&ea=0&region=16933487131447980&pra=7&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348713229&bpp=3&bdt=1211&idt=392&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250&nras=1&correlator=6316771326656&frm=20&pv=1&ga_vid=544351479.1693348713&ga_sid=1693348714&ga_hid=705413750&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076839%2C31077323%2C44798934%2C31077504&oid=2&pvsid=4485397768541698&tmod=1179280563&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=411
Frame ID: A4EE3D8DF3BB7788586121DC964B7230
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B0BD0633B51526114DDC367C6705020F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: DDC135299649461257A224DFC9A5E586
Requests: 2 HTTP requests in this frame

Frame: https://pb.lihkg.com/smj?theme=light&passback=1&platform=mobile-web&is_mobile=1
Frame ID: D897C547313744534D7B1277E9FC54D7
Requests: 21 HTTP requests in this frame

Frame: https://pb.lihkg.com/smj?theme=light&passback=1&platform=mobile-web&is_mobile=1
Frame ID: 3686BFA2B61B417F704B207A57C47BEA
Requests: 17 HTTP requests in this frame

Frame: https://pb.lihkg.com/smj?theme=light&passback=1&platform=mobile-web&is_mobile=1
Frame ID: BAAB30EE7C3DB339D91423C50657D18B
Requests: 21 HTTP requests in this frame

Frame: https://pb.lihkg.com/smj?theme=light&is_mobile=1
Frame ID: 718F0AD20E4D4A1C8EEF54F9E67B6C6C
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755400&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714473&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714638&bpp=3&bdt=1271&idt=240&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7491394414690&rume=1&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=1245674851&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077323%2C42531706%2C31076998%2C31061691%2C31061692&oid=2&pvsid=2345678649997198&tmod=867716125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kpazsdq18uxg&fsb=1&dtd=258
Frame ID: 4A91BBBAA130987DFEE9A87DEE30DFAF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714542&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714768&bpp=4&bdt=1394&idt=224&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7010718715925&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=246262387&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077323%2C31077369%2C31077371%2C31077488%2C44795922%2C31077451&oid=2&pvsid=3972637629488550&tmod=1229654141&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6kvmdq7en2vx&fsb=1&dtd=237
Frame ID: 991818FDB092168D95CC145B53872353
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714545&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714829&bpp=4&bdt=1442&idt=220&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7303162312974&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=549433589&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C31077318%2C31077324%2C31077369%2C42531706&oid=2&pvsid=3629789203006036&tmod=1107824513&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.d2av7eahhq6n&fsb=1&dtd=237
Frame ID: 59E4124BC847D81107F01356D29ECFFB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714544&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714786&bpp=3&bdt=1411&idt=291&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=4817295681634&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=1650869316&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31077444%2C44796632&oid=2&pvsid=3439189426482461&tmod=1904511278&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.coj4yux3obvd&fsb=1&dtd=306
Frame ID: 42241F185B0C48906248D72A10602B22
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ED0DACEB5FE402D152EE740260CD8016
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 00AA60E22DE682D1C8353392116D2605
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755403&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714565&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714854&bpp=4&bdt=1451&idt=265&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=5269668770285&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=812375166&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759842%2C44795922&oid=2&pvsid=3930112406842115&tmod=910314556&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzxbdl7zmzy2&fsb=1&dtd=278
Frame ID: 8F7BE4062568FDFA6301A5F86FC09B73
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h4x0j05v3njyh4nwt299afvbf2dfxrsfvwm7asttg8xrrnj8k9f8mtevta97nemnfy9n5tvzgpf6qx5defnxggype8jnc7wv25pps0779vrn8msa3zv6de010mw96sqcpj2mgk2fg848bfvfshp3zsc6bcgx13f9bxdj23n0mrf7tbgp7n7mjwd29zkshgwq8hzpdn63kq6c6e8s058gha70wk9tcw2mqnydex70b680zmhf7vf9j023ptqdmyrb70fb2gjgxjt1rxd2vvw7weksd3cjgessg9ds4qw5n5pr7pv5y6mtw5szej0d0rv7capeze8gff0r5bs15drzpmb4n9jehata24bmqjz674f4gv58qdyftsmys3ypfgnkevh12j94txcjbdeqfmz4nmwm613rjezkfztvdn8c1j3gvdkzxakp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaK00anPuZI2tOb2rxdwPp6ynwAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0EmmIu_lqMqk0Iusz65i75rrDA2axZMeQv4e3qdPQ2GT4rS-Kd92jenSmaiiVnsXHDxdBa4m_0mSDVun61noCjNTwOcRLkp5kMly3lA4HuhBP2VnJwjJ3D6lGYezxrmGX3QO8LJD2p73ICDyigbqjjAyh-AsxMGLvoCUnGJVr2Dj4UElgVybUaRaZ_zHun3G0ba9TSUEBqy_2CSS7hb65x7mUSQ3uUyZs5cRj2dbHoDCly4ruwahr11ZQnuFg7qlRURd2N6GZfLo4C8AOLa3T5rZUE5aN1x8Zr7MkMtRgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1SNNydTNsNsG6JOWbnKJqXBkIMdg%26client%3Dca-pub-1983042674979462%26adurl%3D
Frame ID: 3673E71D6F1111D0EDCBF2404A532352
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Frame ID: 99E1CCF3E4D6DFE6C9EA3BBDBFB7F55C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A541F30FA53438339186303EA6FC26E8
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2F816AF7BDE625C9B027A2EA502B1801
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 41B37E4BAA5CAF95C6D18A18EB2BC34A
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1ge89aka5b0k19xtwwr3t0rmctnq61f65geq2xpf29dn7310k06qdfey9z34abnhwfgd87pf2b68k5r9tym4gescnzazt12p13vvpvvbrqs5c28crd1nyj4wngc3efxrjrv4zmecmmqqftqw2765ha5gpwhrpwwzz22zfsxyn96s3m71jk19q31dvcqv0kzfq9rg93nne8xcb7692tqa93sghyre4q3gy9w3fdem1f4ewc4v5w6qasb94d5gxpf2k7wpwdxbdj7gecacb16ayxwgc3phqbaz8yseraeegh3d21k27eqsvdd3sxbtxhd98yxsvvg5qp6ws6w9xkpt2y4k55fdp91g7acxr3vtf3edgbmgpaw04cter94hvkp8yf1g2w4vhyt4hmya2n2wgnvpnymj32wrk2djmctgs6kr1x2p8wz1r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnmXDa3PuZKv3AsG_iQbP24zAApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAkMw1AwpOrI-qAMByAMCqgTfAU_QreRdUiG4UX9FwAmI4A_RG-MbbhpRZLhys7Pv6qpbnA-opQN7hCcEXndNf1ZdWkZzMuREBcEToOsbma4OaqeD4JbbcY6iYRYw96i1FlvFLLG_zLQFE4KgBuhAUIdIOtZ_D_BVsdpupE-pRzY3FuGFcdlUBm909ehPLB9bf5BIFBySrbSTDThHCH67f2SSKlJpgrg34nn56AFKiruVks7_qo0XnXTDF80qTSvzvbS1PBWZEhuVdvFclfy5GZzpkmB9MWbElP3RLMvIe2hdpGKiIl9hqoUDyW-MeDXctVqABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1o6l6UCftJRnKTFMF1HJ2x8MT-7A%26client%3Dca-pub-1983042674979462%26adurl%3D
Frame ID: E830009396E5550B936D634DBB10D234
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Frame ID: AEF6C5B9E749A76168BECB6EBC9B69B5
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: CE89576028A4822A2700AA5DBA26AC6C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C6FEC8AA59D502FB2EC6921D36C3110C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EF575181B69D0242D4B75ABC1A1CD1E9
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hvhjq58hxyrh0arb5atbtja2d4pf1wmvbgczzwcbsnkw7n52s0jezcjz0ez10kfhnvyakyyn888vmg6e2f3zn9hdmwn2cagvmc2hk2xmcz7vdx7v6ergbye12p5vpg0bfc0ynsbv4ahjxe197d5r600fy7cf4575r5wkbr7rnxfc6yjnb89rnwjefnfyqgz4jenamn4pc1b4m835n7b28qj3n31ygt59na5xyjwetqks1h1jgdcy5618n29bs34z12a5vrb63ry0ffw4ted0g6q3hztrq894kyzmmdz2dvwwkd1cz9exvx1t414mh8n3ebz5s4hdzv139xpze6f618jx1ge6y25c40f5g2dzmtv3jk6pwjmaxw5jv38fr8v6a0fc69zxd75na8mhzxvck787kb5n5v56zmaj3s3cndzc34eb4rb8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuT1ra3PuZPWpCNWI-cAP2vCToAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3gFP0DQmdCM2ZUlm2ERh7WYrD7lgiE3OYwNXyi41h9cd3E2pMTiYysBTo3i_pv0g92bNIAF5owKZsdnoYlohKlYGNDTl6GjZRM1n3En3VutujhibdwkCz8RdEtIwIzbXwhmETNM1BoPV6TJzZ5cK4w9FhTE8Mkvj0mwn5ljgFxwCdrzWYEjyqSzag6tnxmMVhoDpueNhwhsxNbZsCfQWIT8Q183748XqpU2h5hGqrYCq2dO1AE8exKvNk7slIdEu8EeHMXiff4QeJ14uosC7wP-qXdVp8jYMSpdTTSCsZIiABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ESmalc1dOrVwX_rwKIqaL4aMlDw%26client%3Dca-pub-1983042674979462%26adurl%3D
Frame ID: 033DDF6AF734390368D5A5758C38DD5F
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Frame ID: D60FE8C7EB39967CB6EB6FF48083D25C
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BCF2A0C4E522FD2FC5BC5348FF7DF50E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 19E89C898C4604DCA1493CB713F09487
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6EDF8AEC7B9EE3DDB609BB15827190E2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6DCA6E18B748A3552802BE58955EF748
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CE1E5A012B28FD7648DA8F988F61B3C6
Requests: 2 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1j4rmgzn4wmb869fz3cz6he081fhztatzqws4m6t53x3qp9gd4px31bcywfhzzay5s1690acftmgwvrhn79495jtwhtka7v2xcb8f6pzwhq1yhmm7medcsxnncscyp0ktnfv6awkcswcz31qy3w307sw6td57z4c88gh136f76vwwnbc46f1c6mfjam2ch20gdqwt5d13y0p5tfpf3zbacbnngcqg41rn4h8snhm0nh6nxft3erfz35p97kzg7ncev7804k02pdax1pz9e1afnq748v9a6d72tw5bjak44qsb001502jvkes4zzbejj6wxq199h8ec9dj06wph5z5ampkw4pvg3w4k446cb2wb6mebbtacbrk5nt6ekdvmgspz8hzfhj6vnjrvwqjttrd1t8qfa6dh4kq7khydj0epq3ms89b1q3m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCX0bza3PuZITiBd_C7_UPiLW40AOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0BhiQUyYHXsMU1j-WWRdHkIrizi_jAgXIJP6xwQ6TQqEd8FX0lbkNoJoqX1lIupWcTnl8aC4T29zqRNpltJzLKXUahpYkk3jRLwdFjjNlYpfYkpyaKUcWo_oUsI8i0Fu5ZNoqtZVZfbpMIqhDAW_UK_Kj8L8-mdchn3eO1B63QKXF89T4qH0hvKHsYHONlCNQkCwxQd6azTjFEjHJ0c8M1EtLWJLGuRLcDyrCPmuR9HOF68EcoOFW0vFkCqm62LVEIxaFvSzXbEZb0idnacdhAIPWsQTyLHvkoKYXpekgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ZnbQiymMXsTJwgcJAxwP0EgBLiQ%26client%3Dca-pub-1983042674979462%26adurl%3D
Frame ID: 632240A9F20DCAF8A125F858C4503276
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Frame ID: 040E37EF3781CC4C00CCB2722FE4CA89
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 346C71752BF02E9AB1FE32AD1D87F95A
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 3827A73AB99B34E6642E5FFC9B738467
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gavbacjakkvr7pafnbr78zwpjeda4b1x0hgbscc87rfkctvmp95t0m1467vjh12xdx4xnz00ftbrxf143mxfa6tq51kfzt8pp4nt7hevmbs62t51mh271mdd4abd7f2d7jdwemb51jsjk64q5m2qfp7r1437scatnwyh4y2vx2vg0kas0kcxt2wfcjr1z2p9n57v8c0myt0b6nfyhdfhyr228f88mhxb49ba3q0rzbyszz8h0xjz397y8nb6d1x72b5s0bxe5h2yh0q41t1jtz5mvc3zcgjfkp5prcpdrd46b2rxyamk7qdb8jxmta76thww7xw0akdzc4zjqw4d2b7mrakxcbz3t9vct8t59zbryfwz91x5m31cgnpmncjq6vjd1dtxp8wd9xrxmt8qwwmk6pbc8z7qrzc3gs796dndcnvwg9ce&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLDzea3PuZI7gCp-YxdwP2-an0AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0IR8I2Q-Z8MyTwW55mx7cPUmWcnlZZPirvQUMDTD3tPGUz6_GA1nlmVZiNndbVLlnRurvlzGnDLyNGIHkGwrOEUVzcHVF0fQqQAa6AztGkVKAk4t3PLsQ30ymfpjc-Uiz_zDVEHsqgQ4zeNRbEQIFK4JdOqdFwCB9E_A-Khkbx8VThM6iXK61u4vJpwIwBL0HIB51Y3L3X9C27qsTOvmBOd3BjjESPLZBhI8CgF6xvNNh30tMF2EhfMNz8MCEGlv06JlA3ae079r5ROupdYFDPNxdyaVCmt8txf-WVRQgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3F8qu1S6wIX00PXxQ27p5QNX3tTg%26client%3Dca-pub-1983042674979462%26adurl%3D
Frame ID: 56162211CA4B65D3CC82249AD4826A06
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js
Frame ID: A5D88C4ADC70BE2BCCFF3EFB9962F008
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 85F9B9ACF6BDB3889272A9C55BFB3A82
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: DCAE375B093D88137819CE21CF850632
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: B4F3A52BD28CEE6D44B650D49788373A
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 8D2CDF7FB3D870C3D17BB6BE33BBC6B1
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 96916B16C7C859E4FB5D5EFD5E425A4C
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=885c8617ab355a686fcc803c74434f99%2F797953588450959800&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knm5nx6dbptsgck36nvtx2239ka1r1w7a35k4js2w03pp3117k4btywcr3hnyzxmyajawqst6gc1wepgmpcsfbzm0qdykjjm2df0w31qmfm39yhbs3sv50drhqjkcdtppj6paay3sf4pbvyyky684ncf2jv67kpm1z7j3t584txh78z7hpdqfw5tr4jbh5efz98pbwdspt74as30bvwhep5jgj49bjxfqvfwbkwb2dy8y50b3d8gxnjx7tsfmddnb0rfgjfqp22my4at6h0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaK00anPuZI2tOb2rxdwPp6ynwAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0EmmIu_lqMqk0Iusz65i75rrDA2axZMeQv4e3qdPQ2GT4rS-Kd92jenSmaiiVnsXHDxdBa4m_0mSDVun61noCjNTwOcRLkp5kMly3lA4HuhBP2VnJwjJ3D6lGYezxrmGX3QO8LJD2p73ICDyigbqjjAyh-AsxMGLvoCUnGJVr2Dj4UElgVybUaRaZ_zHun3G0ba9TSUEBqy_2CSS7hb65x7mUSQ3uUyZs5cRj2dbHoDCly4ruwahr11ZQnuFg7qlRURd2N6GZfLo4C8AOLa3T5rZUE5aN1x8Zr7MkMtRgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1SNNydTNsNsG6JOWbnKJqXBkIMdg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Frame ID: 9DCF4DD5B3A16C751A7BCA44384519BE
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=34a4e2d8435f614a55848caf9b3f0904%2F7011083126979331671&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716175&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5r9tzc967ttzw53hrzdhd3cjy0xwtr9temkg6kxrk62va17dfdmxw7yxrgj8rjzg7c003h20hvzrj7b3wqkdx45k2w4dr71wk9zqtxpb26f5n6k6sp7fp7jtngtw8c1e407sffs4fjmftfzgm933646n19ay02fgrqb32c5ecvkw2cxzgfg2qh4rkn64b18ef6cyqm6ptb7pbh5d7k97dc8fxakj1drfryz48w1ap834wf7zrc8hvanvcs2md0rszvpvh4cx0k0x3160b0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnmXDa3PuZKv3AsG_iQbP24zAApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAkMw1AwpOrI-qAMByAMCqgTfAU_QreRdUiG4UX9FwAmI4A_RG-MbbhpRZLhys7Pv6qpbnA-opQN7hCcEXndNf1ZdWkZzMuREBcEToOsbma4OaqeD4JbbcY6iYRYw96i1FlvFLLG_zLQFE4KgBuhAUIdIOtZ_D_BVsdpupE-pRzY3FuGFcdlUBm909ehPLB9bf5BIFBySrbSTDThHCH67f2SSKlJpgrg34nn56AFKiruVks7_qo0XnXTDF80qTSvzvbS1PBWZEhuVdvFclfy5GZzpkmB9MWbElP3RLMvIe2hdpGKiIl9hqoUDyW-MeDXctVqABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1o6l6UCftJRnKTFMF1HJ2x8MT-7A%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Frame ID: 2A0C6DFFC7D4620333A77F4A62740A2F
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=0f5353630d99926386544de5206d8a28%2F4081905152126680695&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716221&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq9gbpfs27a7pf7pcxq8tf18bw1cbp230wh6hjkcq09w5g52as8zzanb7xh6vh17emwn6j85gdh9j7pzh1j21chwc0fhx3e4jzjmze006thzmd445hcpez3vn3hxqx3s19w4vw5vmkkhy7jg57m53j6r3tyss334n9jq8c357m0revv9xqzz5w1f1x6jpg9t86ca69hxxdakjt4pjgv0y45crqnx94r9zjxy9s2t10bdjjyhtr96dnxfc5zwjcys1z396wkt9h2f4f9kffg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuT1ra3PuZPWpCNWI-cAP2vCToAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3gFP0DQmdCM2ZUlm2ERh7WYrD7lgiE3OYwNXyi41h9cd3E2pMTiYysBTo3i_pv0g92bNIAF5owKZsdnoYlohKlYGNDTl6GjZRM1n3En3VutujhibdwkCz8RdEtIwIzbXwhmETNM1BoPV6TJzZ5cK4w9FhTE8Mkvj0mwn5ljgFxwCdrzWYEjyqSzag6tnxmMVhoDpueNhwhsxNbZsCfQWIT8Q183748XqpU2h5hGqrYCq2dO1AE8exKvNk7slIdEu8EeHMXiff4QeJ14uosC7wP-qXdVp8jYMSpdTTSCsZIiABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ESmalc1dOrVwX_rwKIqaL4aMlDw%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Frame ID: 645EE6B137CCC4B780E0A8B1ACF7B6AD
Requests: 11 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=cc9a572ced426c513075b78f58d4cab0%2F10985148051160379145&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716274&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kacxyv5nsc00e1ndha0tfn4rknpqpv5nkg3nahqnvp0pmwdvs3f20qmza3sj4ge161m27ac7a64rfp56hvwyqs3wx3mhyass9pdts5wx7v80m970mzj1kdhddj5j51apqvk7s7bks9f2hbfxag6t9ht8f8n5mqbv02gm3v35xa46qyjn2dhres76bbj39dn71gya6bm0rg66hnh8c5cmn42d3z7e7v3dzhmmyts3kdzx7n5fngvr3za4nxb0eb1dc52kxa76vhnafa23bj0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX0bza3PuZITiBd_C7_UPiLW40AOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0BhiQUyYHXsMU1j-WWRdHkIrizi_jAgXIJP6xwQ6TQqEd8FX0lbkNoJoqX1lIupWcTnl8aC4T29zqRNpltJzLKXUahpYkk3jRLwdFjjNlYpfYkpyaKUcWo_oUsI8i0Fu5ZNoqtZVZfbpMIqhDAW_UK_Kj8L8-mdchn3eO1B63QKXF89T4qH0hvKHsYHONlCNQkCwxQd6azTjFEjHJ0c8M1EtLWJLGuRLcDyrCPmuR9HOF68EcoOFW0vFkCqm62LVEIxaFvSzXbEZb0idnacdhAIPWsQTyLHvkoKYXpekgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZnbQiymMXsTJwgcJAxwP0EgBLiQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Frame ID: 9F127BCCA56B3C5176A7BCF8AC7C9681
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=183975%2C24723%2C305597&b=j83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9%2C2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9&f=xDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA%2C4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA&c=300&d=250&e=&g=10a743ff29d1f3909e97739b1ab69973%2F887098673830650361&i=20597%2C22473%2C83339&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716290&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfjb1da8xmmdst5tm9qgxccyraggqhq0afn17ex4zk26w8ab1y243q2m327ar1dr9fxvjmc9mvbe0z8cnpywyv3zf57zggt9ff59yj9dash4wgwd9dtwpbcsf94aqkgthj0k2nthge7x5ytax8pe36nr1f4c61ac4wqnba8gfbqctn0c712f71dcsjpcpx9s57b9qxzqkass2chexzmt4bj3f104kg0skbbt55ddvcja9avrt0a1my59k2hne34hcrt308pkpvq5tve1ya0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDzea3PuZI7gCp-YxdwP2-an0AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0IR8I2Q-Z8MyTwW55mx7cPUmWcnlZZPirvQUMDTD3tPGUz6_GA1nlmVZiNndbVLlnRurvlzGnDLyNGIHkGwrOEUVzcHVF0fQqQAa6AztGkVKAk4t3PLsQ30ymfpjc-Uiz_zDVEHsqgQ4zeNRbEQIFK4JdOqdFwCB9E_A-Khkbx8VThM6iXK61u4vJpwIwBL0HIB51Y3L3X9C27qsTOvmBOd3BjjESPLZBhI8CgF6xvNNh30tMF2EhfMNz8MCEGlv06JlA3ae079r5ROupdYFDPNxdyaVCmt8txf-WVRQgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F8qu1S6wIX00PXxQ27p5QNX3tTg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Frame ID: FB8ACC242B2ED3FF31533357F1EBC644
Requests: 14 HTTP requests in this frame

Frame: https://tsdtocl.com/
Frame ID: 165028B742DF53F6241DADC7710562F7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

今日俾個職員叫我去石門拎學生證 | LIHKG

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

435
Requests

91 %
HTTPS

43 %
IPv6

52
Domains

79
Subdomains

51
IPs

11
Countries

8831 kB
Transfer

21164 kB
Size

51
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://lih.kg/kdimBT
Title: https://lih.kg/kdimBT

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/hk/app/id1178373396

Search URL Search Domain Scan URL

URL: https://market.android.com/details?id=com.lihkg.app

Search URL Search Domain Scan URL

URL: https://fb.me/lihkg.forum

Search URL Search Domain Scan URL

URL: https://instagr.am/lihkg.forum

Search URL Search Domain Scan URL

URL: https://twitter.com/lihkg_forum

Search URL Search Domain Scan URL

URL: https://help.lihkg.com/tnc
Title: 使用條款及免責聲明

Search URL Search Domain Scan URL

URL: https://help.lihkg.com/privacy/policy/
Title: 私隱政策

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://lihkg.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://lihkg.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/invisible.js

Request Chain 32

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid

Request Chain 63

https://gum.criteo.com/sid/json?origin=publishertagids&domain=lihkg.com&sn=ChromeSyncframe&so=0&topUrl=lihkg.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=15KwQXwzUkdITERuemlxcFdMRURNanNpNU03aS95S0x5T2l3b3lUVkpQSDNxNnFQOUtZellvWU9DTG5rKytLbWR2RzdTRk82amEvaS9GemxPUGFaZm1SUjlSWTUwa0hsMXg3QnRoMitRNVk2Q1JLbVF1MUl1anNMbm4wVGtZTTkvVXhHaEhyMXRTMDFUdkV1N0hsemtJQlkwMzVDOGJUcnBBTzFtZGlJVEM2ZGc4QU5ZSjhHVVk4SFZaSW4xTzJhZ09UcklsOWhMeWE0NWJoejVmSGwxQmsyaXFtQ2FzNE5DOXNzWitSaHlJZkhXWUYvV2xEMkRqdVBzaCtiL2w5OHh6VXNQWSt6RGt2bXp3YUdvNTFoL1FiSENVUT09fA&cppv=2

Request Chain 66

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid

Request Chain 72

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid

Request Chain 77

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid

Request Chain 79

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=K6wExK0eDRGYtgyUanPuZA

Request Chain 85

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=250&slotname=9106605872%2F5521398132&adk=3524170298&adf=1298467582&pi=t.ma~as.9106605872%2F55213981_&w=320&lmt=1693341513&format=320x250&url=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F2&region=16933487131447980&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348713206&bpp=5&bdt=1189&idt=330&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&correlator=6316771326656&frm=20&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348714&ga_hid=705413750&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=627&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076839%2C31077323%2C44798934%2C31077504&oid=2&pvsid=4485397768541698&tmod=1179280563&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=ib9QXAxKeo&p=https%3A//lihkg.com&dtd=345 HTTP 302
https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

Request Chain 92

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=250&slotname=9106605872%2F5521398132&adk=3524170298&adf=2648010310&pi=t.ma~as.9106605872%2F55213981_&w=320&lmt=1693341513&format=320x250&url=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F2&region=16933487131444240&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348713211&bpp=1&bdt=1194&idt=372&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&correlator=6316771326656&frm=20&pv=1&ga_vid=544351479.1693348713&ga_sid=1693348714&ga_hid=705413750&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=627&ady=2226&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076839%2C31077323%2C44798934%2C31077504&oid=2&pvsid=4485397768541698&tmod=1179280563&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=7xSEeniUoo&p=https%3A//lihkg.com&dtd=375 HTTP 302
https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

Request Chain 93

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=250&slotname=9106605872%2F5521398132&adk=3524170298&adf=906640938&pi=t.ma~as.9106605872%2F55213981_&w=320&lmt=1693341513&format=320x250&url=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F2&region=16933487131449644&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348713212&bpp=1&bdt=1195&idt=383&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&correlator=6316771326656&frm=20&pv=1&ga_vid=544351479.1693348713&ga_sid=1693348714&ga_hid=705413750&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=627&ady=3360&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076839%2C31077323%2C44798934%2C31077504&oid=2&pvsid=4485397768541698&tmod=1179280563&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=HIE0CkN96P&p=https%3A//lihkg.com&dtd=388 HTTP 302
https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

Request Chain 195

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELBsTht4AKMC4EgjmTEFTGU&google_cver=1&google_push=AXcoOmSpVcsGmrkSKteLiN-2L26xWZfzJ49p2x3dWbRv66HSsaB3O7Gk6SbS0_tTFheMFUNmKknife1JDlGzOnluKO8rxTqA1dh5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSpVcsGmrkSKteLiN-2L26xWZfzJ49p2x3dWbRv66HSsaB3O7Gk6SbS0_tTFheMFUNmKknife1JDlGzOnluKO8rxTqA1dh5&google_hm=t7s2po5uSxSAZje5MNjfUsE

Request Chain 196

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGRRKqTuQufAQ2D9HYjI6VI&google_cver=1&google_push=AXcoOmRyGvO_6sSPOPKJ6MXejeKkQ_E7MqNCV3wRbdppyExyO0rzWf2RdJY1i3A5qa3jAHs8jVaC9ySJBAT9ywvr1-cdl8OHZ6_R HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGRRKqTuQufAQ2D9HYjI6VI&google_cver=1&google_push=AXcoOmRyGvO_6sSPOPKJ6MXejeKkQ_E7MqNCV3wRbdppyExyO0rzWf2RdJY1i3A5qa3jAHs8jVaC9ySJBAT9ywvr1-cdl8OHZ6_R HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzY5NTMwNzY4MDA1ODQ5MTE5&google_push=AXcoOmRyGvO_6sSPOPKJ6MXejeKkQ_E7MqNCV3wRbdppyExyO0rzWf2RdJY1i3A5qa3jAHs8jVaC9ySJBAT9ywvr1-cdl8OHZ6_R

Request Chain 197

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGRRKqTuQufAQ2D9HYjI6VI&google_cver=1&google_push=AXcoOmR6Y6nZjxJvBbtz9OCjbkgg9kKzu0QoaG4_k4YJk1D2ytQ7MIY5UozaRaqBffzAEUSWGm_qz2EFKUnO8Tr0ECo1NOlMmY8B HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGRRKqTuQufAQ2D9HYjI6VI&google_cver=1&google_push=AXcoOmR6Y6nZjxJvBbtz9OCjbkgg9kKzu0QoaG4_k4YJk1D2ytQ7MIY5UozaRaqBffzAEUSWGm_qz2EFKUnO8Tr0ECo1NOlMmY8B HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY5MTU0NzMxNzMyMTA3MTAzNw&google_push=AXcoOmR6Y6nZjxJvBbtz9OCjbkgg9kKzu0QoaG4_k4YJk1D2ytQ7MIY5UozaRaqBffzAEUSWGm_qz2EFKUnO8Tr0ECo1NOlMmY8B

Request Chain 198

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELGdTBOhHrKu9jF-QqRwjD8&google_cver=1&google_push=AXcoOmQEXXK0VQbt4DlS4aMVZ1GxO2PhWUbLUzXTWoP8a2XhwDQ_dc0e2VyLhF9fINmO8z4Hp3FH7ucqnJJlbDCBwgJV0J0L2cY8 HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELGdTBOhHrKu9jF-QqRwjD8&google_cver=1&google_push=AXcoOmQEXXK0VQbt4DlS4aMVZ1GxO2PhWUbLUzXTWoP8a2XhwDQ_dc0e2VyLhF9fINmO8z4Hp3FH7ucqnJJlbDCBwgJV0J0L2cY8&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQEXXK0VQbt4DlS4aMVZ1GxO2PhWUbLUzXTWoP8a2XhwDQ_dc0e2VyLhF9fINmO8z4Hp3FH7ucqnJJlbDCBwgJV0J0L2cY8&google_hm=HO_OpGZHCwEuDwomSOqE4Pnj

Request Chain 199

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP5c4n24kGJeA_HW2lTbldo&google_cver=1&google_push=AXcoOmShxO5i2SEh_UKudYa31TP13Af6UwEiqJBMPWFdP_rZlKwxGQMfXrkNHkCqTMk8AkW9uPC7srmQpomWTvVy3VjWAcQ0Ddk HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmShxO5i2SEh_UKudYa31TP13Af6UwEiqJBMPWFdP_rZlKwxGQMfXrkNHkCqTMk8AkW9uPC7srmQpomWTvVy3VjWAcQ0Ddk&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1693348715321 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-294a25be-2f74-4765-893e-27e2436947c7-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmShxO5i2SEh_UKudYa31TP13Af6UwEiqJBMPWFdP_rZlKwxGQMfXrkNHkCqTMk8AkW9uPC7srmQpomWTvVy3VjWAcQ0Ddk%26google_hm%3DAylKJb4vdEdliT4n4kNpR8c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmShxO5i2SEh_UKudYa31TP13Af6UwEiqJBMPWFdP_rZlKwxGQMfXrkNHkCqTMk8AkW9uPC7srmQpomWTvVy3VjWAcQ0Ddk&google_hm=AylKJb4vdEdliT4n4kNpR8c

Request Chain 200

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEE0hiwY0KTwh-stLpSXDr3o&google_cver=1&google_push=AXcoOmQCvSj3RFnlyYutDXuZPz9FgAbfItBpFfzONJy3qU51oHwYLS4OReKdpu6cR1S8SOGL8rSaVLzIQ1IY5uq31Qm9kqK8d_l- HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQCvSj3RFnlyYutDXuZPz9FgAbfItBpFfzONJy3qU51oHwYLS4OReKdpu6cR1S8SOGL8rSaVLzIQ1IY5uq31Qm9kqK8d_l-&google_gid=CAESEE0hiwY0KTwh-stLpSXDr3o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ2MzM2Mjk0NjYwODA4OTY0NTc2NQ%3D%3D&google_push=AXcoOmQCvSj3RFnlyYutDXuZPz9FgAbfItBpFfzONJy3qU51oHwYLS4OReKdpu6cR1S8SOGL8rSaVLzIQ1IY5uq31Qm9kqK8d_l-

Request Chain 216

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMwcWcw75zeLYj2cKJTPtlE&google_cver=1&google_push=AXcoOmSrI3VoU3kX0aJ7JmRLB54bSBQJKbOAWssZBZEYAKZSRKH01ba2OaiDh_6kZ5_M8mcAN81ntrBBhihaRKeu4dWpU9ojL9k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSrI3VoU3kX0aJ7JmRLB54bSBQJKbOAWssZBZEYAKZSRKH01ba2OaiDh_6kZ5_M8mcAN81ntrBBhihaRKeu4dWpU9ojL9k&google_hm=eS1UQVN0T0E5RTJwR0tabjFvOWExR3pLWFBIV3VZMzRobn5B

Request Chain 217

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSyelqP7qxCTw1Rk2kx52mfqYb5MjumKeLmy_vkEqTCYxi0HadJYhRjp3_XVHR_VcfRoTM2TYMR0t2TxpyqaKQxboc1V9E&google_gid=CAESEKJsQP5PnRe81DZyw-AiHiY&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-BXzLcbdue1IAJ-BQeLe6ATQonyU7Q6QyJRF-8g&google_push=AXcoOmSyelqP7qxCTw1Rk2kx52mfqYb5MjumKeLmy_vkEqTCYxi0HadJYhRjp3_XVHR_VcfRoTM2TYMR0t2TxpyqaKQxboc1V9E

Request Chain 218

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJnTpPN66HzEJKPgt-DcVh8&google_cver=1&google_push=AXcoOmQ8IBvck2ZWB0qQNPoxc59hN0uZ9nLgYW-hHDdc-Zlkrz0hezpE8oAAfO0fsddGy1ntoVcx48qhAjj99DfNsVRNa65QHSM HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJnTpPN66HzEJKPgt-DcVh8&google_push=AXcoOmQ8IBvck2ZWB0qQNPoxc59hN0uZ9nLgYW-hHDdc-Zlkrz0hezpE8oAAfO0fsddGy1ntoVcx48qhAjj99DfNsVRNa65QHSM&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJnTpPN66HzEJKPgt-DcVh8&google_hm=ZO5za30adzWI0I6hG1ja-QAABL8AAAIB&google_nid=index&google_push=AXcoOmQ8IBvck2ZWB0qQNPoxc59hN0uZ9nLgYW-hHDdc-Zlkrz0hezpE8oAAfO0fsddGy1ntoVcx48qhAjj99DfNsVRNa65QHSM

Request Chain 219

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFYQistJDS9mJTLFD82lEPo&google_cver=1&google_push=AXcoOmTZMQWpfWG-NFlLBwrpsLhoQvOfYytcW9g3DpH-_ixFdfNCptUE8HMGm9n293RupCC_IkFqO4CJvlJS5Y3K8YUv4zl2pSM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=1&gdpr_consent=&google_push=AXcoOmTZMQWpfWG-NFlLBwrpsLhoQvOfYytcW9g3DpH-_ixFdfNCptUE8HMGm9n293RupCC_IkFqO4CJvlJS5Y3K8YUv4zl2pSM

Request Chain 220

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKKB_FCJWsqnCpCnC58_QzA&google_cver=1&google_push=AXcoOmT80nHw3LU8VsQTEJgbOqMpt5-7lnXmv2PNBam2cLf-xPkYtPL3PCo0Skg6Abr0Z46pczUJY1-i_GYpBKiH0vcKic-2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT80nHw3LU8VsQTEJgbOqMpt5-7lnXmv2PNBam2cLf-xPkYtPL3PCo0Skg6Abr0Z46pczUJY1-i_GYpBKiH0vcKic-2

Request Chain 221

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGiX-4Bo1WKbeKtZaduv1ho&google_cver=1&google_push=AXcoOmSueA5Eb_2KycWBmqZvUrHeMNrG8XAIk062W_CN1EhkLouABOyZtzTg_3SgGxT7TADak9Oka6E4BJo74vIHCvEvHGSYNL31 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSueA5Eb_2KycWBmqZvUrHeMNrG8XAIk062W_CN1EhkLouABOyZtzTg_3SgGxT7TADak9Oka6E4BJo74vIHCvEvHGSYNL31 HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 244

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJ9UvU9F-EA9858W_T8HuY4&google_cver=1&google_push=AXcoOmTZyyvyYE9gtN21i1_7HD-Mf5RFImAPZGpgrgixYbkk61EYfbIExxP-68Fk9vnny4fYFpE02fP55OuRj59hmhf8ASsIu8c HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTZyyvyYE9gtN21i1_7HD-Mf5RFImAPZGpgrgixYbkk61EYfbIExxP-68Fk9vnny4fYFpE02fP55OuRj59hmhf8ASsIu8c

Request Chain 245

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDjb0fEUvEYLje9E4oYq4OQ&google_cver=1&google_push=AXcoOmQd0jyycljAJnyHD9M00Bvxcw_8fLQnHSil0WNV7ZHyyXo8ENjxRBmHLMGAibT8vykVQ1PI0l2Eo4lrDGmpbzs16XAO29s HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDjb0fEUvEYLje9E4oYq4OQ&google_cver=1&google_push=AXcoOmQd0jyycljAJnyHD9M00Bvxcw_8fLQnHSil0WNV7ZHyyXo8ENjxRBmHLMGAibT8vykVQ1PI0l2Eo4lrDGmpbzs16XAO29s&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jmPyxWXSSISeIjPLq6Hy1A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQd0jyycljAJnyHD9M00Bvxcw_8fLQnHSil0WNV7ZHyyXo8ENjxRBmHLMGAibT8vykVQ1PI0l2Eo4lrDGmpbzs16XAO29s

Request Chain 246

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ4CXrRdYkK1OhwYuvSeEdw&google_cver=1&google_push=AXcoOmTGjtZzcAj00Y8w0MSuKOHkTz1Wa3Txg8qVcdxnzpiwxre9_wA-CTDQx3UL-W7nMi2G5kNzZnl4DJwJtUhRGQkW3gu4RCI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExXVzNSOVEtMUQtNUdRNw==&google_push=AXcoOmTGjtZzcAj00Y8w0MSuKOHkTz1Wa3Txg8qVcdxnzpiwxre9_wA-CTDQx3UL-W7nMi2G5kNzZnl4DJwJtUhRGQkW3gu4RCI

Request Chain 247

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDo5i6jFzm1dN3VMu6VrKTs&google_cver=1&google_push=AXcoOmQeDFzyvXPKZoXsrN5Qf34uqprR56TgJL2-YqxTE2WsgcCDFgMeefGLUNy0i9hUKIrhk-mCQt93aM42CX16T6wrjbN98y0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDo5i6jFzm1dN3VMu6VrKTs&google_hm=ZO5za30adzWI0I6hG1ja-QAABL8AAAIB&google_nid=index&google_push=AXcoOmQeDFzyvXPKZoXsrN5Qf34uqprR56TgJL2-YqxTE2WsgcCDFgMeefGLUNy0i9hUKIrhk-mCQt93aM42CX16T6wrjbN98y0

Request Chain 248

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMJpglaX2_mdAEMz0e_bkw0&google_cver=1&google_push=AXcoOmQWcgjQW5_GCeqfq4gb6hB0BwUgfwPcRTJ2YJZORsqdA2OefKDSWA8tctm-JFxruivSQWwzsXvxE8kwvXAnYnFA9lOlHg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQWcgjQW5_GCeqfq4gb6hB0BwUgfwPcRTJ2YJZORsqdA2OefKDSWA8tctm-JFxruivSQWwzsXvxE8kwvXAnYnFA9lOlHg

Request Chain 261

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEH4pOds-qWOQr8q1oOgL7cA&google_cver=1&google_push=AXcoOmT8U-Auqz75p1yTzWkSNmiBbLWgGusdslgcoOewUun3Tk1lzlT1ut-p2s0IKFBJIUITECkpXkSkA--U5uUEfNch_bAAf9RCYw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT8U-Auqz75p1yTzWkSNmiBbLWgGusdslgcoOewUun3Tk1lzlT1ut-p2s0IKFBJIUITECkpXkSkA--U5uUEfNch_bAAf9RCYw&google_hm=t7s2po5uSxSAZje5MNjfUsE

Request Chain 263

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDEscbfENiE1ONooRS7z1FQ&google_cver=1&google_push=AXcoOmSSLcuD91mtnQxsJ4TZ7CVXD1wzpydir6Whb06bN0U5H0S0woq4MeSLjnfY4QdkRb3f81IaEPLdWyUs0-jVycIbFHHDJXAr HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDEscbfENiE1ONooRS7z1FQ&google_hm=ZO5za30adzWI0I6hG1ja-QAABL8AAAIB&google_nid=index&google_push=AXcoOmSSLcuD91mtnQxsJ4TZ7CVXD1wzpydir6Whb06bN0U5H0S0woq4MeSLjnfY4QdkRb3f81IaEPLdWyUs0-jVycIbFHHDJXAr

Request Chain 264

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDXzJvGvY6DSSpd84VQ9Z5Y&google_cver=1&google_push=AXcoOmT7XRdvNtb0ARsrTIuKbr1AfSts7woiBcYruXXPqYynNViY6CvI_56MOXaIp4S3Q5s4_jcyBoqxTY8iSmC6BRkfea5Hg1MM4Q HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT7XRdvNtb0ARsrTIuKbr1AfSts7woiBcYruXXPqYynNViY6CvI_56MOXaIp4S3Q5s4_jcyBoqxTY8iSmC6BRkfea5Hg1MM4Q&google_hm=HO_OpGZHCwEuDwomSOqE4Pnj

Request Chain 265

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEF43OVVtVXXYzjhdr0ypteQ&google_cver=1&google_push=AXcoOmSqOz6ArdJwps4rOuYBcKKXCv6DZ9MuKSQ0fIKP2z5yaZZJ-38rGLbhXEBqj4BPZW9dvr4o9zJ729oDDJg7EPih7ywduD9- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=1&gdpr_consent=&google_push=AXcoOmSqOz6ArdJwps4rOuYBcKKXCv6DZ9MuKSQ0fIKP2z5yaZZJ-38rGLbhXEBqj4BPZW9dvr4o9zJ729oDDJg7EPih7ywduD9-

Request Chain 278

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELc8u5EK5mYFm4tqzNAjoOs&google_cver=1&google_push=AXcoOmS8149BVggWPh8groS61IIy_Qgcnba5XlEsZlk1LV8xgW5HEm1ivKD6lN3ATQjReJV1LZQ6cMQ9IdK6dfL50PxjWdZPCF8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jmPyxWXSSISeIjPLq6Hy1A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmS8149BVggWPh8groS61IIy_Qgcnba5XlEsZlk1LV8xgW5HEm1ivKD6lN3ATQjReJV1LZQ6cMQ9IdK6dfL50PxjWdZPCF8

Request Chain 279

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGS3_6ka_qDmculj-T6qnyE&google_cver=1&google_push=AXcoOmTy6_HPDHsKFoGxR3dkpXWa5ysIQSQayWBNnp41dlwl6Ldjeh-cmetdmvLTdc-KcPVQms_GmX08IXhQTCNk6V5mP61I_0Pn HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTy6_HPDHsKFoGxR3dkpXWa5ysIQSQayWBNnp41dlwl6Ldjeh-cmetdmvLTdc-KcPVQms_GmX08IXhQTCNk6V5mP61I_0Pn&google_hm=HO_OpGZHCwEuDwomSOqE4Pnj

Request Chain 280

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJua-_KjBtpA90hDoxRX9w8&google_cver=1&google_push=AXcoOmSeLmgCDjghW0CJfrEShMT0rtcHLGWH9xeWkamQZybXKXI6L0GXggmObHfPLnvOIaP3Dzy-sZaLizrZ4HvCpR_7jyYur8fc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSeLmgCDjghW0CJfrEShMT0rtcHLGWH9xeWkamQZybXKXI6L0GXggmObHfPLnvOIaP3Dzy-sZaLizrZ4HvCpR_7jyYur8fc

Request Chain 320

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1693348716_cac1f990-46bc-11ee-898e-223287d3f473&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 323

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CLOy5sX3goEDFXTFuwgdl0IPlg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023083000383688402417877X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023083000383688402417877X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218

Request Chain 326

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3Dviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CLm05sX3goEDFXPKuwgdnHMJ7A;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D113752V1225131106M%26subid%3Dviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023083000383688402417871X113752V1225131106MSviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0

Request Chain 331

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1693348716_cac024d0-46bc-11ee-8502-226591661de6&insert=AW&&gdpr=0&gdpr_consent=

Request Chain 334

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CL635sX3goEDFeyR_QcdeiEJdg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3DviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023083000383688402417875X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023083000383688402417875X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218

Request Chain 337

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dviewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CIu45sX3goEDFXif_QcdBVQGcw;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117663V1225131106M%26subid%3Dviewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Netmix_Reach13_BlackFridayPush%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=viewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=viewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023083000383688402417873X117663V1225131106MSviewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0

435 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 2 Show response
lihkg.com/thread/3470022/page/ 4 KB
3 KB 217ms
182ms Document
text/html 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lihkg.com/thread/3470022/page/2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97fb2299b75200fb946cb3995dbce86e17bf10e9e0f766d3c85515b553c0d425

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fe848e8fdb64d22-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 29 Aug 2023 22:38:32 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 style.css
cdn.lihkg.com/assets/web/ 5 KB
1 KB 56ms
38ms Stylesheet
text/css 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lihkg.com/assets/web/style.css?ver=13032023

Requested by

Host: lihkg.com
URL: https://lihkg.com/thread/3470022/page/2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80049bc10543e0e2fe1fc1b66570855de11c11da2023d5a914c57330d0188ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 542004
cf-polished: origSize=6395
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 13 Mar 2023 10:32:06 GMT
server: cloudflare
etag: W/"640efba6-18fb"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7fe848ea38134d22-FRA
expires: Wed, 28 Aug 2024 22:38:32 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 244ms
138ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: lihkg.com
URL: https://lihkg.com/thread/3470022/page/2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65ded88113cbcb48c6bb2d842e5ff567e268950c28d1febd84250861259f05a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28984
x-xss-protection: 0
server: cafe
etag: 718 / 19598 / m202308240101 / config-hash: 3287751012361123362
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 22:38:32 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 186ms
92ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: lihkg.com
URL: https://lihkg.com/thread/3470022/page/2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cea7ae02e7840360a93a404591b9bc1e443000c0ac24f125382ef9ef74e9b7d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51122
x-xss-protection: 0
server: cafe
etag: 11714213477340992855
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 22:38:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
76 KB 144ms
50ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PPY9Z37CCJ

Requested by

Host: lihkg.com
URL: https://lihkg.com/thread/3470022/page/2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e64391beb64b40e6e8dd6e808711202e4b4d425a1f1e32ae5f95bb2c5802e2f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77794
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 29 Aug 2023 22:38:32 GMT

GET
H2 200 prebid7.51.0.js Show response
cdn.lihkg.com/assets/js/ 251 KB
78 KB 59ms
43ms Script
application/javascript 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lihkg.com/assets/js/prebid7.51.0.js

Requested by

Host: lihkg.com
URL: https://lihkg.com/thread/3470022/page/2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e9e9483dc8972e01d5f55bbade4cb00f0ad629dc73e7cfd1224ed2496108cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1962687
cf-polished: origSize=257341
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 26 May 2023 11:40:42 GMT
server: cloudflare
etag: W/"64709aba-3ed3d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=43200
cf-ray: 7fe848ea38184d22-FRA
expires: Wed, 30 Aug 2023 10:38:32 GMT

GET
H2 200 asyncjs.php Show response
adv.lihkg.com/www/delivery/ 4 KB
2 KB 221ms
209ms Script
text/javascript 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adv.lihkg.com/www/delivery/asyncjs.php

Requested by

Host: lihkg.com
URL: https://lihkg.com/thread/3470022/page/2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d533fa3a32a5a67dc45519a85bc430007e3c68bde21d01c5e67c2c8b3d4d2cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://lihkg.com
content-type: text/javascript;charset=UTF-8
cache-control: private, max-age=3600
x-turbo-charged-by: LiteSpeed
expire: Tue, 29 Aug 2023 23:38:32 GMT
cf-ray: 7fe848ea380d4d22-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 misc.js Show response
cdn.lihkg.com/static/2307045067-knk8z/js/ 3 KB
1 KB 42ms
25ms Script
application/javascript 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lihkg.com/static/2307045067-knk8z/js/misc.js

Requested by

Host: lihkg.com
URL: https://lihkg.com/thread/3470022/page/2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebda714b0960b486684f8e18052d2eb1a7afb14dd5d1d87ebf705c1c4af06eb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1962687
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 04 Jul 2023 11:18:14 GMT
server: cloudflare
etag: W/"64a3fff6-a61"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7fe848ea38144d22-FRA
expires: Wed, 28 Aug 2024 22:38:32 GMT

GET
H2 200 styles.chunk.js Show response
cdn.lihkg.com/static/2307045067-knk8z/js/ 27 KB
16 KB 41ms
24ms Script
application/javascript 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lihkg.com/static/2307045067-knk8z/js/styles.chunk.js

Requested by

Host: lihkg.com
URL: https://lihkg.com/thread/3470022/page/2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a461002f77d83338ab9aafd8bfd8cb6275f8f6af2ea6a4f8c040d2aad2130f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1962687
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 04 Jul 2023 11:18:14 GMT
server: cloudflare
etag: W/"64a3fff6-6a36"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7fe848ea38174d22-FRA
expires: Wed, 28 Aug 2024 22:38:32 GMT

GET
H2 200 main.js Show response
cdn.lihkg.com/static/2307045067-knk8z/js/ 3 MB
784 KB 67ms
50ms Script
application/javascript 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js

Requested by

Host: lihkg.com
URL: https://lihkg.com/thread/3470022/page/2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08db44d1b93268a2f3b72a2af31bcf207d87714f0f766792c49ed4ccdd2a0e80

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1962687
cf-polished: origSize=2870133
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 04 Jul 2023 11:18:14 GMT
server: cloudflare
etag: W/"64a3fff6-2bcb75"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7fe848ea38164d22-FRA
expires: Wed, 28 Aug 2024 22:38:32 GMT

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 85ms
56ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: lihkg.com
URL: https://lihkg.com/thread/3470022/page/2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://lihkg.com/
Origin: https://lihkg.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:32 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7fe848ea58e79214-FRA

GET
H2 200 styles.css
cdn.lihkg.com/static/2307045067-knk8z/css/ 179 KB
40 KB 42ms
40ms Stylesheet
text/css 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lihkg.com/static/2307045067-knk8z/css/styles.css

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/misc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4911d1cc42e734d7ff839ebecc749804c1fb675f2bd496074c87c32429e17b3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1962685
cf-polished: origSize=184017
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 04 Jul 2023 11:18:14 GMT
server: cloudflare
etag: W/"64a3fff6-2ced1"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7fe848eaa9484d22-FRA
expires: Wed, 28 Aug 2024 22:38:32 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 42ms
15ms XHR
application/json 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230830

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/assets/js/prebid7.51.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32eae5ac37a6fa422532679db09a5ba09e1fb0559d191208ff1babbc1be1fe7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 29 Aug 2023 22:38:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 23863
x-jsd-version: 1.0.1797
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-jnb7022-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"63d-y0xnGXM1F02SZhtv2ffvvco9+hE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLz5UhzncUQAKudbYBT9QhkWgutK4MuYR0bUj%2FD9LzcvPCp%2BvbPwg6jueROuqB6UfMmqhqOs13B3tPaj0E8PZHgHxzvFZoFOuMqHKDNe%2BKmRhf0WZ5v3StYzzr7f4vnXJO4KOi7mtCwFr09eor4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7fe848eaeb791da0-FRA

GET
H2 200 css
fonts.googleapis.com/ 2 KB
917 B 126ms
46ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu+Mono

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c25d5a361bff658ecdce364861744ffa447830da7d5fed134b43158fe456b04f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 29 Aug 2023 22:38:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 29 Aug 2023 21:28:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 29 Aug 2023 22:38:32 GMT

GET
H3 200 property Show response
lihkg.com/api_v2/system/ 51 KB
3 KB 221ms
221ms XHR
application/json 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lihkg.com/api_v2/system/property

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fc31ae56768311960d7d5f2d67d853598c06f1982017f1091a01a5e099840ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
X-LI-LOAD-TIME: 5.14565705
Referer: https://lihkg.com/thread/3470022/page/2
accept-language: de-DE,de;q=0.9
X-LI-DEVICE-TYPE: browser
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
X-LI-DEVICE: 02ac077723fadcb83d415ca9e98bdb464a0dd925

Response headers

date: Tue, 29 Aug 2023 22:38:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json;charset=utf-8
li-node: AWS8
cf-ray: 7fe848ec1bb418d4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

invisible.js Show response
lihkg.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/ Frame 4E55
Redirect Chain

https://lihkg.com/cdn-cgi/challenge-platform/scripts/invisible.js
https://lihkg.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/invisible.js

7 KB
3 KB

24ms
24ms

Script
application/javascript

2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lihkg.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/invisible.js

Requested by

Host: lihkg.com
URL: https://lihkg.com/thread/3470022/page/2

Protocol

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53c31afb6037395b532b8ba67c8d63d467893e5d4d57521ea21d5899e7f9faeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7fe848ecbc5518d4-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Tue, 29 Aug 2023 22:38:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/be88c2a1/invisible.js
cache-control: max-age=300, public
cf-ray: 7fe848ec6bfc18d4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/ 404 KB
127 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 17:24:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18856
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129934
x-xss-protection: 0
server: cafe
etag: 17007686020673988365
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 28 Aug 2024 17:24:16 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/ Frame DF3C 10 KB
5 KB 115ms
35ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230828/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 16626
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 18:01:26 GMT
etag: 9878862242593084568
expires: Tue, 12 Sep 2023 18:01:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 7fe848e8fdb64d22 Show response
lihkg.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 4E55 0
303 B 34ms
34ms XHR
text/plain 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lihkg.com/cdn-cgi/challenge-platform/h/b/jsd/r/7fe848e8fdb64d22

Requested by

Host: lihkg.com
URL: https://lihkg.com/cdn-cgi/challenge-platform/scripts/invisible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 29 Aug 2023 22:38:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 7fe848edbd4718d4-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 11.chunk.js Show response
cdn.lihkg.com/static/2307045067-knk8z/js/ 29 KB
9 KB 42ms
42ms Script
application/javascript 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lihkg.com/static/2307045067-knk8z/js/11.chunk.js

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb4d609b5c3a5aec790f8937ce65e69f35303ddbe39cf3588af7bed8ed2a437e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 37101
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 04 Jul 2023 11:18:14 GMT
server: cloudflare
etag: W/"64a3fff6-758d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7fe848eded6e18d4-FRA
expires: Wed, 28 Aug 2024 22:38:32 GMT

GET
H3 200 21.chunk.js Show response
cdn.lihkg.com/static/2307045067-knk8z/js/ 32 KB
11 KB 37ms
37ms Script
application/javascript 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lihkg.com/static/2307045067-knk8z/js/21.chunk.js

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b79061721d5bff6017244edfae8d759856428814d3e0a5c96ddf81c62fc1a778

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 37101
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 04 Jul 2023 11:18:14 GMT
server: cloudflare
etag: W/"64a3fff6-813d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7fe848eded7618d4-FRA
expires: Wed, 28 Aug 2024 22:38:32 GMT

GET
H3 200 8.chunk.js Show response
cdn.lihkg.com/static/2307045067-knk8z/js/ 3 KB
1 KB 39ms
39ms Script
application/javascript 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lihkg.com/static/2307045067-knk8z/js/8.chunk.js

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94e2294df57e775b3da8a4dfeaf427c81efa2a05f808229fcdd4f12646d8a2c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 35673
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 04 Jul 2023 11:18:14 GMT
server: cloudflare
etag: W/"64a3fff6-b00"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7fe848edfd8c18d4-FRA
expires: Wed, 28 Aug 2024 22:38:32 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a40bc7c42a924ebfb7c0bc286872aca8d62d090c27977c8f216306a521369828

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 licon.woff2
cdn.lihkg.com/assets/web/fonts/ 14 KB
14 KB 53ms
36ms Font
application/octet-stream 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lihkg.com/assets/web/fonts/licon.woff2?2spcxh

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/assets/web/style.css?ver=13032023

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b1a46106fd1a1ddf039f102e746861c90f6da3b4065aa901362503654335467

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.lihkg.com/assets/web/style.css?ver=13032023
Origin: https://lihkg.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
accept-language: bytes
age: 1672883
alt-svc: h3=":443"; ma=86400
content-length: 13916
last-modified: Mon, 13 Mar 2023 10:32:06 GMT
server: cloudflare
etag: "640efba6-365c"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7fe848ee2d784d31-FRA
expires: Wed, 28 Aug 2024 22:38:32 GMT

GET
H3 200 2 Show response
lihkg.com/api_v2/thread/3470022/page/ 42 KB
4 KB 418ms
418ms XHR
application/json 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lihkg.com/api_v2/thread/3470022/page/2?order=reply_time

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b22bd988460b49f00b4eaf0cd7671c7e3bf23ce1e3d015e5163fdc8de80073d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
X-LI-LOAD-TIME: 6.1310464
Referer: https://lihkg.com/thread/3470022/page/2
accept-language: de-DE,de;q=0.9
X-LI-DEVICE-TYPE: browser
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
X-LI-DEVICE: 02ac077723fadcb83d415ca9e98bdb464a0dd925

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json;charset=utf-8
li-node: AWS7
cf-ray: 7fe848ee4dcd18d4-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 204 rum Show response
lihkg.com/cdn-cgi/ 0
137 B 20ms
19ms XHR
text/plain 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lihkg.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://lihkg.com/thread/3470022/page/2
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
content-type: application/json

Response headers

date: Tue, 29 Aug 2023 22:38:32 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://lihkg.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7fe848eeee6718d4-FRA

GET
H2 200 prebid Show response
pb.lihkg.com/ Frame EBC7 5 KB
2 KB 221ms
198ms Document
text/html 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38f00d6938a8f2a9b7e0d6d8005a5b6be5cb0b1c5c51822119118d95ccd73879

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=1800
cf-cache-status: HIT
cf-ray: 7fe848f15e114d22-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Aug 2023 22:38:33 GMT
expires: Tue, 29 Aug 2023 23:08:33 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 prebid Show response
pb.lihkg.com/ Frame E52B 5 KB
2 KB 226ms
204ms Document
text/html 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38f00d6938a8f2a9b7e0d6d8005a5b6be5cb0b1c5c51822119118d95ccd73879

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=1800
cf-cache-status: HIT
cf-ray: 7fe848f15e164d22-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Aug 2023 22:38:33 GMT
expires: Tue, 29 Aug 2023 23:08:33 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 prebid Show response
pb.lihkg.com/ Frame DBCC 5 KB
2 KB 216ms
195ms Document
text/html 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38f00d6938a8f2a9b7e0d6d8005a5b6be5cb0b1c5c51822119118d95ccd73879

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=1800
cf-cache-status: HIT
cf-ray: 7fe848f15e134d22-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Aug 2023 22:38:33 GMT
expires: Tue, 29 Aug 2023 23:08:33 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 prebid Show response
pb.lihkg.com/ Frame 2D3F 5 KB
2 KB 212ms
193ms Document
text/html 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38f00d6938a8f2a9b7e0d6d8005a5b6be5cb0b1c5c51822119118d95ccd73879

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=1800
cf-cache-status: HIT
cf-ray: 7fe848f15e124d22-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Aug 2023 22:38:33 GMT
expires: Tue, 29 Aug 2023 23:08:33 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 prebid Show response
pb.lihkg.com/ Frame 4A11 5 KB
2 KB 243ms
225ms Document
text/html 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38f00d6938a8f2a9b7e0d6d8005a5b6be5cb0b1c5c51822119118d95ccd73879

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=1800
cf-cache-status: HIT
cf-ray: 7fe848f15e194d22-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Aug 2023 22:38:33 GMT
expires: Tue, 29 Aug 2023 23:08:33 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 f5-sprite.png
cdn.lihkg.com/static/2307045067-knk8z/media/ 10 KB
11 KB 34ms
33ms Image
image/webp 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.lihkg.com/static/2307045067-knk8z/media/f5-sprite.png

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f03b94344821d98d8d849415345f53de7c9eb39fe0e5b4862eb1067332d7d79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.lihkg.com/static/2307045067-knk8z/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 35673
cf-polished: origFmt=png, origSize=11433
content-disposition: inline; filename="f5-sprite.webp"
alt-svc: h3=":443"; ma=86400
content-length: 10656
cf-bgj: imgq:100,h2pri
last-modified: Tue, 04 Jul 2023 11:18:14 GMT
server: cloudflare
etag: "64a3fff6-2ca9"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7fe848f1485a18d4-FRA
expires: Thu, 28 Sep 2023 22:38:33 GMT

GET
H3 200 f5bouncer.png
cdn.lihkg.com/static/2307045067-knk8z/media/ 10 KB
10 KB 37ms
36ms Image
image/webp 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.lihkg.com/static/2307045067-knk8z/media/f5bouncer.png

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d18956c21464cd32c3ce93f61bbb47b3e24d58ca2680702c7c84a37cdbacc54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.lihkg.com/static/2307045067-knk8z/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 35673
cf-polished: origFmt=png, origSize=11486
content-disposition: inline; filename="f5bouncer.webp"
alt-svc: h3=":443"; ma=86400
content-length: 9858
cf-bgj: imgq:100,h2pri
last-modified: Tue, 04 Jul 2023 11:18:14 GMT
server: cloudflare
etag: "64a3fff6-2cde"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7fe848f1485b18d4-FRA
expires: Thu, 28 Sep 2023 22:38:33 GMT

POST

apnet
gocm.c.appier.net/
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid

0
0

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
324 B 102ms
27ms XHR
text/plain 108.128.215.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/assets/js/prebid7.51.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 108.128.215.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-215-42.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin: https://lihkg.com
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: 03bd5ebd-faa5-e3f8-7f44-9683a90f656d

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
322 B 103ms
27ms XHR
text/plain 108.128.215.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/assets/js/prebid7.51.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 108.128.215.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-215-42.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin: https://lihkg.com
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: e08ee5e9-7150-5c4a-2560-fad6c487ebf6

POST
H/1.1 204
No Content hb Show response
cpm.bidmyqps.xyz/ 0
256 B 80ms
14ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.bidmyqps.xyz/hb?zone=195139&v=1.6
Requested by: Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/assets/js/prebid7.51.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 22:38:33 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://lihkg.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ 0
171 B 412ms
104ms XHR
text/plain 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-772A2EBB6B843764FB988777722AD229&tdid=&schain=&gpid=%2F244621734%2Fprebid-post&eids=&pubcid=3f76b50a-84bf-4a17-a695-0611f10c5efa&u=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F2&host=lihkg.com&w=336&h=280
Requested by: Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/assets/js/prebid7.51.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://lihkg.com
Date: Tue, 29 Aug 2023 22:38:33 GMT
Access-Control-Allow-Credentials: true
Connection: close

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/ 384 KB
130 KB 103ms
103ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=lihkg.com&bust=31077504

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d4f0f7bb1f66ca7fb98c64114528a54eded29040c5f08cd9ebfd0540a0e72fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133273
x-xss-protection: 0
server: cafe
etag: 4649881636296904797
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 22:38:33 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 203 KB
73 KB 53ms
52ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-L8WS4GS6YR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PPY9Z37CCJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2cfad31e954fbffb335d93c5ec79e1ed99cc805e6b17727be6312445a653d04a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74936
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 29 Aug 2023 22:38:33 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 49ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-PPY9Z37CCJ&gtm=45je38n0&_p=705413750&_gaz=1&cid=544351479.1693348713&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2Fthread%2F3470022%2F&sid=1693348713&sct=1&seg=0&dl=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F2&dt=%233470022%23%E4%BB%8A%E6%97%A5%E4%BF%BE%E5%80%8B%E8%81%B7%E5%93%A1%E5%8F%AB%E6%88%91%E5%8E%BB%E7%9F%B3%E9%96%80%E6%8B%8E%E5%AD%B8%E7%94%9F%E8%AD%89&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&upn.darkMode=1&upn.splitMode=1&upn.staticIcons=0&upn.limitContainerSize=1&upn.isLoggedIn=0&upn.officeMode=0&upn.fakeOfficeMode=0&up.cat_id_19_thread_id=3470022&up.thread_id=3470022
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PPY9Z37CCJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lihkg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
241 B 69ms
18ms Ping
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PPY9Z37CCJ&cid=544351479.1693348713&gtm=45je38n0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PPY9Z37CCJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lihkg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 clown.gif
cdn.lihkg.com/assets/faces/normal/ 179 B
480 B 27ms
26ms Image
image/gif 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.lihkg.com/assets/faces/normal/clown.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ed2a584ee1368ea53d5ad19adcf8bd9aa9d260d1489a41f9ddcac11db82a4bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
accept-language: bytes
age: 1159639
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 179
cf-bgj: imgq:100,h2pri
last-modified: Wed, 13 Jul 2022 10:56:19 GMT
server: cloudflare
etag: "62cea4d3-b3"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7fe848f1b8c418d4-FRA
expires: Thu, 28 Sep 2023 22:38:33 GMT

GET
H3 200 26.png
cdn.lihkg.com/assets/faces/lomoji/ 2 KB
3 KB 39ms
37ms Image
image/webp 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.lihkg.com/assets/faces/lomoji/26.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

234b2aaf46d739732c3a5ac9f9c3dceff6580cf2e083fd2f3da9336e1f4ea028

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1140605
cf-polished: origFmt=png, origSize=3303
content-disposition: inline; filename="26.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2480
cf-bgj: imgq:100,h2pri
last-modified: Wed, 13 Jul 2022 10:56:19 GMT
server: cloudflare
etag: "62cea4d3-ce7"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7fe848f1b8c618d4-FRA
expires: Thu, 28 Sep 2023 22:38:33 GMT

GET
H3 200 oh.gif
cdn.lihkg.com/assets/faces/normal/ 154 B
487 B 43ms
41ms Image
image/webp 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.lihkg.com/assets/faces/normal/oh.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9fe05682e0c0cc50e80b740cc4b65e85d51176d2d422cdc3062228b820f3030

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
accept-language: bytes
age: 1132739
cf-polished: origFmt=gif, origSize=171
content-disposition: inline; filename="oh.webp"
alt-svc: h3=":443"; ma=86400
content-length: 154
cf-bgj: imgq:100,h2pri
last-modified: Wed, 13 Jul 2022 10:56:19 GMT
server: cloudflare
etag: "62cea4d3-ab"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7fe848f1b8c718d4-FRA
expires: Thu, 28 Sep 2023 22:38:33 GMT

GET
H3 200 lose.gif
cdn.lihkg.com/assets/faces/cow/ 597 B
909 B 40ms
37ms Image
image/gif 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.lihkg.com/assets/faces/cow/lose.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

750ef554ccd3ec1442639c002f8b5d7e0ff3037f1177ec5774d1120a60b1d6fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
accept-language: bytes
age: 1908147
cf-polished: origSize=850, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 597
cf-bgj: imgq:100,h2pri
last-modified: Fri, 09 Jun 2023 08:08:47 GMT
server: cloudflare
etag: "6482de0f-352"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7fe848f1b8c818d4-FRA
expires: Thu, 28 Sep 2023 22:38:33 GMT

GET
H3 200 adore.gif
cdn.lihkg.com/assets/faces/lm2/ 586 B
914 B 38ms
36ms Image
image/webp 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.lihkg.com/assets/faces/lm2/adore.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a35a904ed0404b45c2d6d12069d7b567c88ca3287531385af5872c629f67b467

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1072852
cf-polished: origFmt=gif, origSize=627
content-disposition: inline; filename="adore.webp"
alt-svc: h3=":443"; ma=86400
content-length: 586
cf-bgj: imgq:100,h2pri
last-modified: Wed, 13 Jul 2022 10:56:19 GMT
server: cloudflare
etag: "62cea4d3-273"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7fe848f1b8ca18d4-FRA
expires: Thu, 28 Sep 2023 22:38:33 GMT

GET
H3 200 biggrin.gif
cdn.lihkg.com/assets/faces/normal/ 162 B
498 B 47ms
45ms Image
image/webp 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.lihkg.com/assets/faces/normal/biggrin.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

359bfb2022da71c6c1768306f0a10086680344c0d15bd563cd13e112e7e881f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
accept-language: bytes
age: 1120988
cf-polished: origFmt=gif, origSize=168
content-disposition: inline; filename="biggrin.webp"
alt-svc: h3=":443"; ma=86400
content-length: 162
cf-bgj: imgq:100,h2pri
last-modified: Wed, 13 Jul 2022 10:56:19 GMT
server: cloudflare
etag: "62cea4d3-a8"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7fe848f1b8cb18d4-FRA
expires: Thu, 28 Sep 2023 22:38:33 GMT

GET
H3 200 touch.gif
cdn.lihkg.com/assets/faces/dog/ 1 KB
2 KB 45ms
44ms Image
image/webp 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.lihkg.com/assets/faces/dog/touch.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9565c2b62e4360360bbcdb71948add07b16345599cfd7d7b6b2f352a97ff81be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
accept-language: bytes
age: 995769
cf-polished: origFmt=gif, origSize=1456
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=lsVeZiGD5UHX.SD1ndz21FaQmSvyJj9PHPpfb_waCeU-1693348713-0-AVaPGmOKQqOfYsrgSTFzQ1LASqsuu9KkFmFWDRj6u1Tv5fwTnbIsLz1PPqMCReTSVtgXjrz5qJJid3ZcoCSn8qwHftjlWcv5V6DQ4nZiXhwVEPj9vVHkftsqkq4B4xd08oecJqE30zK8rRZqHDUwMY_yUygu7nRcqQ3cL3xEK2f3Odlgqxajm3LTvECCJna7Mg; report-to cf-csp-endpoint
content-disposition: inline; filename="touch.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1358
cf-bgj: imgq:100,h2pri
last-modified: Wed, 13 Jul 2022 10:56:19 GMT
server: cloudflare
etag: "62cea4d3-5b0"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=lsVeZiGD5UHX.SD1ndz21FaQmSvyJj9PHPpfb_waCeU-1693348713-0-AVaPGmOKQqOfYsrgSTFzQ1LASqsuu9KkFmFWDRj6u1Tv5fwTnbIsLz1PPqMCReTSVtgXjrz5qJJid3ZcoCSn8qwHftjlWcv5V6DQ4nZiXhwVEPj9vVHkftsqkq4B4xd08oecJqE30zK8rRZqHDUwMY_yUygu7nRcqQ3cL3xEK2f3Odlgqxajm3LTvECCJna7Mg"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7fe848f1b8cc18d4-FRA
expires: Thu, 28 Sep 2023 22:38:33 GMT

GET
H3 200 smile.gif
cdn.lihkg.com/assets/faces/dog/ 763 B
1 KB 46ms
44ms Image
image/gif 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.lihkg.com/assets/faces/dog/smile.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

deb23b71b7aebe4ff504f8df4215ba417469dc6b8cf40f8755f1ad9657f5d43e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 905934
cf-polished: origSize=764, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 763
cf-bgj: imgq:100,h2pri
last-modified: Wed, 13 Jul 2022 10:56:19 GMT
server: cloudflare
etag: "62cea4d3-2fc"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7fe848f1b8cd18d4-FRA
expires: Thu, 28 Sep 2023 22:38:33 GMT

GET
H3 200 hehe.gif
cdn.lihkg.com/assets/faces/dog/ 577 B
883 B 38ms
36ms Image
image/gif 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.lihkg.com/assets/faces/dog/hehe.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70c5e7e43dad82d88eb37e5a682b9c71b689b7efb05f9e58e9cebd4e5e4ba94b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1442163
cf-polished: origSize=579, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 577
cf-bgj: imgq:100,h2pri
last-modified: Wed, 13 Jul 2022 10:56:19 GMT
server: cloudflare
etag: "62cea4d3-243"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7fe848f1b8d018d4-FRA
expires: Thu, 28 Sep 2023 22:38:33 GMT

GET
H3 200 haha.gif
cdn.lihkg.com/assets/faces/dog/ 605 B
910 B 45ms
44ms Image
image/gif 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.lihkg.com/assets/faces/dog/haha.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8b009a457899d38051b66550fef78790dc412c6ee13553f4f00f49a03eb8bbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1740330
cf-polished: origSize=613, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 605
cf-bgj: imgq:100,h2pri
last-modified: Wed, 13 Jul 2022 10:56:19 GMT
server: cloudflare
etag: "62cea4d3-265"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7fe848f1b8d118d4-FRA
expires: Thu, 28 Sep 2023 22:38:33 GMT

GET
H3 200 agree.gif
cdn.lihkg.com/assets/faces/normal/ 875 B
1 KB 41ms
40ms Image
image/gif 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.lihkg.com/assets/faces/normal/agree.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cd8ed767fc6b46b1261f9394cca7c3fcae1b16f8cf21e4fdc9a5d5ca86ee8e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1159620
cf-polished: origSize=881, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 875
cf-bgj: imgq:100,h2pri
last-modified: Wed, 13 Jul 2022 10:56:19 GMT
server: cloudflare
etag: "62cea4d3-371"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7fe848f1b8d218d4-FRA
expires: Thu, 28 Sep 2023 22:38:33 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 133ms
49ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PPY9Z37CCJ&cid=544351479.1693348713&gtm=45je38n0&aip=1&z=1623233749

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 category Show response
lihkg.com/api_v2/thread/ 63 KB
9 KB 641ms
640ms XHR
application/json 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lihkg.com/api_v2/thread/category?cat_id=19&page=1&count=60

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bbeb17cdfb305edaf4ff7dce9dd9b6957bbdca3ed8f42272d876c5dfebc913b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
X-LI-LOAD-TIME: 4.3809740
Referer: https://lihkg.com/thread/3470022/page/2
accept-language: de-DE,de;q=0.9
X-LI-DEVICE-TYPE: browser
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
X-LI-DEVICE: 02ac077723fadcb83d415ca9e98bdb464a0dd925

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json;charset=utf-8
li-node: AWS3
cf-ray: 7fe848f1b8d918d4-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 43 KB
13 KB 59ms
22ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308240101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-aa04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 30 Aug 2023 22:38:33 GMT

GET
H3 200 asyncspc.php Show response
adv.lihkg.com/www/delivery/ 417 B
614 B 543ms
543ms XHR
application/json 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adv.lihkg.com/www/delivery/asyncspc.php?zones=9&prefix=revive-0-&target=_blank&prebid=1&platform=web&theme=light&cat-id=19&sub-cat-id=0&hot=0&adu=0&member=0&loc=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F2

Requested by

Host: adv.lihkg.com
URL: https://adv.lihkg.com/www/delivery/asyncjs.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

885bd0b0ae7034a353e2f41a8187ee50fb4a389885530b500e6ac7ba79a3bcfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://lihkg.com
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7fe848f1e8f318d4-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 24ms
18ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-L8WS4GS6YR&gtm=45je38n0&_p=705413750&cid=544351479.1693348713&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2Fthread%2F3470022%2F&sid=1693348713&sct=1&seg=0&dl=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F2&dt=%233470022%23%E4%BB%8A%E6%97%A5%E4%BF%BE%E5%80%8B%E8%81%B7%E5%93%A1%E5%8F%AB%E6%88%91%E5%8E%BB%E7%9F%B3%E9%96%80%E6%8B%8E%E5%AD%B8%E7%94%9F%E8%AD%89&en=page_view&_fv=1&_ss=1&_ee=1&upn.darkMode=1&upn.splitMode=1&upn.staticIcons=0&upn.limitContainerSize=1&upn.isLoggedIn=0&upn.officeMode=0&upn.fakeOfficeMode=0&up.cat_id_19_thread_id=3470022&up.thread_id=3470022
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-L8WS4GS6YR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lihkg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 9BB2 15 KB
6 KB 45ms
16ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=lihkg.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:33 GMT
server: Kestrel
server-processing-duration-in-ticks: 295203
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 prebid7.51.0.js Show response
pb.lihkg.com/js/ Frame 2D3F 251 KB
78 KB 41ms
40ms Script
application/javascript 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/js/prebid7.51.0.js

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e9e9483dc8972e01d5f55bbade4cb00f0ad629dc73e7cfd1224ed2496108cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 8254002
cf-polished: origSize=257341
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 26 May 2023 09:44:34 GMT
server: cloudflare
etag: W/"3ed3d-18857721436"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
cf-ray: 7fe848f2999a18d4-FRA
expires: Thu, 28 Sep 2023 22:38:33 GMT

GET
H3 200 prebid7.51.0.js Show response
pb.lihkg.com/js/ Frame DBCC 251 KB
78 KB 60ms
59ms Script
application/javascript 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/js/prebid7.51.0.js

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e9e9483dc8972e01d5f55bbade4cb00f0ad629dc73e7cfd1224ed2496108cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 8254002
cf-polished: origSize=257341
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 26 May 2023 09:44:34 GMT
server: cloudflare
etag: W/"3ed3d-18857721436"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
cf-ray: 7fe848f299ad18d4-FRA
expires: Thu, 28 Sep 2023 22:38:33 GMT

GET
H3 200 prebid7.51.0.js Show response
pb.lihkg.com/js/ Frame EBC7 251 KB
78 KB 67ms
67ms Script
application/javascript 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/js/prebid7.51.0.js

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e9e9483dc8972e01d5f55bbade4cb00f0ad629dc73e7cfd1224ed2496108cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 8254002
cf-polished: origSize=257341
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 26 May 2023 09:44:34 GMT
server: cloudflare
etag: W/"3ed3d-18857721436"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
cf-ray: 7fe848f2a9b318d4-FRA
expires: Thu, 28 Sep 2023 22:38:33 GMT

GET
H3 200 prebid7.51.0.js Show response
pb.lihkg.com/js/ Frame E52B 251 KB
78 KB 61ms
60ms Script
application/javascript 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/js/prebid7.51.0.js

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e9e9483dc8972e01d5f55bbade4cb00f0ad629dc73e7cfd1224ed2496108cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 8254002
cf-polished: origSize=257341
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 26 May 2023 09:44:34 GMT
server: cloudflare
etag: W/"3ed3d-18857721436"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
cf-ray: 7fe848f2b9c118d4-FRA
expires: Thu, 28 Sep 2023 22:38:33 GMT

GET
H3 200 prebid7.51.0.js Show response
pb.lihkg.com/js/ Frame 4A11 251 KB
78 KB 51ms
51ms Script
application/javascript 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/js/prebid7.51.0.js

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e9e9483dc8972e01d5f55bbade4cb00f0ad629dc73e7cfd1224ed2496108cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 8254002
cf-polished: origSize=257341
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 26 May 2023 09:44:34 GMT
server: cloudflare
etag: W/"3ed3d-18857721436"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
cf-ray: 7fe848f2c9d418d4-FRA
expires: Thu, 28 Sep 2023 22:38:33 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9BB2
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=lihkg.com&sn=ChromeSyncframe&so=0&topUrl=lihkg.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=15KwQXwzUkdITERuemlxcFdMRURNanNpNU03aS95S0x5T2l3b3lUVkpQSDNxNnFQOUtZellvWU9DTG5rKytLbWR2RzdTRk82amEvaS9GemxPUGFaZm1SUjlSWTUwa0hsMXg3QnRoMitRNVk2Q1JLbVF1MUl1anNMbm4wVG...

438 B
660 B

72ms
18ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=15KwQXwzUkdITERuemlxcFdMRURNanNpNU03aS95S0x5T2l3b3lUVkpQSDNxNnFQOUtZellvWU9DTG5rKytLbWR2RzdTRk82amEvaS9GemxPUGFaZm1SUjlSWTUwa0hsMXg3QnRoMitRNVk2Q1JLbVF1MUl1anNMbm4wVGtZTTkvVXhHaEhyMXRTMDFUdkV1N0hsemtJQlkwMzVDOGJUcnBBTzFtZGlJVEM2ZGc4QU5ZSjhHVVk4SFZaSW4xTzJhZ09UcklsOWhMeWE0NWJoejVmSGwxQmsyaXFtQ2FzNE5DOXNzWitSaHlJZkhXWUYvV2xEMkRqdVBzaCtiL2w5OHh6VXNQWSt6RGt2bXp3YUdvNTFoL1FiSENVUT09fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

36399503dcdbdb234112a7da5fd5e7c7505a0eac217836e01fa91224f77f1f8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:33 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2066173
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=15KwQXwzUkdITERuemlxcFdMRURNanNpNU03aS95S0x5T2l3b3lUVkpQSDNxNnFQOUtZellvWU9DTG5rKytLbWR2RzdTRk82amEvaS9GemxPUGFaZm1SUjlSWTUwa0hsMXg3QnRoMitRNVk2Q1JLbVF1MUl1anNMbm4wVGtZTTkvVXhHaEhyMXRTMDFUdkV1N0hsemtJQlkwMzVDOGJUcnBBTzFtZGlJVEM2ZGc4QU5ZSjhHVVk4SFZaSW4xTzJhZ09UcklsOWhMeWE0NWJoejVmSGwxQmsyaXFtQ2FzNE5DOXNzWitSaHlJZkhXWUYvV2xEMkRqdVBzaCtiL2w5OHh6VXNQWSt6RGt2bXp3YUdvNTFoL1FiSENVUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 281308
content-length: 0
expires: 0

POST
H/1.1 204
No Content hb Show response
cpm.bidmyqps.xyz/ Frame 2D3F 0
259 B 42ms
14ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.bidmyqps.xyz/hb?zone=195139&v=1.6
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 22:38:33 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://pb.lihkg.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame 2D3F 0
174 B 280ms
96ms XHR
text/plain 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-772A2EBB6B843764FB988777722AD229&tdid=&schain=&fp=0.03&eids=&pubcid=6b5def8a-fb83-44e7-9adf-fd3583358254&u=https%3A%2F%2Flihkg.com%2F&host=lihkg.com&ao=https%3A%2F%2Flihkg.com&w=336&h=280
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://pb.lihkg.com
Date: Tue, 29 Aug 2023 22:38:33 GMT
Access-Control-Allow-Credentials: true
Connection: close

POST

apnet
gocm.c.appier.net/ Frame 2D3F
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid

0
0

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ Frame 2D3F 0
324 B 29ms
29ms XHR
text/plain 108.128.215.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 108.128.215.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-215-42.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin: https://pb.lihkg.com
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: b783bfa1-9892-f8d0-a192-12e5c7fac631

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ Frame 2D3F 0
323 B 28ms
28ms XHR
text/plain 108.128.215.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 108.128.215.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-215-42.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin: https://pb.lihkg.com
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: 420d1567-3912-1e5b-d89e-003110701951

POST
H/1.1 204
No Content hb Show response
cpm.bidmyqps.xyz/ Frame DBCC 0
259 B 42ms
14ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.bidmyqps.xyz/hb?zone=195139&v=1.6
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 22:38:33 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://pb.lihkg.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ Frame DBCC 0
324 B 28ms
28ms XHR
text/plain 108.128.215.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 108.128.215.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-215-42.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin: https://pb.lihkg.com
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: 476364b0-369d-f8cb-a1f7-527d6e826296

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ Frame DBCC 0
325 B 29ms
29ms XHR
text/plain 108.128.215.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 108.128.215.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-215-42.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin: https://pb.lihkg.com
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: b6e4bfc9-6696-0935-8437-d5501d990043

POST

apnet
gocm.c.appier.net/ Frame DBCC
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid

0
0

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame DBCC 0
174 B 291ms
99ms XHR
text/plain 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-772A2EBB6B843764FB988777722AD229&tdid=&schain=&fp=0.03&eids=&pubcid=6b5def8a-fb83-44e7-9adf-fd3583358254&u=https%3A%2F%2Flihkg.com%2F&host=lihkg.com&ao=https%3A%2F%2Flihkg.com&w=336&h=280
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://pb.lihkg.com
Date: Tue, 29 Aug 2023 22:38:32 GMT
Access-Control-Allow-Credentials: true
Connection: close

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame EBC7 0
174 B 287ms
103ms XHR
text/plain 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-772A2EBB6B843764FB988777722AD229&tdid=&schain=&fp=0.03&eids=&pubcid=6b5def8a-fb83-44e7-9adf-fd3583358254&u=https%3A%2F%2Flihkg.com%2F&host=lihkg.com&ao=https%3A%2F%2Flihkg.com&w=336&h=280
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://pb.lihkg.com
Date: Tue, 29 Aug 2023 22:38:33 GMT
Access-Control-Allow-Credentials: true
Connection: close

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ Frame EBC7 0
324 B 28ms
28ms XHR
text/plain 108.128.215.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 108.128.215.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-215-42.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin: https://pb.lihkg.com
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: e95d66f3-0085-ee2f-fe42-85b281ea59dd

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ Frame EBC7 0
324 B 27ms
27ms XHR
text/plain 108.128.215.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 108.128.215.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-215-42.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin: https://pb.lihkg.com
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: 9c218fd8-db9a-d1d2-e576-c6f555018446

POST

apnet
gocm.c.appier.net/ Frame EBC7
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid

0
0

POST
H/1.1 204
No Content hb Show response
cpm.bidmyqps.xyz/ Frame EBC7 0
259 B 44ms
14ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.bidmyqps.xyz/hb?zone=195139&v=1.6
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 22:38:33 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://pb.lihkg.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

POST

bid
ad2.apx.appier.net/v1/prebid/ Frame E52B
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=K6wExK0eDRGYtgyUanPuZA

0
0

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame E52B 0
174 B 293ms
101ms XHR
text/plain 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-772A2EBB6B843764FB988777722AD229&tdid=&schain=&fp=0.03&eids=&pubcid=6b5def8a-fb83-44e7-9adf-fd3583358254&u=https%3A%2F%2Flihkg.com%2F&host=lihkg.com&ao=https%3A%2F%2Flihkg.com&w=336&h=280
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://pb.lihkg.com
Date: Tue, 29 Aug 2023 22:38:33 GMT
Access-Control-Allow-Credentials: true
Connection: close

POST
H/1.1 204
No Content hb Show response
cpm.bidmyqps.xyz/ Frame E52B 0
259 B 42ms
14ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.bidmyqps.xyz/hb?zone=195139&v=1.6
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 22:38:33 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://pb.lihkg.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ Frame E52B 0
324 B 28ms
27ms XHR
text/plain 108.128.215.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 108.128.215.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-215-42.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin: https://pb.lihkg.com
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: 07419355-0c62-d189-8634-df2ac136a5b7

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ Frame E52B 0
324 B 28ms
28ms XHR
text/plain 108.128.215.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 108.128.215.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-215-42.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin: https://pb.lihkg.com
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: 14363304-8a3f-401c-13d0-aff0669b1034

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
601 B 124ms
44ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=lihkg.com&callback=_gfp_s_&client=ca-pub-1983042674979462

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=lihkg.com&bust=31077504

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8c80e2a3d4e5844fa8db23543a469b72dc3a0c279ffce2b7d2a762536793cd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H3

200

flurry Show response
pb.lihkg.com/ Frame 006C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=250&slotname=9106605872%2F5521398132&adk=3524170298&adf=1298467582&pi=t.ma~as.9106605872%2F55213981_&w=32...
https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

1 KB
793 B

198ms
197ms

Document
text/html

2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fb66cda8a7f6b544f761bba57abfdadd810eece869cc49f5c4fdb97eda7271c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=1800
cf-cache-status: HIT
cf-ray: 7fe848f49b7218d4-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Aug 2023 22:38:33 GMT
expires: Tue, 29 Aug 2023 23:08:33 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:33 GMT
location: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 166ms
87ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230828&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

613d6d344a52373768d6919e8e0478c25d59d9b61075d005cc80c7cc41c6b455

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11730
x-xss-protection: 0

POST
H/1.1 204
No Content hb Show response
cpm.bidmyqps.xyz/ Frame 4A11 0
259 B 45ms
14ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.bidmyqps.xyz/hb?zone=195139&v=1.6
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 22:38:33 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://pb.lihkg.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

POST bid
ad2.apx.appier.net/v1/prebid/ Frame 4A11 0
0

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ Frame 4A11 0
324 B 29ms
28ms XHR
text/plain 108.128.215.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 108.128.215.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-215-42.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin: https://pb.lihkg.com
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: d4f6c6da-1733-7066-318c-07c1adef5782

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ Frame 4A11 0
324 B 28ms
28ms XHR
text/plain 108.128.215.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 108.128.215.42 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-108-128-215-42.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin: https://pb.lihkg.com
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: fed8d005-c074-61bd-163e-d66b3204437d

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame 4A11 0
174 B 291ms
98ms XHR
text/plain 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-772A2EBB6B843764FB988777722AD229&tdid=&schain=&fp=0.03&eids=&pubcid=6b5def8a-fb83-44e7-9adf-fd3583358254&u=https%3A%2F%2Flihkg.com%2F&host=lihkg.com&ao=https%3A%2F%2Flihkg.com&w=336&h=280
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://pb.lihkg.com
Date: Tue, 29 Aug 2023 22:38:33 GMT
Access-Control-Allow-Credentials: true
Connection: close

GET
H3

200

flurry Show response
pb.lihkg.com/ Frame F2C9
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=250&slotname=9106605872%2F5521398132&adk=3524170298&adf=2648010310&pi=t.ma~as.9106605872%2F55213981_&w=32...
https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

1 KB
796 B

34ms
34ms

Document
text/html

2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fb66cda8a7f6b544f761bba57abfdadd810eece869cc49f5c4fdb97eda7271c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=1800
cf-cache-status: HIT
cf-ray: 7fe848f6cde118d4-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Aug 2023 22:38:34 GMT
expires: Tue, 29 Aug 2023 23:08:34 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:34 GMT
location: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

flurry Show response
pb.lihkg.com/ Frame EF42
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=250&slotname=9106605872%2F5521398132&adk=3524170298&adf=906640938&pi=t.ma~as.9106605872%2F55213981_&w=320...
https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

1 KB
796 B

28ms
27ms

Document
text/html

2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fb66cda8a7f6b544f761bba57abfdadd810eece869cc49f5c4fdb97eda7271c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=1800
cf-cache-status: HIT
cf-ray: 7fe848f6adc218d4-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Aug 2023 22:38:34 GMT
expires: Tue, 29 Aug 2023 23:08:34 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:33 GMT
location: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CA29 430 B
427 B 119ms
119ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3240616428100660&output=html&h=250&slotname=9808563034&adk=532204820&adf=2944989679&pi=t.ma~as.9808563034&w=320&lmt=1693341513&format=320x250&url=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F2&region=16933487131451010&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348713213&bpp=1&bdt=1196&idt=394&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&correlator=6316771326656&frm=20&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348714&ga_hid=705413750&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=4690&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076839%2C31077323%2C44798934%2C31077504&oid=2&pvsid=4485397768541698&tmod=1179280563&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=6g9RXyJr3j&p=https%3A//lihkg.com&dtd=397

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c6d0dad8519f74a265dcc20c75b83a198bcf7cbdd383a12a7c935483a3d97983

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:33 GMT
expires: Tue, 29 Aug 2023 22:38:33 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A4EE 0
19 B 47ms
46ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&adk=1812271804&adf=3025194257&lmt=1693341513&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x945_r&format=0x0&url=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F2&ea=0&region=16933487131447980&pra=7&wgl=1&easpi=0&asro=0&asrtr=1&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348713229&bpp=3&bdt=1211&idt=392&shv=r20230828&mjsv=m202308280101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250&nras=1&correlator=6316771326656&frm=20&pv=1&ga_vid=544351479.1693348713&ga_sid=1693348714&ga_hid=705413750&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31076839%2C31077323%2C44798934%2C31077504&oid=2&pvsid=4485397768541698&tmod=1179280563&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=7&uci=a!7&fsb=1&dtd=411

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:33 GMT
expires: Tue, 29 Aug 2023 22:38:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 166ms
70ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 29 Aug 2023 22:38:33 GMT

GET
H3 200 lg.php
adv.lihkg.com/www/delivery/ 43 B
387 B 228ms
228ms Image
image/gif 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adv.lihkg.com/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=9&loc=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F2&cb=4c0063b901

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-turbo-charged-by: LiteSpeed
cf-ray: 7fe848f54c6018d4-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

GET
H3 200 flurry6.css
pb.lihkg.com/css/ Frame 006C 2 KB
949 B 35ms
35ms Stylesheet
text/css 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/css/flurry6.css?v=5

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8543eee7ce49564643fa813ae7f87accf93f9a845c8c14aa0eb75c93ec0174bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:33 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2564216
cf-polished: origSize=2441
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 26 May 2023 10:34:44 GMT
server: cloudflare
etag: W/"989-18857a00520"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=2592000
cf-ray: 7fe848f5ed0e18d4-FRA
expires: Thu, 28 Sep 2023 22:38:33 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B0BD 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2988
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 21:48:45 GMT
expires: Wed, 28 Aug 2024 21:48:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame DDC1 829 B
1 KB 127ms
47ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

962fc717f6b467dd04e28f51faf37b6c927283f1d04c0a211230c42033adb714

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-A6n_3H-_rU0_3-ji_sjMRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-A6n_3H-_rU0_3-ji_sjMRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:34 GMT
expires: Tue, 29 Aug 2023 22:38:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame 006C 80 KB
30 KB 80ms
22ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:30:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: EVVRPZXZTJ7CVQJK
age: 512
x-amz-server-side-encryption: AES256
x-amz-id-2: qY2eb3iLWU5OIIEo9dSr46QDDQL8vQFXZonSEjnpOCClPy0/Wshaecy6LNo8mFXW2nqIHb+Xq8x+2ALF9yjcY95YHyYe7h2c
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
H3 200 F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js Show response
pagead2.googlesyndication.com/bg/ Frame B0BD 37 KB
14 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:31:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14626
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 16:31:55 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DDC1 0
0 70ms
69ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230828&jk=4485397768541698&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 flurry6.css
pb.lihkg.com/css/ Frame EF42 2 KB
949 B 38ms
37ms Stylesheet
text/css 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/css/flurry6.css?v=5

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8543eee7ce49564643fa813ae7f87accf93f9a845c8c14aa0eb75c93ec0174bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2564217
cf-polished: origSize=2441
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 26 May 2023 10:34:44 GMT
server: cloudflare
etag: W/"989-18857a00520"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=2592000
cf-ray: 7fe848f6edfb18d4-FRA
expires: Thu, 28 Sep 2023 22:38:34 GMT

GET
H3 200 flurry6.css
pb.lihkg.com/css/ Frame F2C9 2 KB
949 B 34ms
33ms Stylesheet
text/css 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/css/flurry6.css?v=5

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8543eee7ce49564643fa813ae7f87accf93f9a845c8c14aa0eb75c93ec0174bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:34 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2564217
cf-polished: origSize=2441
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 26 May 2023 10:34:44 GMT
server: cloudflare
etag: W/"989-18857a00520"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=2592000
cf-ray: 7fe848f72e3318d4-FRA
expires: Thu, 28 Sep 2023 22:38:34 GMT

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame EF42 80 KB
30 KB 23ms
22ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:30:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: EVVRPZXZTJ7CVQJK
age: 512
x-amz-server-side-encryption: AES256
x-amz-id-2: qY2eb3iLWU5OIIEo9dSr46QDDQL8vQFXZonSEjnpOCClPy0/Wshaecy6LNo8mFXW2nqIHb+Xq8x+2ALF9yjcY95YHyYe7h2c
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame F2C9 80 KB
30 KB 23ms
22ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:30:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: EVVRPZXZTJ7CVQJK
age: 512
x-amz-server-side-encryption: AES256
x-amz-id-2: qY2eb3iLWU5OIIEo9dSr46QDDQL8vQFXZonSEjnpOCClPy0/Wshaecy6LNo8mFXW2nqIHb+Xq8x+2ALF9yjcY95YHyYe7h2c
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 006C 239 B
568 B 180ms
48ms Script
application/javascript 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=af0df10b-65bf-42ae-9b7f-1a1dc9396bb1&apiKey=3HZV7WJSJ82YGVYV89M4&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fpb.lihkg.com%2Fflurry&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

3aaebb44fa7aff9f07c039c9678ca52b7a5277c15af947834950663fa31b5da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Tue, 29 Aug 2023 22:38:34 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 8
x-xss-protection: 1; mode=block
x-request-id: b0723014-309f-4189-b669-3d50d6d12f14

GET
H2 200 b
geo.yahoo.com/ Frame 006C 43 B
72 B 205ms
44ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:34 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 b
geo.yahoo.com/ Frame EF42 43 B
366 B 185ms
43ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:34 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame EF42 239 B
287 B 210ms
97ms Script
application/javascript 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

3aaebb44fa7aff9f07c039c9678ca52b7a5277c15af947834950663fa31b5da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Tue, 29 Aug 2023 22:38:34 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 8
x-xss-protection: 1; mode=block
x-request-id: 3f821368-20eb-4640-9d7a-dfbc98c740ee

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B0BD 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?m2Oh7g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 b
geo.yahoo.com/ Frame F2C9 43 B
72 B 175ms
44ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:34 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame F2C9 239 B
313 B 204ms
103ms Script
application/javascript 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

3aaebb44fa7aff9f07c039c9678ca52b7a5277c15af947834950663fa31b5da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Tue, 29 Aug 2023 22:38:34 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 13
x-xss-protection: 1; mode=block
x-request-id: 54686732-d726-4137-8b0d-e1f6994b1f56

GET
H3 200 smj Show response
pb.lihkg.com/ Frame D897 1022 B
659 B 29ms
29ms Document
text/html 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/smj?theme=light&passback=1&platform=mobile-web&is_mobile=1

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

846ab283855ddafc646f26a469d6c6c1b5a1f59f5d90ca195001e6a9ba943a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 937
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=1800
cf-cache-status: HIT
cf-ray: 7fe848f8afca18d4-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Aug 2023 22:38:34 GMT
expires: Tue, 29 Aug 2023 23:08:34 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 ysm_lihkg.js Show response
ad.sitemaji.com/ Frame D897 24 KB
8 KB 64ms
15ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_lihkg.js
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/smj?theme=light&passback=1&platform=mobile-web&is_mobile=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 585ea68c86cccd4420ed9f71aa876c153f4ef8cb8bd42dd9629b867ccc290695

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 01:52:22 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 22 Aug 2023 03:05:41 GMT
server: nginx/1.12.1 (Ubuntu)
age: 74772
etag: W/"64e42605-615c"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7957
expires: Wed, 30 Aug 2023 01:52:22 GMT

GET
H3 200 smj Show response
pb.lihkg.com/ Frame 3686 1022 B
659 B 35ms
35ms Document
text/html 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/smj?theme=light&passback=1&platform=mobile-web&is_mobile=1

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

846ab283855ddafc646f26a469d6c6c1b5a1f59f5d90ca195001e6a9ba943a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 937
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=1800
cf-cache-status: HIT
cf-ray: 7fe848f8e80818d4-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Aug 2023 22:38:34 GMT
expires: Tue, 29 Aug 2023 23:08:34 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 smj Show response
pb.lihkg.com/ Frame BAAB 1022 B
659 B 34ms
33ms Document
text/html 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/smj?theme=light&passback=1&platform=mobile-web&is_mobile=1

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

846ab283855ddafc646f26a469d6c6c1b5a1f59f5d90ca195001e6a9ba943a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 937
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=1800
cf-cache-status: HIT
cf-ray: 7fe848f8f81218d4-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Aug 2023 22:38:34 GMT
expires: Tue, 29 Aug 2023 23:08:34 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 ysm_lihkg.js Show response
ad.sitemaji.com/ Frame 3686 24 KB
8 KB 14ms
14ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_lihkg.js
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/smj?theme=light&passback=1&platform=mobile-web&is_mobile=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 585ea68c86cccd4420ed9f71aa876c153f4ef8cb8bd42dd9629b867ccc290695

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 01:52:22 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 22 Aug 2023 03:05:41 GMT
server: nginx/1.12.1 (Ubuntu)
age: 74772
etag: W/"64e42605-615c"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7957
expires: Wed, 30 Aug 2023 01:52:22 GMT

GET
H2 200 ysm_lihkg.js Show response
ad.sitemaji.com/ Frame BAAB 24 KB
8 KB 18ms
17ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_lihkg.js
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/smj?theme=light&passback=1&platform=mobile-web&is_mobile=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 585ea68c86cccd4420ed9f71aa876c153f4ef8cb8bd42dd9629b867ccc290695

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 01:52:22 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 22 Aug 2023 03:05:41 GMT
server: nginx/1.12.1 (Ubuntu)
age: 74772
etag: W/"64e42605-615c"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7957
expires: Wed, 30 Aug 2023 01:52:22 GMT

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame D897 80 KB
30 KB 23ms
23ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_lihkg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:30:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: EVVRPZXZTJ7CVQJK
age: 512
x-amz-server-side-encryption: AES256
x-amz-id-2: qY2eb3iLWU5OIIEo9dSr46QDDQL8vQFXZonSEjnpOCClPy0/Wshaecy6LNo8mFXW2nqIHb+Xq8x+2ALF9yjcY95YHyYe7h2c
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame 3686 80 KB
30 KB 24ms
24ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_lihkg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:30:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: EVVRPZXZTJ7CVQJK
age: 512
x-amz-server-side-encryption: AES256
x-amz-id-2: qY2eb3iLWU5OIIEo9dSr46QDDQL8vQFXZonSEjnpOCClPy0/Wshaecy6LNo8mFXW2nqIHb+Xq8x+2ALF9yjcY95YHyYe7h2c
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame BAAB 80 KB
30 KB 30ms
30ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_lihkg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:30:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: EVVRPZXZTJ7CVQJK
age: 512
x-amz-server-side-encryption: AES256
x-amz-id-2: qY2eb3iLWU5OIIEo9dSr46QDDQL8vQFXZonSEjnpOCClPy0/Wshaecy6LNo8mFXW2nqIHb+Xq8x+2ALF9yjcY95YHyYe7h2c
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2D3F 145 KB
50 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdb2305afd6b4ca92f8b8b65479237a388d5ae327a706f7dd749566cd19df7ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50929
x-xss-protection: 0
server: cafe
etag: 14412571946718999888
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 22:38:34 GMT

GET
H2 200 b
geo.yahoo.com/ Frame D897 43 B
96 B 41ms
41ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:34 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame D897 298 B
362 B 54ms
54ms Script
application/javascript 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=22c87bdb-f382-4ab8-b1fd-a16065b11ad0&apiKey=8Z7TZ5MDPJ4WQK8Y68JB&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fsunflyday.com%2F&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

d531ee353b2e628d0735cacda425a3000ab2da5481ea441980a576896e6bd427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Tue, 29 Aug 2023 22:38:34 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 16
x-xss-protection: 1; mode=block
x-request-id: 6505a76a-9ce0-4c2c-8135-85ce9bfa7797

GET
H2 200 b
geo.yahoo.com/ Frame 3686 43 B
72 B 41ms
41ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:34 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 3686 298 B
339 B 55ms
55ms Script
application/javascript 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=f27d7e47-185c-4971-bf95-a921d0a0975a&apiKey=8Z7TZ5MDPJ4WQK8Y68JB&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fsunflyday.com%2F&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

a2071a6dd4e4dc556c647ef2614dca9d7bb5c5aa37cf13e5c23bfb0dc468e849

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Tue, 29 Aug 2023 22:38:34 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 16
x-xss-protection: 1; mode=block
x-request-id: 0326dd3d-d18f-48d6-9040-e723ff298dc1

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DBCC 145 KB
50 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4919e111d5453492f753dbfc05ae3d54ac325eb91cb917b923ad475f781b276

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50933
x-xss-protection: 0
server: cafe
etag: 18118883386056298573
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 22:38:34 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame EBC7 145 KB
50 KB 148ms
148ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

145f7a61eb0eac3f11c0923b932ad778e7fda85505d341bfb9140c080e791674

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50930
x-xss-protection: 0
server: cafe
etag: 7371708339919915305
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 22:38:34 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame E52B 145 KB
50 KB 206ms
206ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bf34fcb41e470195d5c2f43fbe6f2ee5be108dc6cf3ceab9924b0fe6c6d3d475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50929
x-xss-protection: 0
server: cafe
etag: 15445131795209873449
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 22:38:34 GMT

GET
H2 200 b
geo.yahoo.com/ Frame BAAB 43 B
72 B 41ms
41ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:34 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame BAAB 298 B
362 B 57ms
56ms Script
application/javascript 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

d531ee353b2e628d0735cacda425a3000ab2da5481ea441980a576896e6bd427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Tue, 29 Aug 2023 22:38:34 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 18
x-xss-protection: 1; mode=block
x-request-id: c52b526d-1440-4067-b9c7-a2b7a7bbee7c

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-lihkg/ Frame D897 257 KB
47 KB 39ms
8ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_lihkg.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12d9750b602556f48a93c29b9426af52636fe30cada207db200ae52339ddfb28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: CJ4.yCbq6rNLuBRo_4r5tjhRq2dVc9oO
content-encoding: gzip
via: 1.1 varnish
date: Tue, 29 Aug 2023 22:38:34 GMT
x-amz-request-id: G12NK0VG7EWM5Q09
age: 115
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 47725
x-amz-id-2: vLygkVchedGiU7FLPhPf2j26tLeOvQW/SwOy+PQMOUSxGgmK8IQsktZswiYwsJFFosiJxgUWfNQ=
x-served-by: cache-fra-eddf8230067-FRA
last-modified: Tue, 29 Aug 2023 10:35:32 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693348715.584621,VS0,VE1
etag: "bbe36a0b3b4b6f4b4499b05aa9e359c6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 82
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-lihkg/ Frame 3686 257 KB
47 KB 37ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_lihkg.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12d9750b602556f48a93c29b9426af52636fe30cada207db200ae52339ddfb28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: CJ4.yCbq6rNLuBRo_4r5tjhRq2dVc9oO
content-encoding: gzip
via: 1.1 varnish
date: Tue, 29 Aug 2023 22:38:34 GMT
x-amz-request-id: G12NK0VG7EWM5Q09
age: 115
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 47725
x-amz-id-2: vLygkVchedGiU7FLPhPf2j26tLeOvQW/SwOy+PQMOUSxGgmK8IQsktZswiYwsJFFosiJxgUWfNQ=
x-served-by: cache-fra-eddf8230067-FRA
last-modified: Tue, 29 Aug 2023 10:35:32 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693348715.584621,VS0,VE1
etag: "bbe36a0b3b4b6f4b4499b05aa9e359c6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 36
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 4A11 145 KB
50 KB 202ms
201ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=19

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

635925b575f30146336036d3916c2f6f099258d421963732a49e394184cf5381

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50928
x-xss-protection: 0
server: cafe
etag: 17657689211499108486
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 22:38:34 GMT

GET
H2 200 impl.20230829-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 3686 803 KB
166 KB 7ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 49410c74fab6de2717d7f1318a0f1c6e388d528b08bbdfaaf30917b93e38e5b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: ZGlhiiQqqqnagE6bshkNEUfpjhfaa1ba
content-encoding: br
via: 1.1 varnish
date: Tue, 29 Aug 2023 22:38:34 GMT
x-amz-request-id: 9YG304DKSP74XNZ2
age: 17231
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 169980
x-amz-id-2: AFw9rhrpPFfjIWlCsTpQYfQ4JmOOgfpX0PijO55PmxMX81A005BVF26wHFMT5OZngLMFT0Y/buo=
x-served-by: cache-fra-eddf8230067-FRA
last-modified: Tue, 29 Aug 2023 09:51:12 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693348715.619095,VS0,VE0
etag: "187ed73a057d935141b5b3438fd55c4f"
vary: Accept-Encoding
content-type: application/javascript
abp: 9
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 178054

GET
H2 200 impl.20230829-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame D897 803 KB
166 KB 8ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 49410c74fab6de2717d7f1318a0f1c6e388d528b08bbdfaaf30917b93e38e5b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: ZGlhiiQqqqnagE6bshkNEUfpjhfaa1ba
content-encoding: br
via: 1.1 varnish
date: Tue, 29 Aug 2023 22:38:34 GMT
x-amz-request-id: 9YG304DKSP74XNZ2
age: 17231
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 169980
x-amz-id-2: AFw9rhrpPFfjIWlCsTpQYfQ4JmOOgfpX0PijO55PmxMX81A005BVF26wHFMT5OZngLMFT0Y/buo=
x-served-by: cache-fra-eddf8230067-FRA
last-modified: Tue, 29 Aug 2023 09:51:12 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693348715.629530,VS0,VE0
etag: "187ed73a057d935141b5b3438fd55c4f"
vary: Accept-Encoding
content-type: application/javascript
abp: 96
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 178055

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/ Frame 2D3F 387 KB
131 KB 110ms
109ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=pb.lihkg.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6cfeb3b267b8d15890ad258fe4204e6c250d2469f55f1c98af30d52a5bb143b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134169
x-xss-protection: 0
server: cafe
etag: 10559637456737742564
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 22:38:34 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-lihkg/ Frame BAAB 257 KB
47 KB 8ms
8ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_lihkg.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12d9750b602556f48a93c29b9426af52636fe30cada207db200ae52339ddfb28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: CJ4.yCbq6rNLuBRo_4r5tjhRq2dVc9oO
content-encoding: gzip
via: 1.1 varnish
date: Tue, 29 Aug 2023 22:38:34 GMT
x-amz-request-id: G12NK0VG7EWM5Q09
age: 115
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 47725
x-amz-id-2: vLygkVchedGiU7FLPhPf2j26tLeOvQW/SwOy+PQMOUSxGgmK8IQsktZswiYwsJFFosiJxgUWfNQ=
x-served-by: cache-fra-eddf8230067-FRA
last-modified: Tue, 29 Aug 2023 10:35:32 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693348715.651192,VS0,VE0
etag: "bbe36a0b3b4b6f4b4499b05aa9e359c6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 43
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 impl.20230829-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame BAAB 803 KB
166 KB 32ms
31ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 49410c74fab6de2717d7f1318a0f1c6e388d528b08bbdfaaf30917b93e38e5b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: ZGlhiiQqqqnagE6bshkNEUfpjhfaa1ba
content-encoding: br
via: 1.1 varnish
date: Tue, 29 Aug 2023 22:38:34 GMT
x-amz-request-id: 9YG304DKSP74XNZ2
age: 17231
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 169980
x-amz-id-2: AFw9rhrpPFfjIWlCsTpQYfQ4JmOOgfpX0PijO55PmxMX81A005BVF26wHFMT5OZngLMFT0Y/buo=
x-served-by: cache-fra-eddf8230067-FRA
last-modified: Tue, 29 Aug 2023 09:51:12 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693348715.687975,VS0,VE0
etag: "187ed73a057d935141b5b3438fd55c4f"
vary: Accept-Encoding
content-type: application/javascript
abp: 6
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 178056

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/ Frame DBCC 387 KB
131 KB 103ms
100ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=pb.lihkg.com&bust=31077451

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ce9c23100cc0681764ebe98b2e39ca86dcf292de1d7615037d34ba84d0d270b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134171
x-xss-protection: 0
server: cafe
etag: 17833400168185653281
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 22:38:34 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/ Frame EBC7 387 KB
131 KB 100ms
100ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=pb.lihkg.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61bc3a9b2e94aceaa784247231cf757d22fc27da6b413eb9f21f03311c4a7a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134169
x-xss-protection: 0
server: cafe
etag: 7281045486795232023
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 22:38:34 GMT

GET
H3 200 smj Show response
pb.lihkg.com/ Frame 718F 1022 B
659 B 29ms
28ms Document
text/html 2606:4700::6811:d5c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/smj?theme=light&is_mobile=1

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d5c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

846ab283855ddafc646f26a469d6c6c1b5a1f59f5d90ca195001e6a9ba943a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 940
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=1800
cf-cache-status: HIT
cf-ray: 7fe848fb8a4718d4-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 29 Aug 2023 22:38:34 GMT
expires: Tue, 29 Aug 2023 23:08:34 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 73ms
73ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230828&jk=4485397768541698&bg=!gIOlg8zNAAYkVgHwBFY7ADQBe5WfON5GG5kfyhlt2CSep86TzxURTSlFYpCGKXHXIubafvaGWuSrjs2DZ7kbqIfQV8shAgAAAIlSAAAACGgBBwoAQq_1pDIQEpn0Ot7w9vQix9QMzsNRzSRQ-0GkqTOUQSrNUAipwbHHQPfckyAUITnsrC_vjb-439LoCI0g6QsCMuub-JkCwNXvqxXdDi5Ephzub_3rEajjCv73cKBlQWC6lDcWgcSHJBWMPQCaZ5QFaMjrB94AOAj9Ey-pYQiCWg7jwyhPai2auTw3rP68mblDhKLZdTLUOPxRbAbZ3vS3tHAU3eH7LRu_52rsrDweTkv-5vgZJrCFmk83IEn-Le8D93uIBFpVS9Rqf2MlS_cQVS1Xh5aunMMOCJW5DVZ0TokWKvMTVV95nsNt1zQeIi_uVzXgFPTNE_Gp56NCwVmK_BrJpOw3CGr9GrzJEiYpb1C7W30elOAd46IfvgZME2vjGB2WWZ1f5g8-XxXiOujA29MFJ-UXF5q_mu0Y1H0ut1Xj6DRwoN3HDVC1ks5Z8ZY9rZzvP0BDN2_dmo5a-45b-WSN-AMPmE98BWlGmomVwEPfdWI22ialT0WqEB2t91OmZUBXhNE-LRHhWzZgDK2s5W8ZIHrlfwadiAo9WD-8K1b8YbbNMS_1lPOkUdGzjm7NDGaWspO8958HeE-g7aMTlcNMsHFp1oWFCmVspTtwSUOyzyydatmMb5ZI_-wf8G2sTA3sMWVIzpzi7CQzLZ4GfnmG67kOs2zyv3Ej8qJRw8YsSJKTFD8SKx6hRGHGJQ3aoUgiXLPZ0Sr3xZxlW08Gm3q_ki7XDDxJs4d7mRBbh47L1HRm9JDjRZTTpAFs3cn6hGxd7b5qGRRqXYDOETxhVhgM1LQ7Lr_voYSWX4FJrjM4086FSlKKDP1wXSB37TsZ_6D15R5ycbR6aYzdPaEQwQj0SpNifG0MFpTjZkkKDBse8vrz1xi-5UeNfabDZTwMLs5hUcXvoXyhKw1t6HSQcaW8zgbF2AgE0bEVv6xzLVmH-rTj5f2rYp6OjukP6F-fCsq-5oAHMelsw36YBJomVTG-NmIa8_0onZPjw9K7wZkoI5w8UOb5b7CmSYMwBwi_YaX4AOQt
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/ Frame E52B 387 KB
131 KB 123ms
123ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=pb.lihkg.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99e35cbed2b286df1349bb0ffe71fa354c8a7a3c97f97f341ab4581a428c19bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134169
x-xss-protection: 0
server: cafe
etag: 13097178006129942298
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 22:38:34 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/ Frame 4A11 387 KB
131 KB 168ms
168ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=pb.lihkg.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61bc3a9b2e94aceaa784247231cf757d22fc27da6b413eb9f21f03311c4a7a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134169
x-xss-protection: 0
server: cafe
etag: 7281045486795232023
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 22:38:34 GMT

GET
H2 200 ysm_lihkg.js Show response
ad.sitemaji.com/ Frame 718F 24 KB
8 KB 15ms
14ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_lihkg.js
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/smj?theme=light&is_mobile=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 585ea68c86cccd4420ed9f71aa876c153f4ef8cb8bd42dd9629b867ccc290695

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 01:52:22 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 22 Aug 2023 03:05:41 GMT
server: nginx/1.12.1 (Ubuntu)
age: 74772
etag: W/"64e42605-615c"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7957
expires: Wed, 30 Aug 2023 01:52:22 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 2D3F 12 B
100 B 44ms
44ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=pb.lihkg.com&callback=_gfp_s_&client=ca-pub-1983042674979462&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=pb.lihkg.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4A91 51 KB
17 KB 256ms
255ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755400&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714473&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714638&bpp=3&bdt=1271&idt=240&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7491394414690&rume=1&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=1245674851&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077323%2C42531706%2C31076998%2C31061691%2C31061692&oid=2&pvsid=2345678649997198&tmod=867716125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kpazsdq18uxg&fsb=1&dtd=258

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf21e8408ed4dac6172cc3050b496ca227f133e7c75e38beccaafe52160bf224

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pb.lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17889
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:35 GMT
expires: Tue, 29 Aug 2023 22:38:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 2D3F 15 KB
12 KB 88ms
88ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230828&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7070cc69aecbe66c96c6c26692c7a952e77202f0e1016c04b8e7523fe01644f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11777
x-xss-protection: 0

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame 718F 80 KB
30 KB 22ms
22ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_lihkg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:30:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: EVVRPZXZTJ7CVQJK
age: 512
x-amz-server-side-encryption: AES256
x-amz-id-2: qY2eb3iLWU5OIIEo9dSr46QDDQL8vQFXZonSEjnpOCClPy0/Wshaecy6LNo8mFXW2nqIHb+Xq8x+2ALF9yjcY95YHyYe7h2c
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame DBCC 12 B
53 B 44ms
44ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9918 45 KB
16 KB 215ms
214ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714542&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714768&bpp=4&bdt=1394&idt=224&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7010718715925&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=246262387&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077323%2C31077369%2C31077371%2C31077488%2C44795922%2C31077451&oid=2&pvsid=3972637629488550&tmod=1229654141&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6kvmdq7en2vx&fsb=1&dtd=237

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64d691fbc4a15bf9eee152d458c1d4b3be611a57727dfde3194fa5443cc5e2dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pb.lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16697
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:35 GMT
expires: Tue, 29 Aug 2023 22:38:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DBCC 15 KB
12 KB 100ms
99ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230828&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981088256f014e7875ee262982ad1eb7f0c802533d95c307a1b30008b60dc5d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11792
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 2D3F 17 KB
6 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 29 Aug 2023 22:38:35 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 718F 298 B
339 B 53ms
53ms Script
application/javascript 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

d531ee353b2e628d0735cacda425a3000ab2da5481ea441980a576896e6bd427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Tue, 29 Aug 2023 22:38:34 GMT
server: ATS
age: 1
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 16
x-xss-protection: 1; mode=block
x-request-id: b246923e-2854-4c9f-b7c8-e263856a156f

GET
H2 200 b
geo.yahoo.com/ Frame 718F 43 B
95 B 42ms
41ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/smj?theme=light&is_mobile=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame E52B 12 B
53 B 45ms
44ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 59E4 45 KB
16 KB 280ms
279ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714545&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714829&bpp=4&bdt=1442&idt=220&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7303162312974&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=549433589&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C31077318%2C31077324%2C31077369%2C42531706&oid=2&pvsid=3629789203006036&tmod=1107824513&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.d2av7eahhq6n&fsb=1&dtd=237

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad5513f114fa6f9a574cc64554a2a333f22fdc2067ac18832361974809345b5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pb.lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16693
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:35 GMT
expires: Tue, 29 Aug 2023 22:38:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E52B 15 KB
11 KB 88ms
88ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230828&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37300dadca033aeefdaf45704f904544037e79fb0ebe0d4e5b9fe02c16fae234

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11734
x-xss-protection: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame EBC7 12 B
53 B 44ms
43ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4224 46 KB
16 KB 215ms
214ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714544&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714786&bpp=3&bdt=1411&idt=291&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=4817295681634&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=1650869316&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31077444%2C44796632&oid=2&pvsid=3439189426482461&tmod=1904511278&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.coj4yux3obvd&fsb=1&dtd=306

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4ab36501f4ae276141d10ba8b8b63c3f42f426f8ee3c9f3247ea4e3a2ac67d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pb.lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16742
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:35 GMT
expires: Tue, 29 Aug 2023 22:38:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EBC7 15 KB
11 KB 90ms
89ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230828&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e01af62b9dc3c41009730d55f56c30722924655dff7ff7b5d6704c62ec417dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11662
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ED0D 13 KB
5 KB 41ms
40ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pb.lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 21:48:45 GMT
expires: Wed, 28 Aug 2024 21:48:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 00AA 829 B
792 B 52ms
51ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

107500f3386888e9450215c938aeee00d53bc3296d79960cd11c963d9c536fbe

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZD85NyIvwpXGzHB8WQt2Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pb.lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 539
content-security-policy: script-src 'report-sample' 'nonce-ZD85NyIvwpXGzHB8WQt2Kw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:35 GMT
expires: Tue, 29 Aug 2023 22:38:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-lihkg/ Frame 718F 257 KB
47 KB 7ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_lihkg.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12d9750b602556f48a93c29b9426af52636fe30cada207db200ae52339ddfb28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: CJ4.yCbq6rNLuBRo_4r5tjhRq2dVc9oO
content-encoding: gzip
via: 1.1 varnish
date: Tue, 29 Aug 2023 22:38:35 GMT
x-amz-request-id: G12NK0VG7EWM5Q09
age: 116
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 47725
x-amz-id-2: vLygkVchedGiU7FLPhPf2j26tLeOvQW/SwOy+PQMOUSxGgmK8IQsktZswiYwsJFFosiJxgUWfNQ=
x-served-by: cache-fra-eddf8230067-FRA
last-modified: Tue, 29 Aug 2023 10:35:32 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693348715.103240,VS0,VE0
etag: "bbe36a0b3b4b6f4b4499b05aa9e359c6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 52
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 4

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DBCC 17 KB
6 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 29 Aug 2023 22:38:35 GMT

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 4A11 12 B
53 B 45ms
45ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8F7B 46 KB
16 KB 415ms
414ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755403&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714565&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714854&bpp=4&bdt=1451&idt=265&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=5269668770285&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=812375166&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759842%2C44795922&oid=2&pvsid=3930112406842115&tmod=910314556&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzxbdl7zmzy2&fsb=1&dtd=278

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5efba36f91a59dcc9918f2cf796410873bb4013b539b8b98e51210e621f2964c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pb.lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 16718
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:35 GMT
expires: Tue, 29 Aug 2023 22:38:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4A11 15 KB
12 KB 114ms
113ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230828&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb571b8f4828305b030d4da6f20f71a09e3654ef7e87179e2b5345a847f737a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11754
x-xss-protection: 0

GET
H2 200 impl.20230829-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 718F 803 KB
166 KB 9ms
8ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 49410c74fab6de2717d7f1318a0f1c6e388d528b08bbdfaaf30917b93e38e5b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: ZGlhiiQqqqnagE6bshkNEUfpjhfaa1ba
content-encoding: br
via: 1.1 varnish
date: Tue, 29 Aug 2023 22:38:35 GMT
x-amz-request-id: 9YG304DKSP74XNZ2
age: 17231
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 169980
x-amz-id-2: AFw9rhrpPFfjIWlCsTpQYfQ4JmOOgfpX0PijO55PmxMX81A005BVF26wHFMT5OZngLMFT0Y/buo=
x-served-by: cache-fra-eddf8230067-FRA
last-modified: Tue, 29 Aug 2023 09:51:12 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693348715.145604,VS0,VE0
etag: "187ed73a057d935141b5b3438fd55c4f"
vary: Accept-Encoding
content-type: application/javascript
abp: 60
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 178057

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 3673 2 KB
3 KB 65ms
27ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1h4x0j05v3njyh4nwt299afvbf2dfxrsfvwm7asttg8xrrnj8k9f8mtevta97nemnfy9n5tvzgpf6qx5defnxggype8jnc7wv25pps0779vrn8msa3zv6de010mw96sqcpj2mgk2fg848bfvfshp3zsc6bcgx13f9bxdj23n0mrf7tbgp7n7mjwd29zkshgwq8hzpdn63kq6c6e8s058gha70wk9tcw2mqnydex70b680zmhf7vf9j023ptqdmyrb70fb2gjgxjt1rxd2vvw7weksd3cjgessg9ds4qw5n5pr7pv5y6mtw5szej0d0rv7capeze8gff0r5bs15drzpmb4n9jehata24bmqjz674f4gv58qdyftsmys3ypfgnkevh12j94txcjbdeqfmz4nmwm613rjezkfztvdn8c1j3gvdkzxakp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaK00anPuZI2tOb2rxdwPp6ynwAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0EmmIu_lqMqk0Iusz65i75rrDA2axZMeQv4e3qdPQ2GT4rS-Kd92jenSmaiiVnsXHDxdBa4m_0mSDVun61noCjNTwOcRLkp5kMly3lA4HuhBP2VnJwjJ3D6lGYezxrmGX3QO8LJD2p73ICDyigbqjjAyh-AsxMGLvoCUnGJVr2Dj4UElgVybUaRaZ_zHun3G0ba9TSUEBqy_2CSS7hb65x7mUSQ3uUyZs5cRj2dbHoDCly4ruwahr11ZQnuFg7qlRURd2N6GZfLo4C8AOLa3T5rZUE5aN1x8Zr7MkMtRgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1SNNydTNsNsG6JOWbnKJqXBkIMdg%26client%3Dca-pub-1983042674979462%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755400&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714473&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714638&bpp=3&bdt=1271&idt=240&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7491394414690&rume=1&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=1245674851&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077323%2C42531706%2C31076998%2C31061691%2C31061692&oid=2&pvsid=2345678649997198&tmod=867716125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kpazsdq18uxg&fsb=1&dtd=258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89dfeda2c2d29d75b9199adce9c0b1f960a0d0baefaf6b398363f56110d1e814

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fe848fe3a7518c5-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:35 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 99E1 3 KB
1 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 21:46:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 21:46:04 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A541 1 KB
643 B 37ms
36ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 11:13:59 GMT
etag: 48472445140208031
expires: Wed, 30 Aug 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 99E1 20 KB
8 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 99E1 0
0 49ms
48ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5pMaB9sdQWVh0zfd10IOwxESJIy7iwEEmigvvkTcUGEeaS-JdTNIZMkxtoauGCWLzSgSVfuItsyID9rNQbVWZ4ue1MA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755400&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714473&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714638&bpp=3&bdt=1271&idt=240&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7491394414690&rume=1&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=1245674851&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077323%2C42531706%2C31076998%2C31061691%2C31061692&oid=2&pvsid=2345678649997198&tmod=867716125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kpazsdq18uxg&fsb=1&dtd=258
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 99E1 181 KB
57 KB 61ms
47ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 22:38:35 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E52B 17 KB
6 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 29 Aug 2023 22:38:35 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EBC7 17 KB
6 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 29 Aug 2023 22:38:35 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 00AA 0
0 79ms
78ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230828&jk=2345678649997198&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js Show response
pagead2.googlesyndication.com/bg/ Frame ED0D 37 KB
14 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:31:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14626
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 16:31:55 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2F81 13 KB
5 KB 40ms
38ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pb.lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 21:48:45 GMT
expires: Wed, 28 Aug 2024 21:48:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 41B3 829 B
559 B 52ms
51ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5ac6e96b3f3196fc83048e084cf465b4feaa72d55fd8d66df91abdce75a64105

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9GP_uaDYv6b3UMxin5tqDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pb.lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-9GP_uaDYv6b3UMxin5tqDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:35 GMT
expires: Tue, 29 Aug 2023 22:38:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame E830 2 KB
1 KB 34ms
31ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1ge89aka5b0k19xtwwr3t0rmctnq61f65geq2xpf29dn7310k06qdfey9z34abnhwfgd87pf2b68k5r9tym4gescnzazt12p13vvpvvbrqs5c28crd1nyj4wngc3efxrjrv4zmecmmqqftqw2765ha5gpwhrpwwzz22zfsxyn96s3m71jk19q31dvcqv0kzfq9rg93nne8xcb7692tqa93sghyre4q3gy9w3fdem1f4ewc4v5w6qasb94d5gxpf2k7wpwdxbdj7gecacb16ayxwgc3phqbaz8yseraeegh3d21k27eqsvdd3sxbtxhd98yxsvvg5qp6ws6w9xkpt2y4k55fdp91g7acxr3vtf3edgbmgpaw04cter94hvkp8yf1g2w4vhyt4hmya2n2wgnvpnymj32wrk2djmctgs6kr1x2p8wz1r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnmXDa3PuZKv3AsG_iQbP24zAApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAkMw1AwpOrI-qAMByAMCqgTfAU_QreRdUiG4UX9FwAmI4A_RG-MbbhpRZLhys7Pv6qpbnA-opQN7hCcEXndNf1ZdWkZzMuREBcEToOsbma4OaqeD4JbbcY6iYRYw96i1FlvFLLG_zLQFE4KgBuhAUIdIOtZ_D_BVsdpupE-pRzY3FuGFcdlUBm909ehPLB9bf5BIFBySrbSTDThHCH67f2SSKlJpgrg34nn56AFKiruVks7_qo0XnXTDF80qTSvzvbS1PBWZEhuVdvFclfy5GZzpkmB9MWbElP3RLMvIe2hdpGKiIl9hqoUDyW-MeDXctVqABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1o6l6UCftJRnKTFMF1HJ2x8MT-7A%26client%3Dca-pub-1983042674979462%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714542&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714768&bpp=4&bdt=1394&idt=224&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7010718715925&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=246262387&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077323%2C31077369%2C31077371%2C31077488%2C44795922%2C31077451&oid=2&pvsid=3972637629488550&tmod=1229654141&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6kvmdq7en2vx&fsb=1&dtd=237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa73429ad9c13bcb586a8eeee0f5c74c47038842e110f9e956bd6dc330345712

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fe848fe5a8f18c5-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:35 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame AEF6 3 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714542&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714768&bpp=4&bdt=1394&idt=224&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7010718715925&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=246262387&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077323%2C31077369%2C31077371%2C31077488%2C44795922%2C31077451&oid=2&pvsid=3972637629488550&tmod=1229654141&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6kvmdq7en2vx&fsb=1&dtd=237

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 21:46:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 21:46:04 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CE89 1 KB
643 B 37ms
35ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714542&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714768&bpp=4&bdt=1394&idt=224&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7010718715925&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=246262387&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077323%2C31077369%2C31077371%2C31077488%2C44795922%2C31077451&oid=2&pvsid=3972637629488550&tmod=1229654141&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6kvmdq7en2vx&fsb=1&dtd=237

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 11:13:59 GMT
etag: 48472445140208031
expires: Wed, 30 Aug 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame AEF6 20 KB
8 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714542&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714768&bpp=4&bdt=1394&idt=224&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7010718715925&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=246262387&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077323%2C31077369%2C31077371%2C31077488%2C44795922%2C31077451&oid=2&pvsid=3972637629488550&tmod=1229654141&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6kvmdq7en2vx&fsb=1&dtd=237

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AEF6 0
0 49ms
46ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTIr8WatiZIL5Sz7CZLab3M8B_QCXzcaEBuf0Yz0w89RZWzw7JO5ZKThqQVcd_XPO819JAkzSM5EZplBLAAn52eToKYag
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714542&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714768&bpp=4&bdt=1394&idt=224&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7010718715925&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=246262387&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077323%2C31077369%2C31077371%2C31077488%2C44795922%2C31077451&oid=2&pvsid=3972637629488550&tmod=1229654141&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6kvmdq7en2vx&fsb=1&dtd=237
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AEF6 181 KB
57 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714542&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714768&bpp=4&bdt=1394&idt=224&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7010718715925&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=246262387&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077323%2C31077369%2C31077371%2C31077488%2C44795922%2C31077451&oid=2&pvsid=3972637629488550&tmod=1229654141&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6kvmdq7en2vx&fsb=1&dtd=237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 22:38:35 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4A11 17 KB
6 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 29 Aug 2023 22:38:35 GMT

GET
DATA 200
OK truncated
/ Frame 99E1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ab05fd9f1991b8e36d079cb9cf92ee9bc1293ce4aca3c20b0da064bda729c19

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 3673 114 KB
14 KB 25ms
24ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h4x0j05v3njyh4nwt299afvbf2dfxrsfvwm7asttg8xrrnj8k9f8mtevta97nemnfy9n5tvzgpf6qx5defnxggype8jnc7wv25pps0779vrn8msa3zv6de010mw96sqcpj2mgk2fg848bfvfshp3zsc6bcgx13f9bxdj23n0mrf7tbgp7n7mjwd29zkshgwq8hzpdn63kq6c6e8s058gha70wk9tcw2mqnydex70b680zmhf7vf9j023ptqdmyrb70fb2gjgxjt1rxd2vvw7weksd3cjgessg9ds4qw5n5pr7pv5y6mtw5szej0d0rv7capeze8gff0r5bs15drzpmb4n9jehata24bmqjz674f4gv58qdyftsmys3ypfgnkevh12j94txcjbdeqfmz4nmwm613rjezkfztvdn8c1j3gvdkzxakp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaK00anPuZI2tOb2rxdwPp6ynwAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0EmmIu_lqMqk0Iusz65i75rrDA2axZMeQv4e3qdPQ2GT4rS-Kd92jenSmaiiVnsXHDxdBa4m_0mSDVun61noCjNTwOcRLkp5kMly3lA4HuhBP2VnJwjJ3D6lGYezxrmGX3QO8LJD2p73ICDyigbqjjAyh-AsxMGLvoCUnGJVr2Dj4UElgVybUaRaZ_zHun3G0ba9TSUEBqy_2CSS7hb65x7mUSQ3uUyZs5cRj2dbHoDCly4ruwahr11ZQnuFg7qlRURd2N6GZfLo4C8AOLa3T5rZUE5aN1x8Zr7MkMtRgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1SNNydTNsNsG6JOWbnKJqXBkIMdg%26client%3Dca-pub-1983042674979462%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1h4x0j05v3njyh4nwt299afvbf2dfxrsfvwm7asttg8xrrnj8k9f8mtevta97nemnfy9n5tvzgpf6qx5defnxggype8jnc7wv25pps0779vrn8msa3zv6de010mw96sqcpj2mgk2fg848bfvfshp3zsc6bcgx13f9bxdj23n0mrf7tbgp7n7mjwd29zkshgwq8hzpdn63kq6c6e8s058gha70wk9tcw2mqnydex70b680zmhf7vf9j023ptqdmyrb70fb2gjgxjt1rxd2vvw7weksd3cjgessg9ds4qw5n5pr7pv5y6mtw5szej0d0rv7capeze8gff0r5bs15drzpmb4n9jehata24bmqjz674f4gv58qdyftsmys3ypfgnkevh12j94txcjbdeqfmz4nmwm613rjezkfztvdn8c1j3gvdkzxakp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaK00anPuZI2tOb2rxdwPp6ynwAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0EmmIu_lqMqk0Iusz65i75rrDA2axZMeQv4e3qdPQ2GT4rS-Kd92jenSmaiiVnsXHDxdBa4m_0mSDVun61noCjNTwOcRLkp5kMly3lA4HuhBP2VnJwjJ3D6lGYezxrmGX3QO8LJD2p73ICDyigbqjjAyh-AsxMGLvoCUnGJVr2Dj4UElgVybUaRaZ_zHun3G0ba9TSUEBqy_2CSS7hb65x7mUSQ3uUyZs5cRj2dbHoDCly4ruwahr11ZQnuFg7qlRURd2N6GZfLo4C8AOLa3T5rZUE5aN1x8Zr7MkMtRgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1SNNydTNsNsG6JOWbnKJqXBkIMdg%26client%3Dca-pub-1983042674979462%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 559525
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fn9r7HGCJV80flhwMJkirZeMdwSTRwL8jaO59R5ARkVETKv6lQq3GMiw9h%2FuzLgErUkV%2BntXMw6d8PwPKy8WY%2B3UrsUrLvbsu15vGa7UxhBN4PzA9Qec67MFhPLZsOUV1CkVqkoFP%2BY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7fe848fe8ab718c5-FRA
expires: Tue, 29 Aug 2023 23:38:35 GMT

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 3673 25 KB
10 KB 41ms
23ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h4x0j05v3njyh4nwt299afvbf2dfxrsfvwm7asttg8xrrnj8k9f8mtevta97nemnfy9n5tvzgpf6qx5defnxggype8jnc7wv25pps0779vrn8msa3zv6de010mw96sqcpj2mgk2fg848bfvfshp3zsc6bcgx13f9bxdj23n0mrf7tbgp7n7mjwd29zkshgwq8hzpdn63kq6c6e8s058gha70wk9tcw2mqnydex70b680zmhf7vf9j023ptqdmyrb70fb2gjgxjt1rxd2vvw7weksd3cjgessg9ds4qw5n5pr7pv5y6mtw5szej0d0rv7capeze8gff0r5bs15drzpmb4n9jehata24bmqjz674f4gv58qdyftsmys3ypfgnkevh12j94txcjbdeqfmz4nmwm613rjezkfztvdn8c1j3gvdkzxakp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaK00anPuZI2tOb2rxdwPp6ynwAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0EmmIu_lqMqk0Iusz65i75rrDA2axZMeQv4e3qdPQ2GT4rS-Kd92jenSmaiiVnsXHDxdBa4m_0mSDVun61noCjNTwOcRLkp5kMly3lA4HuhBP2VnJwjJ3D6lGYezxrmGX3QO8LJD2p73ICDyigbqjjAyh-AsxMGLvoCUnGJVr2Dj4UElgVybUaRaZ_zHun3G0ba9TSUEBqy_2CSS7hb65x7mUSQ3uUyZs5cRj2dbHoDCly4ruwahr11ZQnuFg7qlRURd2N6GZfLo4C8AOLa3T5rZUE5aN1x8Zr7MkMtRgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1SNNydTNsNsG6JOWbnKJqXBkIMdg%26client%3Dca-pub-1983042674979462%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 22086
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHFDnPKjQMm6zU5rsuGZwdutUmWAz8qh2XECEo3bLH40WTART%2F0gXiGmN9g%2FDFuP8SWzkXf9GOmHylqW9lXneguTz6vCmgoBfCoxmclesADtT780HHzJJWiMRUdgZo18JfVNl38%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7fe848fe9ad618c5-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 29 Aug 2023 16:30:19 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A541
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESELBsTht4AKMC4EgjmTEFTGU&google_cver=1&google_push=AXcoOmSpVcsGmrkSKteLiN-2L26xWZfzJ49p2x3dWbRv66HSsaB3O7Gk6SbS0_tTFheMFUNmKknife1JDlG...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSpVcsGmrkSKteLiN-2L26xWZfzJ49p2x3dWbRv66HSsaB3O7Gk6SbS0_tTFheMFUNmKknife1JDlGzOnluKO8rxTqA1dh5&google_hm=t7s2po5uSxSAZje5MNjfUsE

170 B
329 B

51ms
51ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSpVcsGmrkSKteLiN-2L26xWZfzJ49p2x3dWbRv66HSsaB3O7Gk6SbS0_tTFheMFUNmKknife1JDlGzOnluKO8rxTqA1dh5&google_hm=t7s2po5uSxSAZje5MNjfUsE

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmSpVcsGmrkSKteLiN-2L26xWZfzJ49p2x3dWbRv66HSsaB3O7Gk6SbS0_tTFheMFUNmKknife1JDlGzOnluKO8rxTqA1dh5&google_hm=t7s2po5uSxSAZje5MNjfUsE
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A541
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGRRKqTuQufAQ2D9HYjI6VI&google_cver=1&google_push=AXcoOmRyGvO_6sSPOPKJ6MXejeKkQ_E7MqNCV3wRbdppyExyO0rzWf2RdJY1i3A5qa3jAHs8jVaC9ySJ...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGRRKqTuQufAQ2D9HYjI6VI&google_cver=1&google_push=AXcoOmRyGvO_6sSPOPKJ6MXejeKkQ_E7MqNCV3wRbdppyExyO0rzWf2RdJY1i3A5qa3jAHs8jVa...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzY5NTMwNzY4MDA1ODQ5MTE5&google_push=AXcoOmRyGvO_6sSPOPKJ6MXejeKkQ_E7MqNCV3wRbdppyExyO0rzWf2RdJY1i3A5qa3jAHs8jVaC9ySJ...

170 B
232 B

48ms
47ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzY5NTMwNzY4MDA1ODQ5MTE5&google_push=AXcoOmRyGvO_6sSPOPKJ6MXejeKkQ_E7MqNCV3wRbdppyExyO0rzWf2RdJY1i3A5qa3jAHs8jVaC9ySJBAT9ywvr1-cdl8OHZ6_R

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzY5NTMwNzY4MDA1ODQ5MTE5&google_push=AXcoOmRyGvO_6sSPOPKJ6MXejeKkQ_E7MqNCV3wRbdppyExyO0rzWf2RdJY1i3A5qa3jAHs8jVaC9ySJBAT9ywvr1-cdl8OHZ6_R
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A541
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEGRRKqTuQufAQ2D9HYjI6VI&google_cver=1&google_push=AXcoOmR6Y6nZjxJvBbtz9OCjbkgg9kKzu0QoaG4_k4YJk1D2ytQ7MIY5UozaRaqBffzAEUSWGm_qz2EF...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEGRRKqTuQufAQ2D9HYjI6VI&google_cver=1&google_push=AXcoOmR6Y6nZjxJvBbtz9OCjbkgg9kKzu0QoaG4_k4YJk1D2ytQ7MIY5UozaRaqBffzAEUSWGm_...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY5MTU0NzMxNzMyMTA3MTAzNw&google_push=AXcoOmR6Y6nZjxJvBbtz9OCjbkgg9kKzu0QoaG4_k4YJk1D2ytQ7MIY5UozaRaqBffzAEUSWGm_qz2...

170 B
232 B

49ms
47ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY5MTU0NzMxNzMyMTA3MTAzNw&google_push=AXcoOmR6Y6nZjxJvBbtz9OCjbkgg9kKzu0QoaG4_k4YJk1D2ytQ7MIY5UozaRaqBffzAEUSWGm_qz2EFKUnO8Tr0ECo1NOlMmY8B

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODY5MTU0NzMxNzMyMTA3MTAzNw&google_push=AXcoOmR6Y6nZjxJvBbtz9OCjbkgg9kKzu0QoaG4_k4YJk1D2ytQ7MIY5UozaRaqBffzAEUSWGm_qz2EFKUnO8Tr0ECo1NOlMmY8B
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A541
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELGdTBOhHrKu9jF-QqRwjD8&google_cver=1&google_push=AXcoOmQEXXK0VQbt4DlS4aMVZ1GxO2PhWUbLUzXTWoP8a2XhwDQ_dc0e2VyLhF9fINmO8z4Hp3FH7ucqnJJlbDCBw...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESELGdTBOhHrKu9jF-QqRwjD8&google_cver=1&google_push=AXcoOmQEXXK0VQbt4DlS4aMVZ1GxO2PhWUbLUzXTWoP8a2XhwDQ_dc0e2VyLhF9fINmO8z4Hp3FH7ucqnJJlbDCBw...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQEXXK0VQbt4DlS4aMVZ1GxO2PhWUbLUzXTWoP8a2XhwDQ_dc0e2VyLhF9fINmO8z4Hp3FH7ucqnJJlbDCBwgJV0J0L2cY8&google_hm=HO_OpGZHCwEuDwomSOqE4Pnj

170 B
232 B

47ms
47ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQEXXK0VQbt4DlS4aMVZ1GxO2PhWUbLUzXTWoP8a2XhwDQ_dc0e2VyLhF9fINmO8z4Hp3FH7ucqnJJlbDCBwgJV0J0L2cY8&google_hm=HO_OpGZHCwEuDwomSOqE4Pnj

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 29 Aug 2023 22:38:35 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmQEXXK0VQbt4DlS4aMVZ1GxO2PhWUbLUzXTWoP8a2XhwDQ_dc0e2VyLhF9fINmO8z4Hp3FH7ucqnJJlbDCBwgJV0J0L2cY8&google_hm=HO_OpGZHCwEuDwomSOqE4Pnj
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A541
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEP...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmShxO5i2SEh_UKudYa31TP13Af6UwEiqJBMPWFdP_rZlKwxGQMfXrkNHkCqTMk8AkW9uPC7srmQpomWTvVy3VjWAcQ0Ddk&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-294a25be-2f74-4765-893e-27e2436947c7-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmShxO5i2SEh_UKudYa31...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmShxO5i2SEh_UKudYa31TP13Af6UwEiqJBMPWFdP_rZlKwxGQMfXrkNHkCqTMk8AkW9uPC7srmQpomWTvVy3VjWAcQ0Ddk&google_hm=AylKJb4vdEdliT4n4kNpR8c

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmShxO5i2SEh_UKudYa31TP13Af6UwEiqJBMPWFdP_rZlKwxGQMfXrkNHkCqTMk8AkW9uPC7srmQpomWTvVy3VjWAcQ0Ddk&google_hm=AylKJb4vdEdliT4n4kNpR8c

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmShxO5i2SEh_UKudYa31TP13Af6UwEiqJBMPWFdP_rZlKwxGQMfXrkNHkCqTMk8AkW9uPC7srmQpomWTvVy3VjWAcQ0Ddk&google_hm=AylKJb4vdEdliT4n4kNpR8c
date: Tue, 29 Aug 2023 22:38:35 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX294a25be2f744765893e27e2436947c7003
content-type: text/html

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A541
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEE0hiwY0KTwh-stLpSXDr3o&google_cver=1&google_push=AXcoOmQCvSj3RFnlyYutDXuZPz9FgAbfItBpFfzONJy3qU51oHwYLS4OReKdpu6cR1S8SOGL8rSaVLzIQ1IY5uq31Qm9kqK8d_l-
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmQCvSj3RFnlyYutDXuZPz9FgAbfItBpFfzONJy3qU51oHwYLS4OReKdpu6cR1S8SOGL8rSaVLzIQ1IY5uq31Qm9kqK8d_l...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ2MzM2Mjk0NjYwODA4OTY0NTc2NQ%3D%3D&google_push=AXcoOmQCvSj3RFnlyYutDXuZPz9FgAbfItBpFfzONJy3qU51oHwYLS4O...

170 B
232 B

47ms
47ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ2MzM2Mjk0NjYwODA4OTY0NTc2NQ%3D%3D&google_push=AXcoOmQCvSj3RFnlyYutDXuZPz9FgAbfItBpFfzONJy3qU51oHwYLS4OReKdpu6cR1S8SOGL8rSaVLzIQ1IY5uq31Qm9kqK8d_l-

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ2MzM2Mjk0NjYwODA4OTY0NTc2NQ%3D%3D&google_push=AXcoOmQCvSj3RFnlyYutDXuZPz9FgAbfItBpFfzONJy3qU51oHwYLS4OReKdpu6cR1S8SOGL8rSaVLzIQ1IY5uq31Qm9kqK8d_l-
date: Tue, 29 Aug 2023 22:38:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58281/ Frame A541 0
125 B 71ms
20ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEG7BhsrUTfG2idN4K9hifUI&google_cver=1&google_push=AXcoOmRv9o2cGuB2JQ7TPw2jPQonXRj4ECu68RnQlBYUyydbuwbYel97lpyJuw7agwr75ZVElsQwWdcLMRwrs0Qgiju9J7iFI6_wKA

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A541 0
139 B 163ms
45ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KQd4QUAHvasb5z9BdIR4C3o3pKlxA-1bibOGjgziNrtUrELvUh756d8WDUcFGxbNyML2WIew

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame E830 114 KB
14 KB 26ms
21ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ge89aka5b0k19xtwwr3t0rmctnq61f65geq2xpf29dn7310k06qdfey9z34abnhwfgd87pf2b68k5r9tym4gescnzazt12p13vvpvvbrqs5c28crd1nyj4wngc3efxrjrv4zmecmmqqftqw2765ha5gpwhrpwwzz22zfsxyn96s3m71jk19q31dvcqv0kzfq9rg93nne8xcb7692tqa93sghyre4q3gy9w3fdem1f4ewc4v5w6qasb94d5gxpf2k7wpwdxbdj7gecacb16ayxwgc3phqbaz8yseraeegh3d21k27eqsvdd3sxbtxhd98yxsvvg5qp6ws6w9xkpt2y4k55fdp91g7acxr3vtf3edgbmgpaw04cter94hvkp8yf1g2w4vhyt4hmya2n2wgnvpnymj32wrk2djmctgs6kr1x2p8wz1r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnmXDa3PuZKv3AsG_iQbP24zAApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAkMw1AwpOrI-qAMByAMCqgTfAU_QreRdUiG4UX9FwAmI4A_RG-MbbhpRZLhys7Pv6qpbnA-opQN7hCcEXndNf1ZdWkZzMuREBcEToOsbma4OaqeD4JbbcY6iYRYw96i1FlvFLLG_zLQFE4KgBuhAUIdIOtZ_D_BVsdpupE-pRzY3FuGFcdlUBm909ehPLB9bf5BIFBySrbSTDThHCH67f2SSKlJpgrg34nn56AFKiruVks7_qo0XnXTDF80qTSvzvbS1PBWZEhuVdvFclfy5GZzpkmB9MWbElP3RLMvIe2hdpGKiIl9hqoUDyW-MeDXctVqABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1o6l6UCftJRnKTFMF1HJ2x8MT-7A%26client%3Dca-pub-1983042674979462%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1ge89aka5b0k19xtwwr3t0rmctnq61f65geq2xpf29dn7310k06qdfey9z34abnhwfgd87pf2b68k5r9tym4gescnzazt12p13vvpvvbrqs5c28crd1nyj4wngc3efxrjrv4zmecmmqqftqw2765ha5gpwhrpwwzz22zfsxyn96s3m71jk19q31dvcqv0kzfq9rg93nne8xcb7692tqa93sghyre4q3gy9w3fdem1f4ewc4v5w6qasb94d5gxpf2k7wpwdxbdj7gecacb16ayxwgc3phqbaz8yseraeegh3d21k27eqsvdd3sxbtxhd98yxsvvg5qp6ws6w9xkpt2y4k55fdp91g7acxr3vtf3edgbmgpaw04cter94hvkp8yf1g2w4vhyt4hmya2n2wgnvpnymj32wrk2djmctgs6kr1x2p8wz1r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnmXDa3PuZKv3AsG_iQbP24zAApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAkMw1AwpOrI-qAMByAMCqgTfAU_QreRdUiG4UX9FwAmI4A_RG-MbbhpRZLhys7Pv6qpbnA-opQN7hCcEXndNf1ZdWkZzMuREBcEToOsbma4OaqeD4JbbcY6iYRYw96i1FlvFLLG_zLQFE4KgBuhAUIdIOtZ_D_BVsdpupE-pRzY3FuGFcdlUBm909ehPLB9bf5BIFBySrbSTDThHCH67f2SSKlJpgrg34nn56AFKiruVks7_qo0XnXTDF80qTSvzvbS1PBWZEhuVdvFclfy5GZzpkmB9MWbElP3RLMvIe2hdpGKiIl9hqoUDyW-MeDXctVqABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1o6l6UCftJRnKTFMF1HJ2x8MT-7A%26client%3Dca-pub-1983042674979462%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 559525
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iq5%2FNG0j908ogddAMGskrbuaaTJfiV5sCb4XPZ3vJEc7A40Y5bGfY4rQvGE9H%2B8UyKf54FPdXfbpbcT2hdS6cv8OwBk%2B3ky93v93hgTYIF%2Fi%2BvJMkzQeNf6I5IqftJsMsdY%2Bertwc5Y%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7fe848fefaf8914c-FRA
expires: Tue, 29 Aug 2023 23:38:35 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame E830 25 KB
10 KB 33ms
28ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1ge89aka5b0k19xtwwr3t0rmctnq61f65geq2xpf29dn7310k06qdfey9z34abnhwfgd87pf2b68k5r9tym4gescnzazt12p13vvpvvbrqs5c28crd1nyj4wngc3efxrjrv4zmecmmqqftqw2765ha5gpwhrpwwzz22zfsxyn96s3m71jk19q31dvcqv0kzfq9rg93nne8xcb7692tqa93sghyre4q3gy9w3fdem1f4ewc4v5w6qasb94d5gxpf2k7wpwdxbdj7gecacb16ayxwgc3phqbaz8yseraeegh3d21k27eqsvdd3sxbtxhd98yxsvvg5qp6ws6w9xkpt2y4k55fdp91g7acxr3vtf3edgbmgpaw04cter94hvkp8yf1g2w4vhyt4hmya2n2wgnvpnymj32wrk2djmctgs6kr1x2p8wz1r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnmXDa3PuZKv3AsG_iQbP24zAApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAkMw1AwpOrI-qAMByAMCqgTfAU_QreRdUiG4UX9FwAmI4A_RG-MbbhpRZLhys7Pv6qpbnA-opQN7hCcEXndNf1ZdWkZzMuREBcEToOsbma4OaqeD4JbbcY6iYRYw96i1FlvFLLG_zLQFE4KgBuhAUIdIOtZ_D_BVsdpupE-pRzY3FuGFcdlUBm909ehPLB9bf5BIFBySrbSTDThHCH67f2SSKlJpgrg34nn56AFKiruVks7_qo0XnXTDF80qTSvzvbS1PBWZEhuVdvFclfy5GZzpkmB9MWbElP3RLMvIe2hdpGKiIl9hqoUDyW-MeDXctVqABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1o6l6UCftJRnKTFMF1HJ2x8MT-7A%26client%3Dca-pub-1983042674979462%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 22086
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OzsmnHKnr07NazKOrbd7FOy6rUyFiN%2FSZiRziKbqAqasgvO2pxLwoqE0%2FyNqVo4bL9%2Fm9weWBhQHEtCxEmMjGrQGg%2BfsPoUvlEPIK%2FPMQHGKITB6qB6P3Cn2O1NhwuD%2FJ6nkonI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7fe848fefaf9914c-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 29 Aug 2023 16:30:19 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C6FE 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pb.lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 21:48:45 GMT
expires: Wed, 28 Aug 2024 21:48:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EF57 829 B
559 B 51ms
51ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f0c9d7ae47a3839ab6438558fed00c5cd5911eecbde1816bffce20151a045673

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zVwtVTLSUdV_khiSu1g9YA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pb.lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-zVwtVTLSUdV_khiSu1g9YA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:35 GMT
expires: Tue, 29 Aug 2023 22:38:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame AEF6 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ba3ad2978cfbe37713407a5ec2670fe381f17106a313cbb1d00b9632f9db59e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 033D 2 KB
2 KB 35ms
34ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hvhjq58hxyrh0arb5atbtja2d4pf1wmvbgczzwcbsnkw7n52s0jezcjz0ez10kfhnvyakyyn888vmg6e2f3zn9hdmwn2cagvmc2hk2xmcz7vdx7v6ergbye12p5vpg0bfc0ynsbv4ahjxe197d5r600fy7cf4575r5wkbr7rnxfc6yjnb89rnwjefnfyqgz4jenamn4pc1b4m835n7b28qj3n31ygt59na5xyjwetqks1h1jgdcy5618n29bs34z12a5vrb63ry0ffw4ted0g6q3hztrq894kyzmmdz2dvwwkd1cz9exvx1t414mh8n3ebz5s4hdzv139xpze6f618jx1ge6y25c40f5g2dzmtv3jk6pwjmaxw5jv38fr8v6a0fc69zxd75na8mhzxvck787kb5n5v56zmaj3s3cndzc34eb4rb8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuT1ra3PuZPWpCNWI-cAP2vCToAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3gFP0DQmdCM2ZUlm2ERh7WYrD7lgiE3OYwNXyi41h9cd3E2pMTiYysBTo3i_pv0g92bNIAF5owKZsdnoYlohKlYGNDTl6GjZRM1n3En3VutujhibdwkCz8RdEtIwIzbXwhmETNM1BoPV6TJzZ5cK4w9FhTE8Mkvj0mwn5ljgFxwCdrzWYEjyqSzag6tnxmMVhoDpueNhwhsxNbZsCfQWIT8Q183748XqpU2h5hGqrYCq2dO1AE8exKvNk7slIdEu8EeHMXiff4QeJ14uosC7wP-qXdVp8jYMSpdTTSCsZIiABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ESmalc1dOrVwX_rwKIqaL4aMlDw%26client%3Dca-pub-1983042674979462%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714544&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714786&bpp=3&bdt=1411&idt=291&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=4817295681634&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=1650869316&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31077444%2C44796632&oid=2&pvsid=3439189426482461&tmod=1904511278&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.coj4yux3obvd&fsb=1&dtd=306

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9365df793afdf41433275bf106dc6ff8b656cf507455fc2d3b8428c83f6fa8e

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fe848ffbb9a914c-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:35 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame D60F 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714544&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714786&bpp=3&bdt=1411&idt=291&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=4817295681634&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=1650869316&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31077444%2C44796632&oid=2&pvsid=3439189426482461&tmod=1904511278&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.coj4yux3obvd&fsb=1&dtd=306

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 21:46:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 21:46:04 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BCF2 1 KB
643 B 39ms
35ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714544&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714786&bpp=3&bdt=1411&idt=291&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=4817295681634&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=1650869316&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31077444%2C44796632&oid=2&pvsid=3439189426482461&tmod=1904511278&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.coj4yux3obvd&fsb=1&dtd=306

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 11:13:59 GMT
etag: 48472445140208031
expires: Wed, 30 Aug 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame D60F 20 KB
8 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714544&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714786&bpp=3&bdt=1411&idt=291&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=4817295681634&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=1650869316&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31077444%2C44796632&oid=2&pvsid=3439189426482461&tmod=1904511278&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.coj4yux3obvd&fsb=1&dtd=306

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D60F 181 KB
56 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714544&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714786&bpp=3&bdt=1411&idt=291&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=4817295681634&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=1650869316&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31077444%2C44796632&oid=2&pvsid=3439189426482461&tmod=1904511278&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.coj4yux3obvd&fsb=1&dtd=306

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 22:38:35 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 19E8 13 KB
5 KB 40ms
38ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pb.lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 21:48:45 GMT
expires: Wed, 28 Aug 2024 21:48:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6EDF 829 B
559 B 57ms
53ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

abbebeb42b4b1bf0628e815118ea3a73c6d538c4ec781b98dffc75665489b488

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-0voTqrENNRnV1xsELpykQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pb.lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-0voTqrENNRnV1xsELpykQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:35 GMT
expires: Tue, 29 Aug 2023 22:38:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame CE89 0
104 B 98ms
27ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEBnbrv5qjYfse60LH29-d7E&google_cver=1&google_push=AXcoOmQKLjWb0PCHio-6gBK0of4qp6KQgmZda14jLefKy_suxiyOQjVZj63h0UUWSb6-YGn7iOX_e9oDrkx3tVG6nfrdXdRshes
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714542&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714768&bpp=4&bdt=1394&idt=224&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7010718715925&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=246262387&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077323%2C31077369%2C31077371%2C31077488%2C44795922%2C31077451&oid=2&pvsid=3972637629488550&tmod=1229654141&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6kvmdq7en2vx&fsb=1&dtd=237
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE89
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMwcWcw75zeLYj2cKJTPtlE&google_cver=1&google_push=AXcoOmSrI3VoU3kX0aJ7JmRLB54bSBQJKbOAWssZBZEYAKZSRKH01ba2OaiDh_6kZ5_M8mcAN81ntrBBhihaRKeu4dWpU9o...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSrI3VoU3kX0aJ7JmRLB54bSBQJKbOAWssZBZEYAKZSRKH01ba2OaiDh_6kZ5_M8mcAN81ntrBBhihaRKeu4dWpU9ojL9k&google_hm=eS1UQVN0T0E5RTJwR0tabjF...

170 B
188 B

52ms
51ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSrI3VoU3kX0aJ7JmRLB54bSBQJKbOAWssZBZEYAKZSRKH01ba2OaiDh_6kZ5_M8mcAN81ntrBBhihaRKeu4dWpU9ojL9k&google_hm=eS1UQVN0T0E5RTJwR0tabjFvOWExR3pLWFBIV3VZMzRobn5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714542&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714768&bpp=4&bdt=1394&idt=224&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7010718715925&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=246262387&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077323%2C31077369%2C31077371%2C31077488%2C44795922%2C31077451&oid=2&pvsid=3972637629488550&tmod=1229654141&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6kvmdq7en2vx&fsb=1&dtd=237

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 29 Aug 2023 22:38:35 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSrI3VoU3kX0aJ7JmRLB54bSBQJKbOAWssZBZEYAKZSRKH01ba2OaiDh_6kZ5_M8mcAN81ntrBBhihaRKeu4dWpU9ojL9k&google_hm=eS1UQVN0T0E5RTJwR0tabjFvOWExR3pLWFBIV3VZMzRobn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE89
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmSyel...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-BXzLcbdue1IAJ-BQeLe6ATQonyU7Q6QyJRF-8g&google_push=AXcoOmSyelqP7qxCTw1Rk2kx52mfqYb5MjumKeLmy_vkEqTCYxi0HadJYhRjp3_XVHR_VcfRoTM2TYMR0t2T...

170 B
188 B

46ms
45ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-BXzLcbdue1IAJ-BQeLe6ATQonyU7Q6QyJRF-8g&google_push=AXcoOmSyelqP7qxCTw1Rk2kx52mfqYb5MjumKeLmy_vkEqTCYxi0HadJYhRjp3_XVHR_VcfRoTM2TYMR0t2TxpyqaKQxboc1V9E

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714542&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714768&bpp=4&bdt=1394&idt=224&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7010718715925&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=246262387&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077323%2C31077369%2C31077371%2C31077488%2C44795922%2C31077451&oid=2&pvsid=3972637629488550&tmod=1229654141&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6kvmdq7en2vx&fsb=1&dtd=237

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-BXzLcbdue1IAJ-BQeLe6ATQonyU7Q6QyJRF-8g&google_push=AXcoOmSyelqP7qxCTw1Rk2kx52mfqYb5MjumKeLmy_vkEqTCYxi0HadJYhRjp3_XVHR_VcfRoTM2TYMR0t2TxpyqaKQxboc1V9E
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 799239
content-length: 0
expires: Tue, 29 Aug 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE89
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJnTpPN66HzEJKPgt-DcVh8&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJnTpPN66HzEJKPgt-DcVh8&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJnTpPN66HzEJKPgt-DcVh8&google_hm=ZO5za30adzWI0I6hG1ja-QAABL8AAAIB&google_nid=index&google_push=AXcoOmQ8IBvck2ZWB0qQNPoxc59hN0uZ9nLgY...

170 B
188 B

54ms
54ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJnTpPN66HzEJKPgt-DcVh8&google_hm=ZO5za30adzWI0I6hG1ja-QAABL8AAAIB&google_nid=index&google_push=AXcoOmQ8IBvck2ZWB0qQNPoxc59hN0uZ9nLgYW-hHDdc-Zlkrz0hezpE8oAAfO0fsddGy1ntoVcx48qhAjj99DfNsVRNa65QHSM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714542&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714768&bpp=4&bdt=1394&idt=224&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7010718715925&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=246262387&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077323%2C31077369%2C31077371%2C31077488%2C44795922%2C31077451&oid=2&pvsid=3972637629488550&tmod=1229654141&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6kvmdq7en2vx&fsb=1&dtd=237

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EJRAc52WJR3LKEdkw0c8Igo5lR9GZcdgGp%2B%2BCUpAYfR3EsyAipRmQs6XRBTbuapMxgBqYlLSRURACz5pHndL0XBfmuee89%2BhNZYl5MlvAhrFhVuP6kSFomabJFJjH6WwMbFPkqmzNqnJw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJnTpPN66HzEJKPgt-DcVh8&google_hm=ZO5za30adzWI0I6hG1ja-QAABL8AAAIB&google_nid=index&google_push=AXcoOmQ8IBvck2ZWB0qQNPoxc59hN0uZ9nLgYW-hHDdc-Zlkrz0hezpE8oAAfO0fsddGy1ntoVcx48qhAjj99DfNsVRNa65QHSM
cache-control: no-cache
cf-ray: 7fe84900bf8a91de-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE89
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEFYQistJDS9mJTLFD82lEPo&google_cver=1&google_push=AXcoOmTZMQWpfWG-NFlLBwrpsLhoQvOfYytcW9g3DpH-_ixFdfNCptUE8HMGm9n293RupCC_IkFqO4CJvlJS5Y3K...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=1&gdpr_consent=&google_push=AXcoOmTZMQWpfWG-NFlLBwrpsLhoQvOfYytcW9g3DpH-_ixFdfNCptUE8HMGm9n293RupCC_IkFqO4CJvlJS5Y3K8YUv4zl2pSM

170 B
188 B

49ms
49ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=1&gdpr_consent=&google_push=AXcoOmTZMQWpfWG-NFlLBwrpsLhoQvOfYytcW9g3DpH-_ixFdfNCptUE8HMGm9n293RupCC_IkFqO4CJvlJS5Y3K8YUv4zl2pSM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714542&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714768&bpp=4&bdt=1394&idt=224&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7010718715925&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=246262387&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077323%2C31077369%2C31077371%2C31077488%2C44795922%2C31077451&oid=2&pvsid=3972637629488550&tmod=1229654141&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6kvmdq7en2vx&fsb=1&dtd=237

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 29 Aug 2023 22:38:35 GMT
via: 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=1&gdpr_consent=&google_push=AXcoOmTZMQWpfWG-NFlLBwrpsLhoQvOfYytcW9g3DpH-_ixFdfNCptUE8HMGm9n293RupCC_IkFqO4CJvlJS5Y3K8YUv4zl2pSM
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: VlrtXgRqqwpDZ7TRoilwOQtzOzTj-S3S5nifSDDALtRan3hnGR1Vzw==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CE89
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKKB_FCJWsqnCpCnC58_QzA&google_cver=1&google_push=AXcoOmT80nHw3LU8VsQTEJgbOqMpt5-7lnXmv2PNBam2cLf-xPkYtPL3PCo0Skg6Abr0Z46pczUJY1-i_GYp...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT80nHw3LU8VsQTEJgbOqMpt5-7lnXmv2PNBam2cLf-xPkYtPL3PCo0Skg6Abr0Z46pczUJY1-i_GYpBKiH0vcKic-2

170 B
188 B

51ms
50ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT80nHw3LU8VsQTEJgbOqMpt5-7lnXmv2PNBam2cLf-xPkYtPL3PCo0Skg6Abr0Z46pczUJY1-i_GYpBKiH0vcKic-2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714542&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714768&bpp=4&bdt=1394&idt=224&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7010718715925&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=246262387&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077323%2C31077369%2C31077371%2C31077488%2C44795922%2C31077451&oid=2&pvsid=3972637629488550&tmod=1229654141&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6kvmdq7en2vx&fsb=1&dtd=237

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT80nHw3LU8VsQTEJgbOqMpt5-7lnXmv2PNBam2cLf-xPkYtPL3PCo0Skg6Abr0Z46pczUJY1-i_GYpBKiH0vcKic-2
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

report
sync.teads.tv/um/ Frame CE89
Redirect Chain

https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEGiX-4Bo1WKb...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AXcoOmSueA5Eb_2KycWBmqZvUrHeMNrG8XAIk062W_CN1EhkLouABOyZtzTg_3SgGxT7TADak9Oka6E4BJo74vIHCvEvHGSYNL31
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
163 B

32ms
32ms

Image
image/gif

2.16.97.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714542&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714768&bpp=4&bdt=1394&idt=224&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7010718715925&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=246262387&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077323%2C31077369%2C31077371%2C31077488%2C44795922%2C31077451&oid=2&pvsid=3972637629488550&tmod=1229654141&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6kvmdq7en2vx&fsb=1&dtd=237
Protocol: H2
Server: 2.16.97.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-97-41.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

expires: Tue, 29 Aug 2023 22:38:35 GMT
pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame CE89 0
49 B 47ms
45ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LM2b5ENYhQ7YpxNz9DDJ3WM99bJaLMkmL9km24TNvQX6lyV4IWVBe9xK-sR3bXlVNO405Igw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714542&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714768&bpp=4&bdt=1394&idt=224&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7010718715925&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=246262387&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077323%2C31077369%2C31077371%2C31077488%2C44795922%2C31077451&oid=2&pvsid=3972637629488550&tmod=1229654141&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6kvmdq7en2vx&fsb=1&dtd=237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 033D 114 KB
14 KB 20ms
20ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hvhjq58hxyrh0arb5atbtja2d4pf1wmvbgczzwcbsnkw7n52s0jezcjz0ez10kfhnvyakyyn888vmg6e2f3zn9hdmwn2cagvmc2hk2xmcz7vdx7v6ergbye12p5vpg0bfc0ynsbv4ahjxe197d5r600fy7cf4575r5wkbr7rnxfc6yjnb89rnwjefnfyqgz4jenamn4pc1b4m835n7b28qj3n31ygt59na5xyjwetqks1h1jgdcy5618n29bs34z12a5vrb63ry0ffw4ted0g6q3hztrq894kyzmmdz2dvwwkd1cz9exvx1t414mh8n3ebz5s4hdzv139xpze6f618jx1ge6y25c40f5g2dzmtv3jk6pwjmaxw5jv38fr8v6a0fc69zxd75na8mhzxvck787kb5n5v56zmaj3s3cndzc34eb4rb8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuT1ra3PuZPWpCNWI-cAP2vCToAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3gFP0DQmdCM2ZUlm2ERh7WYrD7lgiE3OYwNXyi41h9cd3E2pMTiYysBTo3i_pv0g92bNIAF5owKZsdnoYlohKlYGNDTl6GjZRM1n3En3VutujhibdwkCz8RdEtIwIzbXwhmETNM1BoPV6TJzZ5cK4w9FhTE8Mkvj0mwn5ljgFxwCdrzWYEjyqSzag6tnxmMVhoDpueNhwhsxNbZsCfQWIT8Q183748XqpU2h5hGqrYCq2dO1AE8exKvNk7slIdEu8EeHMXiff4QeJ14uosC7wP-qXdVp8jYMSpdTTSCsZIiABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ESmalc1dOrVwX_rwKIqaL4aMlDw%26client%3Dca-pub-1983042674979462%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hvhjq58hxyrh0arb5atbtja2d4pf1wmvbgczzwcbsnkw7n52s0jezcjz0ez10kfhnvyakyyn888vmg6e2f3zn9hdmwn2cagvmc2hk2xmcz7vdx7v6ergbye12p5vpg0bfc0ynsbv4ahjxe197d5r600fy7cf4575r5wkbr7rnxfc6yjnb89rnwjefnfyqgz4jenamn4pc1b4m835n7b28qj3n31ygt59na5xyjwetqks1h1jgdcy5618n29bs34z12a5vrb63ry0ffw4ted0g6q3hztrq894kyzmmdz2dvwwkd1cz9exvx1t414mh8n3ebz5s4hdzv139xpze6f618jx1ge6y25c40f5g2dzmtv3jk6pwjmaxw5jv38fr8v6a0fc69zxd75na8mhzxvck787kb5n5v56zmaj3s3cndzc34eb4rb8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuT1ra3PuZPWpCNWI-cAP2vCToAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3gFP0DQmdCM2ZUlm2ERh7WYrD7lgiE3OYwNXyi41h9cd3E2pMTiYysBTo3i_pv0g92bNIAF5owKZsdnoYlohKlYGNDTl6GjZRM1n3En3VutujhibdwkCz8RdEtIwIzbXwhmETNM1BoPV6TJzZ5cK4w9FhTE8Mkvj0mwn5ljgFxwCdrzWYEjyqSzag6tnxmMVhoDpueNhwhsxNbZsCfQWIT8Q183748XqpU2h5hGqrYCq2dO1AE8exKvNk7slIdEu8EeHMXiff4QeJ14uosC7wP-qXdVp8jYMSpdTTSCsZIiABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ESmalc1dOrVwX_rwKIqaL4aMlDw%26client%3Dca-pub-1983042674979462%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 559525
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Ca3tpvt45QQZhtpl76uVGrEzdBmRSug7ze5bRBxfdBsO1PGyg5nJ1wxuctxLw1Yg0fZb9EdBaljypBZ4ylYHiQyjwlo8yL6mZY05msn9EBkRxggoD1qx0U18lTJp2dbp1USWdhWqMk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7fe849003c1a914c-FRA
expires: Tue, 29 Aug 2023 23:38:35 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 033D 25 KB
10 KB 18ms
18ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hvhjq58hxyrh0arb5atbtja2d4pf1wmvbgczzwcbsnkw7n52s0jezcjz0ez10kfhnvyakyyn888vmg6e2f3zn9hdmwn2cagvmc2hk2xmcz7vdx7v6ergbye12p5vpg0bfc0ynsbv4ahjxe197d5r600fy7cf4575r5wkbr7rnxfc6yjnb89rnwjefnfyqgz4jenamn4pc1b4m835n7b28qj3n31ygt59na5xyjwetqks1h1jgdcy5618n29bs34z12a5vrb63ry0ffw4ted0g6q3hztrq894kyzmmdz2dvwwkd1cz9exvx1t414mh8n3ebz5s4hdzv139xpze6f618jx1ge6y25c40f5g2dzmtv3jk6pwjmaxw5jv38fr8v6a0fc69zxd75na8mhzxvck787kb5n5v56zmaj3s3cndzc34eb4rb8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuT1ra3PuZPWpCNWI-cAP2vCToAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3gFP0DQmdCM2ZUlm2ERh7WYrD7lgiE3OYwNXyi41h9cd3E2pMTiYysBTo3i_pv0g92bNIAF5owKZsdnoYlohKlYGNDTl6GjZRM1n3En3VutujhibdwkCz8RdEtIwIzbXwhmETNM1BoPV6TJzZ5cK4w9FhTE8Mkvj0mwn5ljgFxwCdrzWYEjyqSzag6tnxmMVhoDpueNhwhsxNbZsCfQWIT8Q183748XqpU2h5hGqrYCq2dO1AE8exKvNk7slIdEu8EeHMXiff4QeJ14uosC7wP-qXdVp8jYMSpdTTSCsZIiABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ESmalc1dOrVwX_rwKIqaL4aMlDw%26client%3Dca-pub-1983042674979462%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 22086
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lH4O6XtZZUqMNW9SjRn0%2F%2FXng%2FrMGQRNhEEYHCZX1On%2FfBtsehnF77lQTED9j5RyZOKnSYEFiwIyFdVYF6jUxj5FnBw5UJ1EVktuY8YM2Qf%2BJALrt4jq0DJVxsXcE7YXCCfzM0s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7fe849003c1c914c-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 29 Aug 2023 16:30:19 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 41B3 0
0 70ms
70ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230828&jk=3972637629488550&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6DCA 13 KB
5 KB 41ms
38ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pb.lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 21:48:45 GMT
expires: Wed, 28 Aug 2024 21:48:45 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CE1E 829 B
560 B 51ms
49ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bdbe17f58d2111986091a711b33375f9b92b8ca1411a56d9a81617da4f74c764

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FWRPKml1ThMok7LdIMAvZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pb.lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-FWRPKml1ThMok7LdIMAvZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:35 GMT
expires: Tue, 29 Aug 2023 22:38:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 6322 2 KB
2 KB 40ms
37ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1j4rmgzn4wmb869fz3cz6he081fhztatzqws4m6t53x3qp9gd4px31bcywfhzzay5s1690acftmgwvrhn79495jtwhtka7v2xcb8f6pzwhq1yhmm7medcsxnncscyp0ktnfv6awkcswcz31qy3w307sw6td57z4c88gh136f76vwwnbc46f1c6mfjam2ch20gdqwt5d13y0p5tfpf3zbacbnngcqg41rn4h8snhm0nh6nxft3erfz35p97kzg7ncev7804k02pdax1pz9e1afnq748v9a6d72tw5bjak44qsb001502jvkes4zzbejj6wxq199h8ec9dj06wph5z5ampkw4pvg3w4k446cb2wb6mebbtacbrk5nt6ekdvmgspz8hzfhj6vnjrvwqjttrd1t8qfa6dh4kq7khydj0epq3ms89b1q3m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCX0bza3PuZITiBd_C7_UPiLW40AOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0BhiQUyYHXsMU1j-WWRdHkIrizi_jAgXIJP6xwQ6TQqEd8FX0lbkNoJoqX1lIupWcTnl8aC4T29zqRNpltJzLKXUahpYkk3jRLwdFjjNlYpfYkpyaKUcWo_oUsI8i0Fu5ZNoqtZVZfbpMIqhDAW_UK_Kj8L8-mdchn3eO1B63QKXF89T4qH0hvKHsYHONlCNQkCwxQd6azTjFEjHJ0c8M1EtLWJLGuRLcDyrCPmuR9HOF68EcoOFW0vFkCqm62LVEIxaFvSzXbEZb0idnacdhAIPWsQTyLHvkoKYXpekgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ZnbQiymMXsTJwgcJAxwP0EgBLiQ%26client%3Dca-pub-1983042674979462%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714545&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714829&bpp=4&bdt=1442&idt=220&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7303162312974&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=549433589&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C31077318%2C31077324%2C31077369%2C42531706&oid=2&pvsid=3629789203006036&tmod=1107824513&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.d2av7eahhq6n&fsb=1&dtd=237

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b452aa9b2bd42bbf203cb979b7bee28d229bade135412663f01c1b673b9c6d1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fe849007c3f914c-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:35 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 040E 3 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714545&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714829&bpp=4&bdt=1442&idt=220&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7303162312974&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=549433589&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C31077318%2C31077324%2C31077369%2C42531706&oid=2&pvsid=3629789203006036&tmod=1107824513&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.d2av7eahhq6n&fsb=1&dtd=237

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 21:46:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 21:46:04 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 346C 1 KB
643 B 36ms
35ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714545&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714829&bpp=4&bdt=1442&idt=220&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7303162312974&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=549433589&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C31077318%2C31077324%2C31077369%2C42531706&oid=2&pvsid=3629789203006036&tmod=1107824513&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.d2av7eahhq6n&fsb=1&dtd=237

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 11:13:59 GMT
etag: 48472445140208031
expires: Wed, 30 Aug 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame 040E 20 KB
8 KB 41ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714545&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714829&bpp=4&bdt=1442&idt=220&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7303162312974&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=549433589&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C31077318%2C31077324%2C31077369%2C42531706&oid=2&pvsid=3629789203006036&tmod=1107824513&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.d2av7eahhq6n&fsb=1&dtd=237

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 040E 0
0 49ms
48ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSbIr6z96-FnLT5tl3-_MXaAP9xz0oLVtkNbqf6yfABOnCy0CqGZz-ZIn7nHaTK7eJTRzFHyStYntQtnwxXw4QyrB8IFQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714545&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714829&bpp=4&bdt=1442&idt=220&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7303162312974&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=549433589&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C31077318%2C31077324%2C31077369%2C42531706&oid=2&pvsid=3629789203006036&tmod=1107824513&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.d2av7eahhq6n&fsb=1&dtd=237
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 040E 181 KB
56 KB 58ms
56ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714545&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714829&bpp=4&bdt=1442&idt=220&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7303162312974&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=549433589&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C31077318%2C31077324%2C31077369%2C42531706&oid=2&pvsid=3629789203006036&tmod=1107824513&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.d2av7eahhq6n&fsb=1&dtd=237

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 22:38:35 GMT

GET
H3 200 F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F81 37 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:31:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14626
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 16:31:55 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 3673 3 KB
3 KB 75ms
28ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 721
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3OdXQMVH8S7Kw6Vwt6TvCGA7HgV%2BpvgucmgGIM1vgWZyu2CoCqblrC3s5d%2FptMs2rM7Clr9TALYZbOBG8UN%2Br8c7yGbaXSHNcqchf6XSfLE%2F2dsBxGbKAvMR9sDSyNGyG6x71HyJYCUx4zjgMoVACSKc"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7fe84900cc019064-FRA
expires: Tue, 29 Aug 2023 23:26:34 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame E830 3 KB
4 KB 40ms
27ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 721
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7HKzlEQhiz6NQhZTpWvyTad5RaCpUe%2FZeLnqKVorGSHT1nigpJwnXexnm%2BPt5UPszeesR5whjbMB3F%2Fb3359sMjeyiyZmbktm9du64omy2z6Xc%2FH9XdS2upNGIfA%2BSy3GTVJ0uTDp4YsmOwQ8vEuLXNP"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7fe84900cc029064-FRA
expires: Tue, 29 Aug 2023 23:26:34 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 3827 2 KB
1 KB 16ms
16ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 646361
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7fe84900cc89914c-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 29 Aug 2023 22:38:35 GMT
expires: Wed, 09 Aug 2023 01:00:19 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJ7YSQirG9gjpE46wi2yaa%2F91U6REMqXz7ny5Edbx82E%2BN73JxlBziTf8xwhz%2BeQ94hfpCBmfxxBvjaf8%2FP6rydycBPL%2BLgXNcE5jHteTBbSX%2BFcTYdVFq7EHHQoh1SrPmcY4Z4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 dr Show response
as.ad4m.at/ad/ Frame 5616 2 KB
2 KB 30ms
30ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1gavbacjakkvr7pafnbr78zwpjeda4b1x0hgbscc87rfkctvmp95t0m1467vjh12xdx4xnz00ftbrxf143mxfa6tq51kfzt8pp4nt7hevmbs62t51mh271mdd4abd7f2d7jdwemb51jsjk64q5m2qfp7r1437scatnwyh4y2vx2vg0kas0kcxt2wfcjr1z2p9n57v8c0myt0b6nfyhdfhyr228f88mhxb49ba3q0rzbyszz8h0xjz397y8nb6d1x72b5s0bxe5h2yh0q41t1jtz5mvc3zcgjfkp5prcpdrd46b2rxyamk7qdb8jxmta76thww7xw0akdzc4zjqw4d2b7mrakxcbz3t9vct8t59zbryfwz91x5m31cgnpmncjq6vjd1dtxp8wd9xrxmt8qwwmk6pbc8z7qrzc3gs796dndcnvwg9ce&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLDzea3PuZI7gCp-YxdwP2-an0AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0IR8I2Q-Z8MyTwW55mx7cPUmWcnlZZPirvQUMDTD3tPGUz6_GA1nlmVZiNndbVLlnRurvlzGnDLyNGIHkGwrOEUVzcHVF0fQqQAa6AztGkVKAk4t3PLsQ30ymfpjc-Uiz_zDVEHsqgQ4zeNRbEQIFK4JdOqdFwCB9E_A-Khkbx8VThM6iXK61u4vJpwIwBL0HIB51Y3L3X9C27qsTOvmBOd3BjjESPLZBhI8CgF6xvNNh30tMF2EhfMNz8MCEGlv06JlA3ae079r5ROupdYFDPNxdyaVCmt8txf-WVRQgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3F8qu1S6wIX00PXxQ27p5QNX3tTg%26client%3Dca-pub-1983042674979462%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755403&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714565&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714854&bpp=4&bdt=1451&idt=265&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=5269668770285&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=812375166&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759842%2C44795922&oid=2&pvsid=3930112406842115&tmod=910314556&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzxbdl7zmzy2&fsb=1&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8af31ee98d04f1808aa03e29c89b1b9e12c99a2f1860c58d1b55e27206047c3f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fe84900eca8914c-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:35 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame A5D8 3 KB
1 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755403&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714565&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714854&bpp=4&bdt=1451&idt=265&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=5269668770285&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=812375166&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759842%2C44795922&oid=2&pvsid=3930112406842115&tmod=910314556&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzxbdl7zmzy2&fsb=1&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 21:46:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3151
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 21:46:04 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 85F9 1 KB
643 B 41ms
40ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755403&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714565&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714854&bpp=4&bdt=1451&idt=265&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=5269668770285&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=812375166&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759842%2C44795922&oid=2&pvsid=3930112406842115&tmod=910314556&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzxbdl7zmzy2&fsb=1&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 41076
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 11:13:59 GMT
etag: 48472445140208031
expires: Wed, 30 Aug 2023 11:13:59 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/ Frame A5D8 20 KB
8 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230828/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755403&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714565&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714854&bpp=4&bdt=1451&idt=265&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=5269668770285&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=812375166&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759842%2C44795922&oid=2&pvsid=3930112406842115&tmod=910314556&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzxbdl7zmzy2&fsb=1&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 13:56:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Sep 2023 13:56:07 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A5D8 0
0 50ms
48ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS_HgWxyWzMPvWDbeAsZ3-4WAQJEt847Arg-7eflDV1aa2IhpvCcERTzbxXGPwSQZf1ycwXbwRZYzIDoOKAQUH-u4et1g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755403&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714565&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714854&bpp=4&bdt=1451&idt=265&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=5269668770285&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=812375166&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759842%2C44795922&oid=2&pvsid=3930112406842115&tmod=910314556&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzxbdl7zmzy2&fsb=1&dtd=278
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A5D8 181 KB
56 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755403&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714565&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714854&bpp=4&bdt=1451&idt=265&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=5269668770285&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=812375166&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759842%2C44795922&oid=2&pvsid=3930112406842115&tmod=910314556&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzxbdl7zmzy2&fsb=1&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57780
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1693222425768293"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 22:38:35 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BCF2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEJ9UvU9F-EA9858W_T8HuY4&google_cver=1&google_push=AXcoOmTZyyvyYE9gtN21i1_7HD-Mf5RFImAPZGpgrgixYbkk61EYfbIExxP-68Fk9vnny4fYFpE02fP55OuRj59h...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTZyyvyYE9gtN21i1_7HD-Mf5RFImAPZGpgrgixYbkk61EYfbIExxP-68Fk9vnny4fYFpE02fP55OuRj59hmhf8ASsIu8c

170 B
188 B

45ms
45ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTZyyvyYE9gtN21i1_7HD-Mf5RFImAPZGpgrgixYbkk61EYfbIExxP-68Fk9vnny4fYFpE02fP55OuRj59hmhf8ASsIu8c

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714544&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714786&bpp=3&bdt=1411&idt=291&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=4817295681634&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=1650869316&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31077444%2C44796632&oid=2&pvsid=3439189426482461&tmod=1904511278&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.coj4yux3obvd&fsb=1&dtd=306

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 29 Aug 2023 22:38:35 GMT
Server: MT3 1031 59fd23a master zrh zrh-pixel-x28 config_version:"1524"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTZyyvyYE9gtN21i1_7HD-Mf5RFImAPZGpgrgixYbkk61EYfbIExxP-68Fk9vnny4fYFpE02fP55OuRj59hmhf8ASsIu8c
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 29 Aug 2023 22:38:34 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BCF2
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jmPyxWXSSISeIjPLq6Hy1A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

46ms
46ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jmPyxWXSSISeIjPLq6Hy1A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQd0jyycljAJnyHD9M00Bvxcw_8fLQnHSil0WNV7ZHyyXo8ENjxRBmHLMGAibT8vykVQ1PI0l2Eo4lrDGmpbzs16XAO29s

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714544&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714786&bpp=3&bdt=1411&idt=291&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=4817295681634&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=1650869316&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31077444%2C44796632&oid=2&pvsid=3439189426482461&tmod=1904511278&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.coj4yux3obvd&fsb=1&dtd=306

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jmPyxWXSSISeIjPLq6Hy1A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmQd0jyycljAJnyHD9M00Bvxcw_8fLQnHSil0WNV7ZHyyXo8ENjxRBmHLMGAibT8vykVQ1PI0l2Eo4lrDGmpbzs16XAO29s
date: Tue, 29 Aug 2023 22:38:35 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BCF2
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJ4CXrRdYkK1OhwYuvSeEdw&google_cver=1&google_push=AXcoOmTGjtZzcAj00Y8w0MSuKOHkTz1Wa3Txg8qVcdxnzpiwxre9_wA-CTDQx3UL-W7nMi2G5kN...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExXVzNSOVEtMUQtNUdRNw==&google_push=AXcoOmTGjtZzcAj00Y8w0MSuKOHkTz1Wa3Txg8qVcdxnzpiwxre9_wA-CTDQx3UL-W7nMi2G5kNzZnl4DJwJtUhRGQkW3gu4RCI

170 B
188 B

46ms
45ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExXVzNSOVEtMUQtNUdRNw==&google_push=AXcoOmTGjtZzcAj00Y8w0MSuKOHkTz1Wa3Txg8qVcdxnzpiwxre9_wA-CTDQx3UL-W7nMi2G5kNzZnl4DJwJtUhRGQkW3gu4RCI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714544&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714786&bpp=3&bdt=1411&idt=291&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=4817295681634&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=1650869316&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31077444%2C44796632&oid=2&pvsid=3439189426482461&tmod=1904511278&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.coj4yux3obvd&fsb=1&dtd=306

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExXVzNSOVEtMUQtNUdRNw==&google_push=AXcoOmTGjtZzcAj00Y8w0MSuKOHkTz1Wa3Txg8qVcdxnzpiwxre9_wA-CTDQx3UL-W7nMi2G5kNzZnl4DJwJtUhRGQkW3gu4RCI
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BCF2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDo5i6jFzm1dN3VMu6VrKTs&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDo5i6jFzm1dN3VMu6VrKTs&google_hm=ZO5za30adzWI0I6hG1ja-QAABL8AAAIB&google_nid=index&google_push=AXcoOmQeDFzyvXPKZoXsrN5Qf34uqprR56TgJ...

170 B
188 B

46ms
46ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDo5i6jFzm1dN3VMu6VrKTs&google_hm=ZO5za30adzWI0I6hG1ja-QAABL8AAAIB&google_nid=index&google_push=AXcoOmQeDFzyvXPKZoXsrN5Qf34uqprR56TgJL2-YqxTE2WsgcCDFgMeefGLUNy0i9hUKIrhk-mCQt93aM42CX16T6wrjbN98y0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714544&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714786&bpp=3&bdt=1411&idt=291&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=4817295681634&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=1650869316&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31077444%2C44796632&oid=2&pvsid=3439189426482461&tmod=1904511278&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.coj4yux3obvd&fsb=1&dtd=306

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uWR9jnLLinplG6IL1jDoBKr%2FhTe1GXIPYEjZkTGDSWfcQ5Gvyzjh3LLKMmP5gauK%2FzkZHaQjJ77SKVZmNhbOD1Rehzx6nkDUVsY832MzqKQZ7xphTHUmxGMA9qrmJ%2Fiynq8XCAFp9kHsYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDo5i6jFzm1dN3VMu6VrKTs&google_hm=ZO5za30adzWI0I6hG1ja-QAABL8AAAIB&google_nid=index&google_push=AXcoOmQeDFzyvXPKZoXsrN5Qf34uqprR56TgJL2-YqxTE2WsgcCDFgMeefGLUNy0i9hUKIrhk-mCQt93aM42CX16T6wrjbN98y0
cache-control: no-cache
cf-ray: 7fe84900fbde3608-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BCF2
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEMJpglaX2_mdAEMz0e_bkw0&google_cver=1&google_push=AXcoOmQWcgjQW5_GCeqfq4gb6hB0BwUgfwPcRTJ2YJZORsqdA2OefKDSWA8tctm-JFxruivSQWwzsXvxE8kw...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQWcgjQW5_GCeqfq4gb6hB0BwUgfwPcRTJ2YJZORsqdA2OefKDSWA8tctm-JFxruivSQWwzsXvxE8kwvXAnYnFA9lOlHg

170 B
188 B

45ms
45ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQWcgjQW5_GCeqfq4gb6hB0BwUgfwPcRTJ2YJZORsqdA2OefKDSWA8tctm-JFxruivSQWwzsXvxE8kwvXAnYnFA9lOlHg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714544&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714786&bpp=3&bdt=1411&idt=291&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=4817295681634&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=1650869316&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31077444%2C44796632&oid=2&pvsid=3439189426482461&tmod=1904511278&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.coj4yux3obvd&fsb=1&dtd=306

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQWcgjQW5_GCeqfq4gb6hB0BwUgfwPcRTJ2YJZORsqdA2OefKDSWA8tctm-JFxruivSQWwzsXvxE8kwvXAnYnFA9lOlHg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 ebda
match.360yield.com/match/ Frame BCF2 43 B
199 B 125ms
30ms Image
image/gif 52.50.63.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEE9NlbVu-0MRxNzulZdsnF8&google_cver=1&google_push=AXcoOmT8WRvJvLG1EqPOXnLrVcaOy25iMY6rRDKa8cM-vOUgdKKL_7teYdLcRWzNMLBCB0Kq5M44Sq2PqCDprDT_d3opq4JHJQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714544&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714786&bpp=3&bdt=1411&idt=291&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=4817295681634&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=1650869316&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31077444%2C44796632&oid=2&pvsid=3439189426482461&tmod=1904511278&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.coj4yux3obvd&fsb=1&dtd=306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.50.63.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-50-63-74.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 29 Aug 2023 22:38:35 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame BCF2 43 B
146 B 204ms
8ms Image
image/gif 52.57.100.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEGzWsDGYBrcoQgoz5iVRLDc&google_cver=1&google_push=AXcoOmRxQ4MGs8BD0ZDm2XKakQj533HZJKxnMrvygjpc_SQCGFq-vAJxxZCG1FAsk_2Q5i1eZOF4mBDsiaJ4GOUWDreRXmtvtTSZ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714544&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714786&bpp=3&bdt=1411&idt=291&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=4817295681634&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=1650869316&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31077444%2C44796632&oid=2&pvsid=3439189426482461&tmod=1904511278&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.coj4yux3obvd&fsb=1&dtd=306
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.100.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-100-136.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BCF2 0
12 B 43ms
43ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IZ3y5IdPLDybj6OXn7SUov0bf8gf9ZDy03b7HyO9iWshluQe5_0JiXzG91QfayYlhsronh8w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714544&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714786&bpp=3&bdt=1411&idt=291&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=4817295681634&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=1650869316&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31077444%2C44796632&oid=2&pvsid=3439189426482461&tmod=1904511278&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.coj4yux3obvd&fsb=1&dtd=306

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 6322 114 KB
14 KB 21ms
21ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j4rmgzn4wmb869fz3cz6he081fhztatzqws4m6t53x3qp9gd4px31bcywfhzzay5s1690acftmgwvrhn79495jtwhtka7v2xcb8f6pzwhq1yhmm7medcsxnncscyp0ktnfv6awkcswcz31qy3w307sw6td57z4c88gh136f76vwwnbc46f1c6mfjam2ch20gdqwt5d13y0p5tfpf3zbacbnngcqg41rn4h8snhm0nh6nxft3erfz35p97kzg7ncev7804k02pdax1pz9e1afnq748v9a6d72tw5bjak44qsb001502jvkes4zzbejj6wxq199h8ec9dj06wph5z5ampkw4pvg3w4k446cb2wb6mebbtacbrk5nt6ekdvmgspz8hzfhj6vnjrvwqjttrd1t8qfa6dh4kq7khydj0epq3ms89b1q3m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCX0bza3PuZITiBd_C7_UPiLW40AOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0BhiQUyYHXsMU1j-WWRdHkIrizi_jAgXIJP6xwQ6TQqEd8FX0lbkNoJoqX1lIupWcTnl8aC4T29zqRNpltJzLKXUahpYkk3jRLwdFjjNlYpfYkpyaKUcWo_oUsI8i0Fu5ZNoqtZVZfbpMIqhDAW_UK_Kj8L8-mdchn3eO1B63QKXF89T4qH0hvKHsYHONlCNQkCwxQd6azTjFEjHJ0c8M1EtLWJLGuRLcDyrCPmuR9HOF68EcoOFW0vFkCqm62LVEIxaFvSzXbEZb0idnacdhAIPWsQTyLHvkoKYXpekgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ZnbQiymMXsTJwgcJAxwP0EgBLiQ%26client%3Dca-pub-1983042674979462%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1j4rmgzn4wmb869fz3cz6he081fhztatzqws4m6t53x3qp9gd4px31bcywfhzzay5s1690acftmgwvrhn79495jtwhtka7v2xcb8f6pzwhq1yhmm7medcsxnncscyp0ktnfv6awkcswcz31qy3w307sw6td57z4c88gh136f76vwwnbc46f1c6mfjam2ch20gdqwt5d13y0p5tfpf3zbacbnngcqg41rn4h8snhm0nh6nxft3erfz35p97kzg7ncev7804k02pdax1pz9e1afnq748v9a6d72tw5bjak44qsb001502jvkes4zzbejj6wxq199h8ec9dj06wph5z5ampkw4pvg3w4k446cb2wb6mebbtacbrk5nt6ekdvmgspz8hzfhj6vnjrvwqjttrd1t8qfa6dh4kq7khydj0epq3ms89b1q3m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCX0bza3PuZITiBd_C7_UPiLW40AOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0BhiQUyYHXsMU1j-WWRdHkIrizi_jAgXIJP6xwQ6TQqEd8FX0lbkNoJoqX1lIupWcTnl8aC4T29zqRNpltJzLKXUahpYkk3jRLwdFjjNlYpfYkpyaKUcWo_oUsI8i0Fu5ZNoqtZVZfbpMIqhDAW_UK_Kj8L8-mdchn3eO1B63QKXF89T4qH0hvKHsYHONlCNQkCwxQd6azTjFEjHJ0c8M1EtLWJLGuRLcDyrCPmuR9HOF68EcoOFW0vFkCqm62LVEIxaFvSzXbEZb0idnacdhAIPWsQTyLHvkoKYXpekgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ZnbQiymMXsTJwgcJAxwP0EgBLiQ%26client%3Dca-pub-1983042674979462%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 559525
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxIxHjO9NyUcN9JqZ9U4e2S%2BlTZScMzvK2hfKjHBTr5w99Cgkqtfd6SDBA%2B4LOgRhWtVvXvhVYSwwfDPeZuA1l0VLXhUp8xASGqnfUnKo2BmI7foD79X%2FgPohVglB10nTPPv2qTkrbw%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7fe849012cdc914c-FRA
expires: Tue, 29 Aug 2023 23:38:35 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 6322 25 KB
10 KB 20ms
20ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1j4rmgzn4wmb869fz3cz6he081fhztatzqws4m6t53x3qp9gd4px31bcywfhzzay5s1690acftmgwvrhn79495jtwhtka7v2xcb8f6pzwhq1yhmm7medcsxnncscyp0ktnfv6awkcswcz31qy3w307sw6td57z4c88gh136f76vwwnbc46f1c6mfjam2ch20gdqwt5d13y0p5tfpf3zbacbnngcqg41rn4h8snhm0nh6nxft3erfz35p97kzg7ncev7804k02pdax1pz9e1afnq748v9a6d72tw5bjak44qsb001502jvkes4zzbejj6wxq199h8ec9dj06wph5z5ampkw4pvg3w4k446cb2wb6mebbtacbrk5nt6ekdvmgspz8hzfhj6vnjrvwqjttrd1t8qfa6dh4kq7khydj0epq3ms89b1q3m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCX0bza3PuZITiBd_C7_UPiLW40AOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0BhiQUyYHXsMU1j-WWRdHkIrizi_jAgXIJP6xwQ6TQqEd8FX0lbkNoJoqX1lIupWcTnl8aC4T29zqRNpltJzLKXUahpYkk3jRLwdFjjNlYpfYkpyaKUcWo_oUsI8i0Fu5ZNoqtZVZfbpMIqhDAW_UK_Kj8L8-mdchn3eO1B63QKXF89T4qH0hvKHsYHONlCNQkCwxQd6azTjFEjHJ0c8M1EtLWJLGuRLcDyrCPmuR9HOF68EcoOFW0vFkCqm62LVEIxaFvSzXbEZb0idnacdhAIPWsQTyLHvkoKYXpekgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ZnbQiymMXsTJwgcJAxwP0EgBLiQ%26client%3Dca-pub-1983042674979462%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 22086
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XME6iV%2B%2B9C7UR6GjBNmyeNPrURIYbHs7yJNPyz7OqMzkEh0To5BdhYuwdd%2FvvstxQQ2Csb5wNxtahY5lYCt6fRmOlyH%2BsOva1bWwwoP1BC%2BRLFHMeA4vFltUinOkCVpgcjWullo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7fe849012cde914c-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 29 Aug 2023 16:30:19 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame DCAE 2 KB
1 KB 18ms
17ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 646361
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7fe849012ce0914c-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 29 Aug 2023 22:38:35 GMT
expires: Wed, 09 Aug 2023 01:00:19 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Un6uqnlQ8pY83g4Wr17jN05S7QI2O0SOgEgoPlrwi595C6Z7NBYRysTa1dEo0HYKb8A3nc64dOGEEns7GlQeI29%2FflsIzw5QChbvmDIKSydk8zL3t38%2FYxcxPJ51pH2Djf5a80s%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EF57 0
0 70ms
69ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230828&jk=3629789203006036&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame D60F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcdf6025d6bcac09db1f1eadd9e358c76436bb294df0b7d7f1263c865af74ffe

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame ED0D 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0ZXBsw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 5616 114 KB
14 KB 23ms
22ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gavbacjakkvr7pafnbr78zwpjeda4b1x0hgbscc87rfkctvmp95t0m1467vjh12xdx4xnz00ftbrxf143mxfa6tq51kfzt8pp4nt7hevmbs62t51mh271mdd4abd7f2d7jdwemb51jsjk64q5m2qfp7r1437scatnwyh4y2vx2vg0kas0kcxt2wfcjr1z2p9n57v8c0myt0b6nfyhdfhyr228f88mhxb49ba3q0rzbyszz8h0xjz397y8nb6d1x72b5s0bxe5h2yh0q41t1jtz5mvc3zcgjfkp5prcpdrd46b2rxyamk7qdb8jxmta76thww7xw0akdzc4zjqw4d2b7mrakxcbz3t9vct8t59zbryfwz91x5m31cgnpmncjq6vjd1dtxp8wd9xrxmt8qwwmk6pbc8z7qrzc3gs796dndcnvwg9ce&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLDzea3PuZI7gCp-YxdwP2-an0AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0IR8I2Q-Z8MyTwW55mx7cPUmWcnlZZPirvQUMDTD3tPGUz6_GA1nlmVZiNndbVLlnRurvlzGnDLyNGIHkGwrOEUVzcHVF0fQqQAa6AztGkVKAk4t3PLsQ30ymfpjc-Uiz_zDVEHsqgQ4zeNRbEQIFK4JdOqdFwCB9E_A-Khkbx8VThM6iXK61u4vJpwIwBL0HIB51Y3L3X9C27qsTOvmBOd3BjjESPLZBhI8CgF6xvNNh30tMF2EhfMNz8MCEGlv06JlA3ae079r5ROupdYFDPNxdyaVCmt8txf-WVRQgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3F8qu1S6wIX00PXxQ27p5QNX3tTg%26client%3Dca-pub-1983042674979462%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1gavbacjakkvr7pafnbr78zwpjeda4b1x0hgbscc87rfkctvmp95t0m1467vjh12xdx4xnz00ftbrxf143mxfa6tq51kfzt8pp4nt7hevmbs62t51mh271mdd4abd7f2d7jdwemb51jsjk64q5m2qfp7r1437scatnwyh4y2vx2vg0kas0kcxt2wfcjr1z2p9n57v8c0myt0b6nfyhdfhyr228f88mhxb49ba3q0rzbyszz8h0xjz397y8nb6d1x72b5s0bxe5h2yh0q41t1jtz5mvc3zcgjfkp5prcpdrd46b2rxyamk7qdb8jxmta76thww7xw0akdzc4zjqw4d2b7mrakxcbz3t9vct8t59zbryfwz91x5m31cgnpmncjq6vjd1dtxp8wd9xrxmt8qwwmk6pbc8z7qrzc3gs796dndcnvwg9ce&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLDzea3PuZI7gCp-YxdwP2-an0AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0IR8I2Q-Z8MyTwW55mx7cPUmWcnlZZPirvQUMDTD3tPGUz6_GA1nlmVZiNndbVLlnRurvlzGnDLyNGIHkGwrOEUVzcHVF0fQqQAa6AztGkVKAk4t3PLsQ30ymfpjc-Uiz_zDVEHsqgQ4zeNRbEQIFK4JdOqdFwCB9E_A-Khkbx8VThM6iXK61u4vJpwIwBL0HIB51Y3L3X9C27qsTOvmBOd3BjjESPLZBhI8CgF6xvNNh30tMF2EhfMNz8MCEGlv06JlA3ae079r5ROupdYFDPNxdyaVCmt8txf-WVRQgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3F8qu1S6wIX00PXxQ27p5QNX3tTg%26client%3Dca-pub-1983042674979462%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 559525
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e9fjFsapKTu7M2pO8yKZ5z7oUkqeF0%2BxexmpIgi%2FUWXFy1P%2BD9m6LMUDYByUfbz0DR24bztMC60xlnA3WtST%2FLI2aYBImnM7Pw4%2FXqMArPuXjv776ToDw6g3%2BEDtmo45IVe6rmCGLVE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7fe849019d3f914c-FRA
expires: Tue, 29 Aug 2023 23:38:35 GMT

GET
H3 200 r62eglto.js Show response
ad4m.at/ Frame 5616 25 KB
10 KB 19ms
18ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gavbacjakkvr7pafnbr78zwpjeda4b1x0hgbscc87rfkctvmp95t0m1467vjh12xdx4xnz00ftbrxf143mxfa6tq51kfzt8pp4nt7hevmbs62t51mh271mdd4abd7f2d7jdwemb51jsjk64q5m2qfp7r1437scatnwyh4y2vx2vg0kas0kcxt2wfcjr1z2p9n57v8c0myt0b6nfyhdfhyr228f88mhxb49ba3q0rzbyszz8h0xjz397y8nb6d1x72b5s0bxe5h2yh0q41t1jtz5mvc3zcgjfkp5prcpdrd46b2rxyamk7qdb8jxmta76thww7xw0akdzc4zjqw4d2b7mrakxcbz3t9vct8t59zbryfwz91x5m31cgnpmncjq6vjd1dtxp8wd9xrxmt8qwwmk6pbc8z7qrzc3gs796dndcnvwg9ce&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLDzea3PuZI7gCp-YxdwP2-an0AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0IR8I2Q-Z8MyTwW55mx7cPUmWcnlZZPirvQUMDTD3tPGUz6_GA1nlmVZiNndbVLlnRurvlzGnDLyNGIHkGwrOEUVzcHVF0fQqQAa6AztGkVKAk4t3PLsQ30ymfpjc-Uiz_zDVEHsqgQ4zeNRbEQIFK4JdOqdFwCB9E_A-Khkbx8VThM6iXK61u4vJpwIwBL0HIB51Y3L3X9C27qsTOvmBOd3BjjESPLZBhI8CgF6xvNNh30tMF2EhfMNz8MCEGlv06JlA3ae079r5ROupdYFDPNxdyaVCmt8txf-WVRQgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3F8qu1S6wIX00PXxQ27p5QNX3tTg%26client%3Dca-pub-1983042674979462%26adurl%3D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 11 Jul 2023 16:29:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 22086
etag: W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ODe7sWI6HNXwuWMo%2BpgaY8xxE8J0HyScPw2NrXi21tJxzkS9dKyhPOc1P0vjWf8%2BQJJDk7Zh2fdxy6vBbIyzV%2FcvaPcXb6UIhdhV1qKM%2F4XFevxIzvTCqgv3LQpHTL4g2XQ2yfo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 7fe849019d40914c-FRA
alt-svc: h3=":443"; ma=86400
expires: Tue, 29 Aug 2023 16:30:19 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 033D 3 KB
3 KB 22ms
21ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 721
x-guploader-uploadid: ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jykZxK1PqgEaxgr3rRPlCaAE%2BK1J44sj622w708gfIjPV7i7qgvL18kEtTOhSYndo2%2FgU5FOkVDGgw2myiWXm%2FIdUWT18egEDHfA5f%2BBNflmY2gLFCOmD5Nq%2ByCilQE0wZ4qcGHIfGHOallFHB4wm1Xx"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7fe84901ac749064-FRA
expires: Tue, 29 Aug 2023 23:26:34 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 346C
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEH4pOds-qWOQr8q1oOgL7cA&google_cver=1&google_push=AXcoOmT8U-Auqz75p1yTzWkSNmiBbLWgGusdslgcoOewUun3Tk1lzlT1ut-p2s0IKFBJIUITECkpXkSkA--...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT8U-Auqz75p1yTzWkSNmiBbLWgGusdslgcoOewUun3Tk1lzlT1ut-p2s0IKFBJIUITECkpXkSkA--U5uUEfNch_bAAf9RCYw&google_hm=t7s2po5uSxSAZje5MN...

170 B
188 B

46ms
46ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT8U-Auqz75p1yTzWkSNmiBbLWgGusdslgcoOewUun3Tk1lzlT1ut-p2s0IKFBJIUITECkpXkSkA--U5uUEfNch_bAAf9RCYw&google_hm=t7s2po5uSxSAZje5MNjfUsE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714545&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714829&bpp=4&bdt=1442&idt=220&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7303162312974&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=549433589&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C31077318%2C31077324%2C31077369%2C42531706&oid=2&pvsid=3629789203006036&tmod=1107824513&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.d2av7eahhq6n&fsb=1&dtd=237

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmT8U-Auqz75p1yTzWkSNmiBbLWgGusdslgcoOewUun3Tk1lzlT1ut-p2s0IKFBJIUITECkpXkSkA--U5uUEfNch_bAAf9RCYw&google_hm=t7s2po5uSxSAZje5MNjfUsE
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 346C 43 B
245 B 61ms
18ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEBEetxjND7rU0W0PcuLMOpg&google_cver=1&google_push=AXcoOmQA43b2c1E8CQ9pwC_fIw_02iJQxTiEEBq6h7wGLIOQp5UMJtqSW5CgBD3bjjWpTLLzmjfPJd7j_1gKyJeSQiCl_pBKCB9_PA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714545&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714829&bpp=4&bdt=1442&idt=220&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7303162312974&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=549433589&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C31077318%2C31077324%2C31077369%2C42531706&oid=2&pvsid=3629789203006036&tmod=1107824513&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.d2av7eahhq6n&fsb=1&dtd=237
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 346C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDEscbfENiE1ONooRS7z1FQ&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDEscbfENiE1ONooRS7z1FQ&google_hm=ZO5za30adzWI0I6hG1ja-QAABL8AAAIB&google_nid=index&google_push=AXcoOmSSLcuD91mtnQxsJ4TZ7CVXD1wzpydir...

170 B
188 B

46ms
46ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDEscbfENiE1ONooRS7z1FQ&google_hm=ZO5za30adzWI0I6hG1ja-QAABL8AAAIB&google_nid=index&google_push=AXcoOmSSLcuD91mtnQxsJ4TZ7CVXD1wzpydir6Whb06bN0U5H0S0woq4MeSLjnfY4QdkRb3f81IaEPLdWyUs0-jVycIbFHHDJXAr

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714545&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714829&bpp=4&bdt=1442&idt=220&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7303162312974&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=549433589&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C31077318%2C31077324%2C31077369%2C42531706&oid=2&pvsid=3629789203006036&tmod=1107824513&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.d2av7eahhq6n&fsb=1&dtd=237

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EB4%2Fr%2BvCvl4DfV6jh6A9Uc8dCui8ptwglqT5yLsl6sTe5EuECZBMT6ADkitcd1JTtBgS1AF0Hz0jaDBmezC30nty205EZovprwd6gdR4aSFqL5eJkls5xA%2B58iEU2IVk9sEAk6P8uCj5Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEDEscbfENiE1ONooRS7z1FQ&google_hm=ZO5za30adzWI0I6hG1ja-QAABL8AAAIB&google_nid=index&google_push=AXcoOmSSLcuD91mtnQxsJ4TZ7CVXD1wzpydir6Whb06bN0U5H0S0woq4MeSLjnfY4QdkRb3f81IaEPLdWyUs0-jVycIbFHHDJXAr
cache-control: no-cache
cf-ray: 7fe84901cca03608-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 346C
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDXzJvGvY6DSSpd84VQ9Z5Y&google_cver=1&google_push=AXcoOmT7XRdvNtb0ARsrTIuKbr1AfSts7woiBcYruXXPqYynNViY6CvI_56MOXaIp4S3Q5s4_jcyBoqxTY8iSmC6B...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT7XRdvNtb0ARsrTIuKbr1AfSts7woiBcYruXXPqYynNViY6CvI_56MOXaIp4S3Q5s4_jcyBoqxTY8iSmC6BRkfea5Hg1MM4Q&google_hm=HO_OpGZHCwEuDwomSOqE...

170 B
188 B

46ms
45ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT7XRdvNtb0ARsrTIuKbr1AfSts7woiBcYruXXPqYynNViY6CvI_56MOXaIp4S3Q5s4_jcyBoqxTY8iSmC6BRkfea5Hg1MM4Q&google_hm=HO_OpGZHCwEuDwomSOqE4Pnj

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714545&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714829&bpp=4&bdt=1442&idt=220&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7303162312974&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=549433589&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C31077318%2C31077324%2C31077369%2C42531706&oid=2&pvsid=3629789203006036&tmod=1107824513&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.d2av7eahhq6n&fsb=1&dtd=237

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 29 Aug 2023 22:38:35 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmT7XRdvNtb0ARsrTIuKbr1AfSts7woiBcYruXXPqYynNViY6CvI_56MOXaIp4S3Q5s4_jcyBoqxTY8iSmC6BRkfea5Hg1MM4Q&google_hm=HO_OpGZHCwEuDwomSOqE4Pnj
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 346C
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEF43OVVtVXXYzjhdr0ypteQ&google_cver=1&google_push=AXcoOmSqOz6ArdJwps4rOuYBcKKXCv6DZ9MuKSQ0fIKP2z5yaZZJ-38rGLbhXEBqj4BPZW9dvr4o9zJ729oDDJg7...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=1&gdpr_consent=&google_push=AXcoOmSqOz6ArdJwps4rOuYBcKKXCv6DZ9MuKSQ0fIKP2z5yaZZJ-38rGLbhXEBqj4BPZW9dvr4o9zJ729oDDJg7EPih7ywduD9-

170 B
188 B

45ms
45ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=1&gdpr_consent=&google_push=AXcoOmSqOz6ArdJwps4rOuYBcKKXCv6DZ9MuKSQ0fIKP2z5yaZZJ-38rGLbhXEBqj4BPZW9dvr4o9zJ729oDDJg7EPih7ywduD9-

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714545&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714829&bpp=4&bdt=1442&idt=220&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7303162312974&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=549433589&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C31077318%2C31077324%2C31077369%2C42531706&oid=2&pvsid=3629789203006036&tmod=1107824513&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.d2av7eahhq6n&fsb=1&dtd=237

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 29 Aug 2023 22:38:35 GMT
via: 1.1 f891d17fa862cc74a05434e03fa58dca.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&gdpr=1&gdpr_consent=&google_push=AXcoOmSqOz6ArdJwps4rOuYBcKKXCv6DZ9MuKSQ0fIKP2z5yaZZJ-38rGLbhXEBqj4BPZW9dvr4o9zJ729oDDJg7EPih7ywduD9-
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: kRPl4AdgyP36iTk1ZO157JBxpwiZpzk7pO-ylllQnoxSSGjCuI4mkg==

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 346C 0
44 B 163ms
18ms Image
text/plain 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEOiVNRUmwHddK_q7vV54G20&google_cver=1&google_push=AXcoOmT2K1r7_lCqK-g3ig_BCXn3ejbhbxX3W1cD-c9iUR7YTbcvlnruYqh2FAbvAN9Jct7GUAgLHkr3hcpHpJvGlqPqSJJ3DmAM
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714545&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714829&bpp=4&bdt=1442&idt=220&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7303162312974&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=549433589&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C31077318%2C31077324%2C31077369%2C42531706&oid=2&pvsid=3629789203006036&tmod=1107824513&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.d2av7eahhq6n&fsb=1&dtd=237
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-length: 0

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 346C 43 B
145 B 73ms
8ms Image
image/gif 52.57.100.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEGKobjdzoWoacuR7Pk62yO0&google_cver=1&google_push=AXcoOmS_v5vPSQMe53y5sJbwYUuBTMXlBrRVYjeP6I2PjYsoTz58Fy-IawPnpdBi85RedciluhegW_4z70jFbdJpI0CP_ECxa2bJH8M
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714545&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714829&bpp=4&bdt=1442&idt=220&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7303162312974&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=549433589&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C31077318%2C31077324%2C31077369%2C42531706&oid=2&pvsid=3629789203006036&tmod=1107824513&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.d2av7eahhq6n&fsb=1&dtd=237
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.100.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-100-136.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 346C 0
12 B 44ms
43ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LGos_MToCcHZA1YeT_d08PACMsDzYDhrYVZiy3Q8bX9GTCmNh4y2DEbP-BKUfOOGXJqKjIEg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714545&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714829&bpp=4&bdt=1442&idt=220&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7303162312974&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=549433589&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C31077318%2C31077324%2C31077369%2C42531706&oid=2&pvsid=3629789203006036&tmod=1107824513&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.d2av7eahhq6n&fsb=1&dtd=237

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 040E 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31d2f53435546ca87cf708c1fc720332bd198252986678d8c1c5cd6077e9df6c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6EDF 0
0 70ms
70ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230828&jk=3439189426482461&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js Show response
pagead2.googlesyndication.com/bg/ Frame C6FE 37 KB
14 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:31:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14626
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 16:31:55 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 99E1 0
19 B 81ms
81ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTUAlanPuZI2tOb2rxdwPp6ynwAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3AFP0EmmIu_lqMqk0Iusz65i75rrDA2axZMeQv4e3qdPQ2GT4rS-Kd92jenSmaiiVnsXHDxdBa4m_0mSDVun61noCjNTwOcRLkp5kMly3lA4HuhBP2VnJwjJ3D6lGYezxrmGX3QO8LJD2p73ICDyigbqjjAyh-AsxMGLvoCUnGJVr2Dj4UElgVybUaRaZ_zHun3G0ba9TSUEBqy_2CSS7hb65x7mUSQ3uUyZs5cRj2dbHoDCly4ru0Sjjs-Ou_zFSz3t054USiy_cfhF6gEY5TZ1BgghxFB2L4mg-f4EgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTk4MzA0MjY3NDk3OTQ2MhiGuiQ&sigh=rtMZBngaNQY&uach_m=[UACH]&cid=CAQSPABpAlJWz94ePZf2HgDDyfQvK8mjL1I8Lda3VVakYVpZEoezOiBbU5FA04Ay-AbRvp-8O4b46RMwaoDGXRgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755400&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714473&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714638&bpp=3&bdt=1271&idt=240&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7491394414690&rume=1&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=1245674851&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077323%2C42531706%2C31076998%2C31061691%2C31061692&oid=2&pvsid=2345678649997198&tmod=867716125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kpazsdq18uxg&fsb=1&dtd=258
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 29 Aug 2023 22:38:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 99E1 0
103 B 68ms
21ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j0qd1z8aw09bzc1n0sdxydxgnvtamx4xkakvv7tvh3y43vb3xrr9pe4jgd5fg5yq4cwx9z5zybxhch475f0dgyc8bmr187q17y6n1cr8jz8tgc24w8f22yf6cdrd9acbfh2kdsamkbn70v96t2p86t21de93skq65gmamfzqsm17n545cksvp3e3zsh9bhwdga45prtd062ffktjz8cq4wyjjq903nkjaeahsz1nkchjchvn86y6vj982cax89bm9t98w1p9bvt1tshbehycbkh3rec6kxrrtvk64g4vvh3y78e74wykdp8ayaqhvbhzkt0b48y3t374h5g55s93yzj197qmnk5tccbyyjhe7a13ksgc0pgcpe0qzbyfe7rh5zps0mtm0&b=ZO5zagAOVo0FkVW9AAnWJzX6AgxtG-bIRgrsAQ&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755400&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714473&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714638&bpp=3&bdt=1271&idt=240&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7491394414690&rume=1&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=1245674851&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31077323%2C42531706%2C31076998%2C31061691%2C31061692&oid=2&pvsid=2345678649997198&tmod=867716125&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.kpazsdq18uxg&fsb=1&dtd=258
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 29 Aug 2023 22:38:35 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CE1E 0
0 69ms
69ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230828&jk=3930112406842115&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 200 frame.html Show response
ad4m.at/ Frame B4F3 2 KB
1 KB 20ms
20ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 646361
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7fe849025de9914c-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 29 Aug 2023 22:38:35 GMT
expires: Wed, 09 Aug 2023 01:00:19 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zVBWzZAyIXxGjUFtmYPaEFKoxBktvkNnYY9CsYWBKuGKDU2D9Xk0Ego7GHjeAjlnprCQavlFVVP6AdggqXts6hiDlRVY7AKRo2EwF5vLZGUX8d4IDTdDEVz1valzl9ErGDQWmk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 sync
x.bidswitch.net/ Frame 85F9 43 B
145 B 11ms
9ms Image
image/gif 52.57.100.136
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEPMcm7okKtI6AStRDcAUDBA&google_cver=1&google_push=AXcoOmRUDDGMArhKo8EG4nsQIjhbHWSZZEO7RvxIZlnmG0oSp2zjMhom6uN5u3V6m-DCEQMABcQ90NGHqixJrV-t_HGAcaVvD7aD
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755403&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714565&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714854&bpp=4&bdt=1451&idt=265&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=5269668770285&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=812375166&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759842%2C44795922&oid=2&pvsid=3930112406842115&tmod=910314556&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzxbdl7zmzy2&fsb=1&dtd=278
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.100.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-100-136.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 dds
rtb.openx.net/sync/ Frame 85F9 43 B
103 B 20ms
18ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEKoqykYJhA1edZ4Fa4NxNTU&google_cver=1&google_push=AXcoOmTwQbzJc9JfkauFwU2h29XE-16xQOePjXHE9bb6ADuPT3dpZlwsp_0wmwwFcPjWQdP_3LGJ7f2IuToT5BPFhF2C3YdBsvE
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755403&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714565&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714854&bpp=4&bdt=1451&idt=265&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=5269668770285&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=812375166&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759842%2C44795922&oid=2&pvsid=3930112406842115&tmod=910314556&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzxbdl7zmzy2&fsb=1&dtd=278
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 85F9
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jmPyxWXSSISeIjPLq6Hy1A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

47ms
47ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jmPyxWXSSISeIjPLq6Hy1A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmS8149BVggWPh8groS61IIy_Qgcnba5XlEsZlk1LV8xgW5HEm1ivKD6lN3ATQjReJV1LZQ6cMQ9IdK6dfL50PxjWdZPCF8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755403&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714565&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714854&bpp=4&bdt=1451&idt=265&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=5269668770285&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=812375166&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759842%2C44795922&oid=2&pvsid=3930112406842115&tmod=910314556&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzxbdl7zmzy2&fsb=1&dtd=278

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=jmPyxWXSSISeIjPLq6Hy1A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmS8149BVggWPh8groS61IIy_Qgcnba5XlEsZlk1LV8xgW5HEm1ivKD6lN3ATQjReJV1LZQ6cMQ9IdK6dfL50PxjWdZPCF8
date: Tue, 29 Aug 2023 22:38:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 85F9
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEGS3_6ka_qDmculj-T6qnyE&google_cver=1&google_push=AXcoOmTy6_HPDHsKFoGxR3dkpXWa5ysIQSQayWBNnp41dlwl6Ldjeh-cmetdmvLTdc-KcPVQms_GmX08IXhQTCNk6...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTy6_HPDHsKFoGxR3dkpXWa5ysIQSQayWBNnp41dlwl6Ldjeh-cmetdmvLTdc-KcPVQms_GmX08IXhQTCNk6V5mP61I_0Pn&google_hm=HO_OpGZHCwEuDwomSOqE4Pnj

170 B
188 B

45ms
45ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTy6_HPDHsKFoGxR3dkpXWa5ysIQSQayWBNnp41dlwl6Ldjeh-cmetdmvLTdc-KcPVQms_GmX08IXhQTCNk6V5mP61I_0Pn&google_hm=HO_OpGZHCwEuDwomSOqE4Pnj

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755403&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714565&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714854&bpp=4&bdt=1451&idt=265&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=5269668770285&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=812375166&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759842%2C44795922&oid=2&pvsid=3930112406842115&tmod=910314556&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzxbdl7zmzy2&fsb=1&dtd=278

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 29 Aug 2023 22:38:35 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmTy6_HPDHsKFoGxR3dkpXWa5ysIQSQayWBNnp41dlwl6Ldjeh-cmetdmvLTdc-KcPVQms_GmX08IXhQTCNk6V5mP61I_0Pn&google_hm=HO_OpGZHCwEuDwomSOqE4Pnj
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 85F9
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJua-_KjBtpA90hDoxRX9w8&google_cver=1&google_push=AXcoOmSeLmgCDjghW0CJfrEShMT0rtcHLGWH9xeWkamQZybXKXI6L0GXggmObHfPLnvOIaP3Dzy-sZaLizrZ...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSeLmgCDjghW0CJfrEShMT0rtcHLGWH9xeWkamQZybXKXI6L0GXggmObHfPLnvOIaP3Dzy-sZaLizrZ4HvCpR_7jyYur8fc

170 B
188 B

45ms
45ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSeLmgCDjghW0CJfrEShMT0rtcHLGWH9xeWkamQZybXKXI6L0GXggmObHfPLnvOIaP3Dzy-sZaLizrZ4HvCpR_7jyYur8fc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755403&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714565&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714854&bpp=4&bdt=1451&idt=265&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=5269668770285&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=812375166&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759842%2C44795922&oid=2&pvsid=3930112406842115&tmod=910314556&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzxbdl7zmzy2&fsb=1&dtd=278

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSeLmgCDjghW0CJfrEShMT0rtcHLGWH9xeWkamQZybXKXI6L0GXggmObHfPLnvOIaP3Dzy-sZaLizrZ4HvCpR_7jyYur8fc
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 85F9 0
45 B 60ms
18ms Image
text/plain 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEKlUBiRbrDAO1SzAZyVeHkI&google_cver=1&google_push=AXcoOmTgveewTTHUsTTMJZDhTo7OZWF7qux5bup2_ZU5yJ7UFDf-8chBkH114OyPjuLoHCuRHWj4FOCshy3Th3mWi-UGmZJFW8U
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755403&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714565&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714854&bpp=4&bdt=1451&idt=265&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=5269668770285&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=812375166&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759842%2C44795922&oid=2&pvsid=3930112406842115&tmod=910314556&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzxbdl7zmzy2&fsb=1&dtd=278
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
content-length: 0

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58281/ Frame 85F9 0
15 B 11ms
10ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECNK2tEWt5YFAlXktF589eo&google_cver=1&google_push=AXcoOmRG1cPHz33CggPVOQZJE93iPfh8vmL6zq3d0yZf3gRwEhngJsODWRTHRtUQEdEbfWbPmXfVJmp7qj-4MSe1HGA5pl4JW8M1HQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755403&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714565&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714854&bpp=4&bdt=1451&idt=265&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=5269668770285&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=812375166&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759842%2C44795922&oid=2&pvsid=3930112406842115&tmod=910314556&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzxbdl7zmzy2&fsb=1&dtd=278

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 85F9 0
12 B 44ms
43ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LtnJyx2LwRe2Ja7SV87LPUavXvSa6nYaC43_7IOnW8BDTETHBtas3XqXQL3-oCG949jS_-Fg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755403&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714565&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714854&bpp=4&bdt=1451&idt=265&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=5269668770285&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=812375166&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759842%2C44795922&oid=2&pvsid=3930112406842115&tmod=910314556&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzxbdl7zmzy2&fsb=1&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AEF6 0
19 B 81ms
80ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_POla3PuZKv3AsG_iQbP24zAApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAkMw1AwpOrI-qAMByAMCqgTcAU_QreRdUiG4UX9FwAmI4A_RG-MbbhpRZLhys7Pv6qpbnA-opQN7hCcEXndNf1ZdWkZzMuREBcEToOsbma4OaqeD4JbbcY6iYRYw96i1FlvFLLG_zLQFE4KgBuhAUIdIOtZ_D_BVsdpupE-pRzY3FuGFcdlUBm909ehPLB9bf5BIFBySrbSTDThHCH67f2SSKlJpgrg34nn56AFKiruVks7_qo0XnXTDF80qTSvzvbS1PBWZEhuVNPN9BytAntwhFSjr6y9WZsTFJmbCVXCAJKDrsKf1tKkbHLMTOP2ABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xOTgzMDQyNjc0OTc5NDYyGIa6JA&sigh=QWJm9AIzYxo&uach_m=[UACH]&cid=CAQSKQBpAlJWvftfdKCv1XNiT0sB4EwNf6QY2v3L7wzp8KK7CpLmyzjje-QlGAE&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714542&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714768&bpp=4&bdt=1394&idt=224&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7010718715925&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=246262387&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077323%2C31077369%2C31077371%2C31077488%2C44795922%2C31077451&oid=2&pvsid=3972637629488550&tmod=1229654141&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6kvmdq7en2vx&fsb=1&dtd=237

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714542&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714768&bpp=4&bdt=1394&idt=224&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7010718715925&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=246262387&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077323%2C31077369%2C31077371%2C31077488%2C44795922%2C31077451&oid=2&pvsid=3972637629488550&tmod=1229654141&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6kvmdq7en2vx&fsb=1&dtd=237
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 29 Aug 2023 22:38:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame AEF6 0
39 B 37ms
21ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1je1qtdne5g5dmys3pyhgs11xa4z2sprn2ses6yacccres3ab1ajvh9ptc83mnr7wng4bwaem743g78wh3tdrhfypsc7qfsrh7z56m79ztms5aq0nwgdyafjvkqvxw1qphhgg64mzxny6kpg5vcnhpjh7cyjvnwt3v2114bra5bbbma81j211rxpy33rdzvved81xg8a033fqwxj99bmfjmw67bhe3k89wpht81tajg9mscnqz8bx95jqfe6pn0880nhqef5wf6rhyx92qmzbf4anar5ce3yx8kxb6cf2kg1v73f2e88tnkrff5e3ywhv3qym9729hahwsawgbh15n8xbmaxhhetyxrapm0hv2vpbbvbfwt5qhvj9v6nvvmjjj5kkbv9cg&b=ZO5zawAAu6sKwl_BAAMtzyAu2PYf_SYJwDkJsA&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755401&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714542&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714768&bpp=4&bdt=1394&idt=224&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7010718715925&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=246262387&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C31077318%2C31077323%2C31077369%2C31077371%2C31077488%2C44795922%2C31077451&oid=2&pvsid=3972637629488550&tmod=1229654141&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.6kvmdq7en2vx&fsb=1&dtd=237
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 29 Aug 2023 22:38:35 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js Show response
pagead2.googlesyndication.com/bg/ Frame 19E8 37 KB
14 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:31:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14626
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 16:31:55 GMT

GET
DATA 200
OK truncated
/ Frame A5D8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dda217d7f8a0cfb768ad013a4d67aef679efc905a8cd70f624d5a6a113355c29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 6322 3 KB
4 KB 25ms
25ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2029
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dy2sNNVxBjZ%2FBzITVbadcRICIpCD6v9jwOjJYYV9qJtfP8MlIB2lzUAkpnLV3NlTmfeD65RrpXIP0s%2FJzqF82ZNTM1uZERIzgK%2F0lpd2n3gjE%2BCZkj0%2Bb3aS0Y%2B1qpo0QjeX0iWl0lCpXQQuTMboZPGP"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7fe84902b87b6916-FRA
expires: Tue, 29 Aug 2023 22:26:33 GMT

GET
H3 200 F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js Show response
pagead2.googlesyndication.com/bg/ Frame 6DCA 37 KB
14 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F8SkcvzQj7M3-2pXT2CJHOka8GJR2_XQE30kFDFsEbE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:31:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14626
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 28 Aug 2024 16:31:55 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 8D2C 2 KB
1 KB 23ms
22ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 646361
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7fe84902ee71914c-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 29 Aug 2023 22:38:35 GMT
expires: Wed, 09 Aug 2023 01:00:19 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wH6%2B%2FkNUD7GdcZmhc4npQXboPlSS63UwBJW612BxUlwIKS7ijSVbQ5WSFdHuDOOBx2xVWkUcsv0kSMgKe2HVo7h9leLlauyRo8Tk%2BJdh6al24Liix7SWav98vXoiCO34f9GNtXA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 5616 3 KB
4 KB 23ms
23ms Image
image/png 2606:4700:20::ac43:444e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2029
x-guploader-uploadid: ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zCa8TzmrnAEyHibdXUOUpxXOxOfFxitA9zqtD0QRwg8sAOzH9mEhYfQb1IQu8Hoq4tfN7Sj%2B82YP0d8ntesG79sToPPnCiNHgCEd5TTPYmqgw5N4MIszHbPlj5gnWzuvHKN330ezAB0VNdQXuoYUb5dk"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 7fe84902e8946916-FRA
expires: Tue, 29 Aug 2023 22:26:33 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D60F 0
19 B 81ms
81ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CskDCa3PuZPWpCNWI-cAP2vCToAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE2wFP0DQmdCM2ZUlm2ERh7WYrD7lgiE3OYwNXyi41h9cd3E2pMTiYysBTo3i_pv0g92bNIAF5owKZsdnoYlohKlYGNDTl6GjZRM1n3En3VutujhibdwkCz8RdEtIwIzbXwhmETNM1BoPV6TJzZ5cK4w9FhTE8Mkvj0mwn5ljgFxwCdrzWYEjyqSzag6tnxmMVhoDpueNhwhsxNbZsCfQWIT8Q183748XqpU2h5hGqrYCq2dO1AE8ehqnsAWzcppHmdw8R6zENjb0KLfMkjNhmQD3jzy397BoUn0vMDeiABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0xOTgzMDQyNjc0OTc5NDYyGIa6JA&sigh=Oswdk07mywY&uach_m=[UACH]&cid=CAQSPABpAlJWAUV7NStCVyjNA0s-VKnZIIn77NdDQu9Y6AU2F_LdFfMRXKJN6-jR2no8ALH1tML6DYy7jlFzuBgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714544&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714786&bpp=3&bdt=1411&idt=291&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=4817295681634&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=1650869316&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31077444%2C44796632&oid=2&pvsid=3439189426482461&tmod=1904511278&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.coj4yux3obvd&fsb=1&dtd=306

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714544&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714786&bpp=3&bdt=1411&idt=291&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=4817295681634&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=1650869316&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31077444%2C44796632&oid=2&pvsid=3439189426482461&tmod=1904511278&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.coj4yux3obvd&fsb=1&dtd=306
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 29 Aug 2023 22:38:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame D60F 0
39 B 22ms
21ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1g8vba6qn3yjdgdggcf7j1c6j5qws2wgyb3h0r62pe1wkzjanjqj7wdrcyx0yaqynrth1a9dvw6xk80h86repnce6227eyvhppdtjaeczm0t458ckcjs76wq2mrd989cjctdzkdyfv727qracbps5y1by1ky0bbhs6npzhm53sgjsxqxctncrdp6eqj9tfp44bcej6erkyysrbjq398wah5keh7v6ym3ms1h7tt9nd5fxhy569fhmmbf4zh8cc3856stmym3hhzzvfzx05p1se2xcv27a3pz1fg55d4mja73xbn1xp06vhsnqmktmrk3jywcyv12mxe30x9xyccbhvnwc0n22vffznsfncwh8b4t4fey5r66pvh1nmndcpmky43c8b28hr&b=ZO5zawACFPUCHkRVAAT4Wj8yw3mOmEuAnPH4Vw&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714544&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714786&bpp=3&bdt=1411&idt=291&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=4817295681634&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=1650869316&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759842%2C44759876%2C31077444%2C44796632&oid=2&pvsid=3439189426482461&tmod=1904511278&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.coj4yux3obvd&fsb=1&dtd=306
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 29 Aug 2023 22:38:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H3 200 frame.html Show response
ad4m.at/ Frame 9691 2 KB
1 KB 17ms
16ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 646362
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 7fe849031e9f914c-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 29 Aug 2023 22:38:36 GMT
expires: Wed, 09 Aug 2023 01:00:19 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7prrG8xlEFA97bydjfq9GbVEcAhbOwo04HAyL7hWM9RmUozChctQ08ZabDI8%2BTxJVa9hlTsnHofwOLF5SOUs5AaNXem9ia8%2BJmQHdsqWrAcK3qJHHKwfqKKprcoALSckdC495U%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 99E1 63 KB
23 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e883a277132916576be85df21d216a2689dbc586d66ab57c479fcc0e155612ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 21:57:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2447
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23941
x-xss-protection: 0
server: cafe
etag: 17328101047726939799
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 29 Aug 2023 22:57:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 040E 0
19 B 83ms
83ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CqAkaa3PuZITiBd_C7_UPiLW40AOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3AFP0BhiQUyYHXsMU1j-WWRdHkIrizi_jAgXIJP6xwQ6TQqEd8FX0lbkNoJoqX1lIupWcTnl8aC4T29zqRNpltJzLKXUahpYkk3jRLwdFjjNlYpfYkpyaKUcWo_oUsI8i0Fu5ZNoqtZVZfbpMIqhDAW_UK_Kj8L8-mdchn3eO1B63QKXF89T4qH0hvKHsYHONlCNQkCwxQd6azTjFEjHJ0c8M1EtLWJLGuRLcDyrCPmuR9HOF68EcsGHetkSaa3mI-WdhlYThAaKSbu0ZWaFQCffzZD3zto_0GQzDcJQgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTk4MzA0MjY3NDk3OTQ2MhiGuiQ&sigh=kMOZ4MIYogk&uach_m=[UACH]&cid=CAQSPABpAlJWy4VPCOGOSDyOzys31dubCCViNN4lgtWB7AQajWFMVONklE_f-AKVbhOisYlYD0HUhlk1VdmkMhgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714545&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714829&bpp=4&bdt=1442&idt=220&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7303162312974&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=549433589&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C31077318%2C31077324%2C31077369%2C42531706&oid=2&pvsid=3629789203006036&tmod=1107824513&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.d2av7eahhq6n&fsb=1&dtd=237

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714545&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714829&bpp=4&bdt=1442&idt=220&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7303162312974&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=549433589&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C31077318%2C31077324%2C31077369%2C42531706&oid=2&pvsid=3629789203006036&tmod=1107824513&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.d2av7eahhq6n&fsb=1&dtd=237
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 29 Aug 2023 22:38:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame 040E 0
11 B 22ms
22ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1hsv3bn26csmqz85y78m5n324zkraesx3kpjx0j3tnj4kfavj7m5k7fnfbeyxd5he7st6zb9gvcyxwxptmra5s1b91z5gt5r5pfadkhnws31cshm9x54r8wzhd4yr8vvp4r6e3wv1mdtpthf0k88230wsf8t274y86znxax3s67m9zyr2ry4spt66mv9cg7jkmdxxvbn77zhwpa85z2zb03tppbe0bpx116hyb44777jz6pzcmv5sxmyz25zhfwrbahfa4zz2rtmmm2azvpwnxdj7h53jsmgp4f99meetx79y67j5c3deen7yatnszjv6whdkq4kbsp5z9s78vzwt9wkb39zpjsdbkbb1txg7xyeefp6trhpp2ytz8tdgb80fttdmm8jgr&b=ZO5zawABcQQIu-FfAA4aiOSTyI-STFxgQWIC6A&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755398&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714545&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714829&bpp=4&bdt=1442&idt=220&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=7303162312974&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=549433589&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759927%2C44759876%2C44759842%2C31077318%2C31077324%2C31077369%2C42531706&oid=2&pvsid=3629789203006036&tmod=1107824513&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.d2av7eahhq6n&fsb=1&dtd=237
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 29 Aug 2023 22:38:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 53ms
35ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fe84903d8c91e58-FRA
content-length: 24
content-type: text/plain
date: Tue, 29 Aug 2023 22:38:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6WohMIiU%2BL3hZRivCdat7SpzTy7w9e1%2BJvbmbqnmmmZSCQp2dHSvAKHE6x2YJlWRxKuXSH3FZ96T4hLpb7U9VPRCP1huRG2x1rn3YUd6verV%2B5y1ZOaj872OVonpF5Hcs2JBnuQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-b4lk

POST
H3 200 rs Show response
ad4m.at/ Frame 3673 1 KB
2 KB 38ms
38ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2deaeb14a239457f7147b9b222c8bd89615e7de9b4c61558214ee8b4bb1fa50

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=weyMP5ZqIs9PIuChnuGrPoKS2mmT%2B5zXv2HCS0YeNu3COGzQaw8iGAKUAWynPqVBW8GVRNjHqfJPoqm7KSkq6vo7kQDxNR0nMEv9x0%2FEufCVOrPo3URm0fUPQhhif5P%2B2Mupt60%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7fe8490419021e58-FRA
x-backend-server: aa-reachservice-group-europe-west1-n1s0
alt-svc: h3=":443"; ma=86400

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2F81 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?PJcHQQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A5D8 0
19 B 84ms
83ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQD75a3PuZI7gCp-YxdwP2-an0AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3AFP0IR8I2Q-Z8MyTwW55mx7cPUmWcnlZZPirvQUMDTD3tPGUz6_GA1nlmVZiNndbVLlnRurvlzGnDLyNGIHkGwrOEUVzcHVF0fQqQAa6AztGkVKAk4t3PLsQ30ymfpjc-Uiz_zDVEHsqgQ4zeNRbEQIFK4JdOqdFwCB9E_A-Khkbx8VThM6iXK61u4vJpwIwBL0HIB51Y3L3X9C27qsTOvmBOd3BjjESPLZBhI8CgF6xvNNh30tMB-GpGHaNkRC2O4nRXgskYSnx7XG7z22eFbHRWGJ4zi5Er6gKFc2gAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMTk4MzA0MjY3NDk3OTQ2MhiGuiQ&sigh=WEBjXfD2vd8&uach_m=[UACH]&cid=CAQSPABpAlJW-bd72V0oXkWdUZ8pViBIkw1NqLevQVhLg76tJfZyFsnJU2vqsyteTLHmnXGIUjGX9Cbh9gBPkxgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755403&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714565&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714854&bpp=4&bdt=1451&idt=265&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=5269668770285&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=812375166&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759842%2C44795922&oid=2&pvsid=3930112406842115&tmod=910314556&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzxbdl7zmzy2&fsb=1&dtd=278

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755403&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714565&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714854&bpp=4&bdt=1451&idt=265&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=5269668770285&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=812375166&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759842%2C44795922&oid=2&pvsid=3930112406842115&tmod=910314556&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzxbdl7zmzy2&fsb=1&dtd=278
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 29 Aug 2023 22:38:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 winResponse
prod-rtb.ad4mat.net/ Frame A5D8 0
11 B 22ms
21ms Image
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1k3z6vj2hjsk09wdt1xsqn9z0gvmktk4qpe5amg7fpg4jpk8fs1bypp66cpve3hyjf9cs9wehaetvb71tbtstby21akfn3twhvc6dg7sxdh0rszz4j7j1hacpjs08w26mnevs4g5s7mwed8p1dh4d0mzpjz4185ca81z15fjdhxy332qma3q1nsna0789fsy3be9jdr78nm3ff8xe89xh854hsed7ya6pmb9qpje2rsxrmpngsdspgp9h79kk8p2h9k5aqxvzhyyz0a97m5xky73pgp8gw9781g7nmb089p4vknkhxm4jzsa978ctjsjbs12st87hdws08rf1yhtbhvpw3a9nyy6wbvswnpk6fwxt9f5g80rm990y7xd0vcqxtf28w1x1r&b=ZO5zawACsA4FkUwfAAnzWx3MyR-0lO2n16ELMw&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755403&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1693348714565&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693348714854&bpp=4&bdt=1451&idt=265&shv=r20230828&mjsv=m202308240101&ptt=9&saldr=aa&cookie=ID%3De123d43f24286d94-22b145375fde0095%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg&gpic=UID%3D00000c6b6653fc71%3AT%3D1693348713%3ART%3D1693348713%3AS%3DALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg&correlator=5269668770285&frm=24&ife=1&pv=2&ga_vid=544351479.1693348713&ga_sid=1693348715&ga_hid=812375166&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=988663913&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759875%2C44759842%2C44795922&oid=2&pvsid=3930112406842115&tmod=910314556&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.uzxbdl7zmzy2&fsb=1&dtd=278
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 29 Aug 2023 22:38:36 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 34ms
33ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fe84903f8dd1e58-FRA
content-length: 24
content-type: text/plain
date: Tue, 29 Aug 2023 22:38:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=00HspJ8gtzlTZxa5LehzhqmAPlneaSwkxdORvK9JlI51UVm65ETqdxH9EHeA8V5Thzjr8IkGVX4FRpwPXKEruiD9quY4Gju3BlT2wSkm1V5Zbs8caMa3OVU%2BN2PfDH5D2274%2B1Q%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-n1s0

POST
H3 200 rs Show response
ad4m.at/ Frame E830 1 KB
2 KB 36ms
36ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a58d5e5e3303d8769288e632f884dd5240fff7d0c93e9f4a6dc952dc73ab8712

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P1QNbsl7FJSzAKh4IcoL%2F2gvUeEFjMRoeW%2BWYIB83H5lsOxdK0SXq0lDY0UkSVVWT9%2B7L2QzH492RTYjBx%2FX360mYiriS2vMrPmClJb6AzI7SrIzxmpCWIFbiA2TKgUxjuAUX9o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7fe8490429131e58-FRA
x-backend-server: aa-reachservice-group-europe-west1-n1s0
alt-svc: h3=":443"; ma=86400

POST
H2 204 csi
csi.gstatic.com/ Frame 99E1 0
234 B 133ms
41ms Ping
image/gif 2a00:1450:400f:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~llww3rma&chm=1&ctx=2&gqid=anPuZNbhN8Ti-gbkqonABQ&qqid=CI2KisX3goEDFb1VkQUdJ9YJGA&met.4=fb.8~lb.2e~cmrload.2s~ol.n9~bdt.-1e8~bpp.-eu~idt.-89~dtd.-7r~dt.-ex&met.3=492.b_1~492.c~733.4q~748.5e~749.5l~742.4p_13~739.5t~735.9z_1~738.n9~113.rw_3~113.rz~112.rv_5&met.1=1.llww3quf~14.1~15.0~16.1~17.1~18.1~19.1~20.1~21.1~1.llww3qmq~6.1~7.1~8.1~9.1~10.1~12.2~13.75~14.7c~15.7b~16.8e~17.8e~18.8e~19.uy~20.uy~21.uy&met.7=CAUQCBgBMAE4AQ~CBsQBSAMOLkF~CB4QChgBIA4oDjA8OC1oD3A7eIAMgAHUCYgBgRWwAQG4AQM~CBwQBRgBIBAoEDA4OChoFHA3eJYHgAHqBIgBlgmwAQG4AQM~CBwQChgBIBEoETA8OCtoE3A7eP1CgAHRQIgBvZwBsAEBuAED~CBsQBhgBIBEoETBDODI~CE0QChgBIBEoETB6OGloIHBPeODFA4ABtMMDiAGNpguwAQG4AQM~CCEQBhgBIMUFKMUFMJcGOFJoxgVwlgZ4rAKwAQG4AQM~CBsQBiDFBThF~CCgQChgBIOIGKOIGMJQHODNo4gZwiQd4sb0BgAGFuwGIAYL2A7ABAbgBAw~CAUQCBgBMIgCONoIaAJwgAJ4jY4BgAHhiwGIAeSXA6AB6_3_________AbABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400f:804::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:36 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 34ms
34ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fe8490439271e58-FRA
content-length: 24
content-type: text/plain
date: Tue, 29 Aug 2023 22:38:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5ZQ7%2F371ejS0nPXIvi86MFXiluQjgkqfpMHFzeM5%2FyaTXQlYJ9rE7blUegzNtQIxQuoKkN1yWm28%2Bk0hkXhggFyrWhjsuLMmqYTsHKtaEGypENEY4EQbmZAXOGrIFBhvs3MT9w%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-n1s0

POST
H3 200 rs Show response
ad4m.at/ Frame 033D 1 KB
2 KB 36ms
35ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cf274200b414178ec3bc7a872a478e20bb3c890df8420f617c777df1c9e1ab5

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePrRBfRPLXxxuwvpkrWkNa3ydbya3y9aCnv8NSV6KlrS5DHQ7G1dEocJS%2BcsabwLNrBIO1SwGK1H%2F4EhsFZzqgcmRClnTU9arUlvLvPp9faXVUkb8fouQhUZpjOAyJr%2FeylrUtY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7fe84904796b1e58-FRA
x-backend-server: aa-reachservice-group-europe-west1-n1s0
alt-svc: h3=":443"; ma=86400

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 9DCF 9 KB
4 KB 29ms
29ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=885c8617ab355a686fcc803c74434f99%2F797953588450959800&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knm5nx6dbptsgck36nvtx2239ka1r1w7a35k4js2w03pp3117k4btywcr3hnyzxmyajawqst6gc1wepgmpcsfbzm0qdykjjm2df0w31qmfm39yhbs3sv50drhqjkcdtppj6paay3sf4pbvyyky684ncf2jv67kpm1z7j3t584txh78z7hpdqfw5tr4jbh5efz98pbwdspt74as30bvwhep5jgj49bjxfqvfwbkwb2dy8y50b3d8gxnjx7tsfmddnb0rfgjfqp22my4at6h0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaK00anPuZI2tOb2rxdwPp6ynwAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0EmmIu_lqMqk0Iusz65i75rrDA2axZMeQv4e3qdPQ2GT4rS-Kd92jenSmaiiVnsXHDxdBa4m_0mSDVun61noCjNTwOcRLkp5kMly3lA4HuhBP2VnJwjJ3D6lGYezxrmGX3QO8LJD2p73ICDyigbqjjAyh-AsxMGLvoCUnGJVr2Dj4UElgVybUaRaZ_zHun3G0ba9TSUEBqy_2CSS7hb65x7mUSQ3uUyZs5cRj2dbHoDCly4ruwahr11ZQnuFg7qlRURd2N6GZfLo4C8AOLa3T5rZUE5aN1x8Zr7MkMtRgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1SNNydTNsNsG6JOWbnKJqXBkIMdg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8ceec7a5e4e717902b65087aadda13d0aeaa99a91f5676fb788870d782023b0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1h4x0j05v3njyh4nwt299afvbf2dfxrsfvwm7asttg8xrrnj8k9f8mtevta97nemnfy9n5tvzgpf6qx5defnxggype8jnc7wv25pps0779vrn8msa3zv6de010mw96sqcpj2mgk2fg848bfvfshp3zsc6bcgx13f9bxdj23n0mrf7tbgp7n7mjwd29zkshgwq8hzpdn63kq6c6e8s058gha70wk9tcw2mqnydex70b680zmhf7vf9j023ptqdmyrb70fb2gjgxjt1rxd2vvw7weksd3cjgessg9ds4qw5n5pr7pv5y6mtw5szej0d0rv7capeze8gff0r5bs15drzpmb4n9jehata24bmqjz674f4gv58qdyftsmys3ypfgnkevh12j94txcjbdeqfmz4nmwm613rjezkfztvdn8c1j3gvdkzxakp&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCaK00anPuZI2tOb2rxdwPp6ynwAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0EmmIu_lqMqk0Iusz65i75rrDA2axZMeQv4e3qdPQ2GT4rS-Kd92jenSmaiiVnsXHDxdBa4m_0mSDVun61noCjNTwOcRLkp5kMly3lA4HuhBP2VnJwjJ3D6lGYezxrmGX3QO8LJD2p73ICDyigbqjjAyh-AsxMGLvoCUnGJVr2Dj4UElgVybUaRaZ_zHun3G0ba9TSUEBqy_2CSS7hb65x7mUSQ3uUyZs5cRj2dbHoDCly4ruwahr11ZQnuFg7qlRURd2N6GZfLo4C8AOLa3T5rZUE5aN1x8Zr7MkMtRgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1SNNydTNsNsG6JOWbnKJqXBkIMdg%26client%3Dca-pub-1983042674979462%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fe849047fd6914c-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:36 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 2A0C 9 KB
4 KB 40ms
40ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=34a4e2d8435f614a55848caf9b3f0904%2F7011083126979331671&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716175&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5r9tzc967ttzw53hrzdhd3cjy0xwtr9temkg6kxrk62va17dfdmxw7yxrgj8rjzg7c003h20hvzrj7b3wqkdx45k2w4dr71wk9zqtxpb26f5n6k6sp7fp7jtngtw8c1e407sffs4fjmftfzgm933646n19ay02fgrqb32c5ecvkw2cxzgfg2qh4rkn64b18ef6cyqm6ptb7pbh5d7k97dc8fxakj1drfryz48w1ap834wf7zrc8hvanvcs2md0rszvpvh4cx0k0x3160b0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnmXDa3PuZKv3AsG_iQbP24zAApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAkMw1AwpOrI-qAMByAMCqgTfAU_QreRdUiG4UX9FwAmI4A_RG-MbbhpRZLhys7Pv6qpbnA-opQN7hCcEXndNf1ZdWkZzMuREBcEToOsbma4OaqeD4JbbcY6iYRYw96i1FlvFLLG_zLQFE4KgBuhAUIdIOtZ_D_BVsdpupE-pRzY3FuGFcdlUBm909ehPLB9bf5BIFBySrbSTDThHCH67f2SSKlJpgrg34nn56AFKiruVks7_qo0XnXTDF80qTSvzvbS1PBWZEhuVdvFclfy5GZzpkmB9MWbElP3RLMvIe2hdpGKiIl9hqoUDyW-MeDXctVqABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1o6l6UCftJRnKTFMF1HJ2x8MT-7A%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

975c355858c5c4d64a42bf2c3fba8a8ce0b73c6dab15a7a6b533114105aae998

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1ge89aka5b0k19xtwwr3t0rmctnq61f65geq2xpf29dn7310k06qdfey9z34abnhwfgd87pf2b68k5r9tym4gescnzazt12p13vvpvvbrqs5c28crd1nyj4wngc3efxrjrv4zmecmmqqftqw2765ha5gpwhrpwwzz22zfsxyn96s3m71jk19q31dvcqv0kzfq9rg93nne8xcb7692tqa93sghyre4q3gy9w3fdem1f4ewc4v5w6qasb94d5gxpf2k7wpwdxbdj7gecacb16ayxwgc3phqbaz8yseraeegh3d21k27eqsvdd3sxbtxhd98yxsvvg5qp6ws6w9xkpt2y4k55fdp91g7acxr3vtf3edgbmgpaw04cter94hvkp8yf1g2w4vhyt4hmya2n2wgnvpnymj32wrk2djmctgs6kr1x2p8wz1r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnmXDa3PuZKv3AsG_iQbP24zAApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAkMw1AwpOrI-qAMByAMCqgTfAU_QreRdUiG4UX9FwAmI4A_RG-MbbhpRZLhys7Pv6qpbnA-opQN7hCcEXndNf1ZdWkZzMuREBcEToOsbma4OaqeD4JbbcY6iYRYw96i1FlvFLLG_zLQFE4KgBuhAUIdIOtZ_D_BVsdpupE-pRzY3FuGFcdlUBm909ehPLB9bf5BIFBySrbSTDThHCH67f2SSKlJpgrg34nn56AFKiruVks7_qo0XnXTDF80qTSvzvbS1PBWZEhuVdvFclfy5GZzpkmB9MWbElP3RLMvIe2hdpGKiIl9hqoUDyW-MeDXctVqABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1o6l6UCftJRnKTFMF1HJ2x8MT-7A%26client%3Dca-pub-1983042674979462%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fe849047fda914c-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:36 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C6FE 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Bc813g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 rs Show response
ad4m.at/ Frame 6322 2 KB
2 KB 41ms
40ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ddd76cd708e1ed8dd6092703d72990e1494a8b1f3ee09bf29b99a288b5dbe844

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B6iNFNw0tsByKuK741%2FbN3IQpD0OqVkVphYZLpRIEcNpsMpxS6F5nndtK1oK5rMDw9y3juIUe0FlFyLv2jDWmEK%2BC2THdaO4OvH7OtWTacWfuzW8j7SwGyOdaftD7f7CpqFS67A%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7fe84904c9b51e58-FRA
x-backend-server: aa-reachservice-group-europe-west1-n1s0
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 32ms
32ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fe84904897c1e58-FRA
content-length: 24
content-type: text/plain
date: Tue, 29 Aug 2023 22:38:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mSSkn%2BCPPLIJTYtwu4ZgP737lWNsCJLxFejj5mVBivYDQAIaUnc4mtFQTwpuPF%2FSdh0vVX0zDrOZDhPWR9gqe3t%2F9pkacWmKRpn7PbhOFYls3SKJiHAQQ85B9Ha3KJw7h3aLUAk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-n1s0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 19E8 0
10 B 38ms
38ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?MbIytA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 200 rs Show response
ad4m.at/ Frame 5616 1 KB
2 KB 40ms
40ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26d998f38eaf43c5df862c319ce7a21a81fccab9f0bc2922f748cff9ecbee9d2

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1jRbqpD5RkQAPRSB40I155AIZrfXE0%2Bk7ISytlepjcJ9nAz1EtbX79WmHhoAJ6rUKuRAMWarzv%2FjrxdQXOuM9cl2M7VI2sn3%2BGM7q5o%2B%2Fc3Msj8bS%2B8iasd9V9DFqX1kiOhOQZ8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 7fe84904f9d61e58-FRA
x-backend-server: aa-reachservice-group-europe-west1-b4lk
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 33ms
33ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fe84904b9a91e58-FRA
content-length: 24
content-type: text/plain
date: Tue, 29 Aug 2023 22:38:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Yy44HSpdHucQsIT14S3xVEYVsIjPJkwPkgpolIRQnHyFHjEjAC7P6YAggjq8AcuwvBpEMYoIcgR4WqpJC4WiWVuFbKKTepzvagKMolaMzyKGpq19yyLIaI12bv6JIij80gABdaU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-b4lk

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6DCA 0
10 B 43ms
42ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zOAIBg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 9DCF 114 KB
14 KB 21ms
20ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=885c8617ab355a686fcc803c74434f99%2F797953588450959800&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knm5nx6dbptsgck36nvtx2239ka1r1w7a35k4js2w03pp3117k4btywcr3hnyzxmyajawqst6gc1wepgmpcsfbzm0qdykjjm2df0w31qmfm39yhbs3sv50drhqjkcdtppj6paay3sf4pbvyyky684ncf2jv67kpm1z7j3t584txh78z7hpdqfw5tr4jbh5efz98pbwdspt74as30bvwhep5jgj49bjxfqvfwbkwb2dy8y50b3d8gxnjx7tsfmddnb0rfgjfqp22my4at6h0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaK00anPuZI2tOb2rxdwPp6ynwAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0EmmIu_lqMqk0Iusz65i75rrDA2axZMeQv4e3qdPQ2GT4rS-Kd92jenSmaiiVnsXHDxdBa4m_0mSDVun61noCjNTwOcRLkp5kMly3lA4HuhBP2VnJwjJ3D6lGYezxrmGX3QO8LJD2p73ICDyigbqjjAyh-AsxMGLvoCUnGJVr2Dj4UElgVybUaRaZ_zHun3G0ba9TSUEBqy_2CSS7hb65x7mUSQ3uUyZs5cRj2dbHoDCly4ruwahr11ZQnuFg7qlRURd2N6GZfLo4C8AOLa3T5rZUE5aN1x8Zr7MkMtRgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1SNNydTNsNsG6JOWbnKJqXBkIMdg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=885c8617ab355a686fcc803c74434f99%2F797953588450959800&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knm5nx6dbptsgck36nvtx2239ka1r1w7a35k4js2w03pp3117k4btywcr3hnyzxmyajawqst6gc1wepgmpcsfbzm0qdykjjm2df0w31qmfm39yhbs3sv50drhqjkcdtppj6paay3sf4pbvyyky684ncf2jv67kpm1z7j3t584txh78z7hpdqfw5tr4jbh5efz98pbwdspt74as30bvwhep5jgj49bjxfqvfwbkwb2dy8y50b3d8gxnjx7tsfmddnb0rfgjfqp22my4at6h0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaK00anPuZI2tOb2rxdwPp6ynwAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0EmmIu_lqMqk0Iusz65i75rrDA2axZMeQv4e3qdPQ2GT4rS-Kd92jenSmaiiVnsXHDxdBa4m_0mSDVun61noCjNTwOcRLkp5kMly3lA4HuhBP2VnJwjJ3D6lGYezxrmGX3QO8LJD2p73ICDyigbqjjAyh-AsxMGLvoCUnGJVr2Dj4UElgVybUaRaZ_zHun3G0ba9TSUEBqy_2CSS7hb65x7mUSQ3uUyZs5cRj2dbHoDCly4ruwahr11ZQnuFg7qlRURd2N6GZfLo4C8AOLa3T5rZUE5aN1x8Zr7MkMtRgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1SNNydTNsNsG6JOWbnKJqXBkIMdg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 559526
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sgVBzf%2B2XLiAeKQIe8dgmKJ1AllqCmNs5z1r3ynwWoLECdgoRdCM4jLu7RtU%2FQQaFzGf2sasQgVWYarxb0VDB%2BInbqVtFvkOJkbfF%2BHCRXa8SSLPxen9GaxVeZd5bQMl1w1zDeZpHww%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7fe84904c81b914c-FRA
expires: Tue, 29 Aug 2023 23:38:36 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 9DCF 44 KB
44 KB 32ms
16ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=885c8617ab355a686fcc803c74434f99%2F797953588450959800&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knm5nx6dbptsgck36nvtx2239ka1r1w7a35k4js2w03pp3117k4btywcr3hnyzxmyajawqst6gc1wepgmpcsfbzm0qdykjjm2df0w31qmfm39yhbs3sv50drhqjkcdtppj6paay3sf4pbvyyky684ncf2jv67kpm1z7j3t584txh78z7hpdqfw5tr4jbh5efz98pbwdspt74as30bvwhep5jgj49bjxfqvfwbkwb2dy8y50b3d8gxnjx7tsfmddnb0rfgjfqp22my4at6h0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaK00anPuZI2tOb2rxdwPp6ynwAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0EmmIu_lqMqk0Iusz65i75rrDA2axZMeQv4e3qdPQ2GT4rS-Kd92jenSmaiiVnsXHDxdBa4m_0mSDVun61noCjNTwOcRLkp5kMly3lA4HuhBP2VnJwjJ3D6lGYezxrmGX3QO8LJD2p73ICDyigbqjjAyh-AsxMGLvoCUnGJVr2Dj4UElgVybUaRaZ_zHun3G0ba9TSUEBqy_2CSS7hb65x7mUSQ3uUyZs5cRj2dbHoDCly4ruwahr11ZQnuFg7qlRURd2N6GZfLo4C8AOLa3T5rZUE5aN1x8Zr7MkMtRgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1SNNydTNsNsG6JOWbnKJqXBkIMdg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1035009
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wdYvAiFXmUJ2gc8%2F%2B7LagwfIiI6ZjLp8hJF2euTUv1qo2kniTOmLgOJ%2BExoqa01UcvumUgmLBerv%2Fv6oRD0cWbg3QJa4E0yPLTJE5BoeQghrbd4Uren6BGVb%2FXv%2FXVG9THyH2rm7JC3D%2BBg1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe84904e81418c5-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H2 200 809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
assets.ad4m.at/ Frame 9DCF 699 KB
701 KB 23ms
17ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=885c8617ab355a686fcc803c74434f99%2F797953588450959800&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knm5nx6dbptsgck36nvtx2239ka1r1w7a35k4js2w03pp3117k4btywcr3hnyzxmyajawqst6gc1wepgmpcsfbzm0qdykjjm2df0w31qmfm39yhbs3sv50drhqjkcdtppj6paay3sf4pbvyyky684ncf2jv67kpm1z7j3t584txh78z7hpdqfw5tr4jbh5efz98pbwdspt74as30bvwhep5jgj49bjxfqvfwbkwb2dy8y50b3d8gxnjx7tsfmddnb0rfgjfqp22my4at6h0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaK00anPuZI2tOb2rxdwPp6ynwAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0EmmIu_lqMqk0Iusz65i75rrDA2axZMeQv4e3qdPQ2GT4rS-Kd92jenSmaiiVnsXHDxdBa4m_0mSDVun61noCjNTwOcRLkp5kMly3lA4HuhBP2VnJwjJ3D6lGYezxrmGX3QO8LJD2p73ICDyigbqjjAyh-AsxMGLvoCUnGJVr2Dj4UElgVybUaRaZ_zHun3G0ba9TSUEBqy_2CSS7hb65x7mUSQ3uUyZs5cRj2dbHoDCly4ruwahr11ZQnuFg7qlRURd2N6GZfLo4C8AOLa3T5rZUE5aN1x8Zr7MkMtRgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1SNNydTNsNsG6JOWbnKJqXBkIMdg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4b8cd0d6d8c57ef39e1bb5cff8557261b3b2f640656680a72e421471032d841

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 279231
cf-polished: origFmt=png, origSize=1123807
alt-svc: h3=":443"; ma=86400
content-length: 716228
cf-bgj: imgq:85,h2pri
last-modified: Wed, 26 Jul 2023 14:19:55 GMT
server: cloudflare
etag: "5f84457cb2289c51e589af098eed3611"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XmsFGS3oAUmm%2BXQmqJUt6yrKFhv%2FD8vt0l%2BYlmOO96WjndfXzpTpOLF1oQbvXPbPkS5utXaT8Edg%2BNW83OgWGftOR6nQ55xtjEuBVGymRFb5iyKyfWOdvf0WInh387emxpizzttSJCYljO0%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe84905083218c5-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 9DCF
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1693348716_cac1f990-46bc-11ee-898e-223287d3f473&insert=AW&&gdpr=0&gdpr_consent=

0
311 B

26ms
24ms

Image
text/html

2606:4700::6810:c0cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1693348716_cac1f990-46bc-11ee-898e-223287d3f473&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=885c8617ab355a686fcc803c74434f99%2F797953588450959800&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knm5nx6dbptsgck36nvtx2239ka1r1w7a35k4js2w03pp3117k4btywcr3hnyzxmyajawqst6gc1wepgmpcsfbzm0qdykjjm2df0w31qmfm39yhbs3sv50drhqjkcdtppj6paay3sf4pbvyyky684ncf2jv67kpm1z7j3t584txh78z7hpdqfw5tr4jbh5efz98pbwdspt74as30bvwhep5jgj49bjxfqvfwbkwb2dy8y50b3d8gxnjx7tsfmddnb0rfgjfqp22my4at6h0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaK00anPuZI2tOb2rxdwPp6ynwAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0EmmIu_lqMqk0Iusz65i75rrDA2axZMeQv4e3qdPQ2GT4rS-Kd92jenSmaiiVnsXHDxdBa4m_0mSDVun61noCjNTwOcRLkp5kMly3lA4HuhBP2VnJwjJ3D6lGYezxrmGX3QO8LJD2p73ICDyigbqjjAyh-AsxMGLvoCUnGJVr2Dj4UElgVybUaRaZ_zHun3G0ba9TSUEBqy_2CSS7hb65x7mUSQ3uUyZs5cRj2dbHoDCly4ruwahr11ZQnuFg7qlRURd2N6GZfLo4C8AOLa3T5rZUE5aN1x8Zr7MkMtRgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1SNNydTNsNsG6JOWbnKJqXBkIMdg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6810:c0cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 7fe849067bdb3a3d-FRA
content-length: 0
expires: -1

Redirect headers

Date: Tue, 29 Aug 2023 22:38:36 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1693348716_cac1f990-46bc-11ee-898e-223287d3f473&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 9DCF 53 KB
54 KB 20ms
17ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=885c8617ab355a686fcc803c74434f99%2F797953588450959800&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knm5nx6dbptsgck36nvtx2239ka1r1w7a35k4js2w03pp3117k4btywcr3hnyzxmyajawqst6gc1wepgmpcsfbzm0qdykjjm2df0w31qmfm39yhbs3sv50drhqjkcdtppj6paay3sf4pbvyyky684ncf2jv67kpm1z7j3t584txh78z7hpdqfw5tr4jbh5efz98pbwdspt74as30bvwhep5jgj49bjxfqvfwbkwb2dy8y50b3d8gxnjx7tsfmddnb0rfgjfqp22my4at6h0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaK00anPuZI2tOb2rxdwPp6ynwAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0EmmIu_lqMqk0Iusz65i75rrDA2axZMeQv4e3qdPQ2GT4rS-Kd92jenSmaiiVnsXHDxdBa4m_0mSDVun61noCjNTwOcRLkp5kMly3lA4HuhBP2VnJwjJ3D6lGYezxrmGX3QO8LJD2p73ICDyigbqjjAyh-AsxMGLvoCUnGJVr2Dj4UElgVybUaRaZ_zHun3G0ba9TSUEBqy_2CSS7hb65x7mUSQ3uUyZs5cRj2dbHoDCly4ruwahr11ZQnuFg7qlRURd2N6GZfLo4C8AOLa3T5rZUE5aN1x8Zr7MkMtRgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1SNNydTNsNsG6JOWbnKJqXBkIMdg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 883673
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jbBxlpCtEZ5i2vLJOH%2BSDxNcW%2B4o9uu%2Bpnbx2a7iDA%2F%2FrSWRDXPvNsRrzXXOV%2FPBhQoUJwEWLAaUfJoWm4XFCei0HnPGYMAYwYw8IOn7e0AST9Lka5AoYSTD4cLAXP5332OhlMWOlM4paxHO"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe84904f84d914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H3 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 9DCF 23 KB
23 KB 28ms
24ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=885c8617ab355a686fcc803c74434f99%2F797953588450959800&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knm5nx6dbptsgck36nvtx2239ka1r1w7a35k4js2w03pp3117k4btywcr3hnyzxmyajawqst6gc1wepgmpcsfbzm0qdykjjm2df0w31qmfm39yhbs3sv50drhqjkcdtppj6paay3sf4pbvyyky684ncf2jv67kpm1z7j3t584txh78z7hpdqfw5tr4jbh5efz98pbwdspt74as30bvwhep5jgj49bjxfqvfwbkwb2dy8y50b3d8gxnjx7tsfmddnb0rfgjfqp22my4at6h0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaK00anPuZI2tOb2rxdwPp6ynwAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0EmmIu_lqMqk0Iusz65i75rrDA2axZMeQv4e3qdPQ2GT4rS-Kd92jenSmaiiVnsXHDxdBa4m_0mSDVun61noCjNTwOcRLkp5kMly3lA4HuhBP2VnJwjJ3D6lGYezxrmGX3QO8LJD2p73ICDyigbqjjAyh-AsxMGLvoCUnGJVr2Dj4UElgVybUaRaZ_zHun3G0ba9TSUEBqy_2CSS7hb65x7mUSQ3uUyZs5cRj2dbHoDCly4ruwahr11ZQnuFg7qlRURd2N6GZfLo4C8AOLa3T5rZUE5aN1x8Zr7MkMtRgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1SNNydTNsNsG6JOWbnKJqXBkIMdg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 883469
cf-polished: qual=85, origFmt=jpeg, origSize=132437
alt-svc: h3=":443"; ma=86400
content-length: 23154
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Dec 2021 17:51:23 GMT
server: cloudflare
etag: "c348b177953ac5720836c04e1a21673d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LdxSrBETS8sZQ8rfbwSy5wSG6VuG9%2Ftuk%2FcVqHkVnU1aFpdC4pQhF53YSifxzAA%2FeDfsjnckT%2Bh6DK%2FvGUCbF%2BZkZdTRemP0j0ZdybaSM1Xwe5tnvPoVnvVDuwU0BmUHeiZ%2BFKDyhvuxilog"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe84904f84e914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 9DCF
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CLOy5sX3goEDFXTFuwgdl0IPlg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023083000383688402417877X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Ne...

49 B
1 KB

139ms
24ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023083000383688402417877X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023083000383688402417877X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=885c8617ab355a686fcc803c74434f99%2F797953588450959800&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knm5nx6dbptsgck36nvtx2239ka1r1w7a35k4js2w03pp3117k4btywcr3hnyzxmyajawqst6gc1wepgmpcsfbzm0qdykjjm2df0w31qmfm39yhbs3sv50drhqjkcdtppj6paay3sf4pbvyyky684ncf2jv67kpm1z7j3t584txh78z7hpdqfw5tr4jbh5efz98pbwdspt74as30bvwhep5jgj49bjxfqvfwbkwb2dy8y50b3d8gxnjx7tsfmddnb0rfgjfqp22my4at6h0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaK00anPuZI2tOb2rxdwPp6ynwAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0EmmIu_lqMqk0Iusz65i75rrDA2axZMeQv4e3qdPQ2GT4rS-Kd92jenSmaiiVnsXHDxdBa4m_0mSDVun61noCjNTwOcRLkp5kMly3lA4HuhBP2VnJwjJ3D6lGYezxrmGX3QO8LJD2p73ICDyigbqjjAyh-AsxMGLvoCUnGJVr2Dj4UElgVybUaRaZ_zHun3G0ba9TSUEBqy_2CSS7hb65x7mUSQ3uUyZs5cRj2dbHoDCly4ruwahr11ZQnuFg7qlRURd2N6GZfLo4C8AOLa3T5rZUE5aN1x8Zr7MkMtRgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1SNNydTNsNsG6JOWbnKJqXBkIMdg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 22:38:36 GMT
X-NODEIP: 46.4.41.145
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023083000383688402417877X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023083000383688402417877X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
date: Tue, 29 Aug 2023 22:38:36 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 9DCF 13 KB
14 KB 28ms
25ms Image
image/png 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=885c8617ab355a686fcc803c74434f99%2F797953588450959800&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knm5nx6dbptsgck36nvtx2239ka1r1w7a35k4js2w03pp3117k4btywcr3hnyzxmyajawqst6gc1wepgmpcsfbzm0qdykjjm2df0w31qmfm39yhbs3sv50drhqjkcdtppj6paay3sf4pbvyyky684ncf2jv67kpm1z7j3t584txh78z7hpdqfw5tr4jbh5efz98pbwdspt74as30bvwhep5jgj49bjxfqvfwbkwb2dy8y50b3d8gxnjx7tsfmddnb0rfgjfqp22my4at6h0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaK00anPuZI2tOb2rxdwPp6ynwAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0EmmIu_lqMqk0Iusz65i75rrDA2axZMeQv4e3qdPQ2GT4rS-Kd92jenSmaiiVnsXHDxdBa4m_0mSDVun61noCjNTwOcRLkp5kMly3lA4HuhBP2VnJwjJ3D6lGYezxrmGX3QO8LJD2p73ICDyigbqjjAyh-AsxMGLvoCUnGJVr2Dj4UElgVybUaRaZ_zHun3G0ba9TSUEBqy_2CSS7hb65x7mUSQ3uUyZs5cRj2dbHoDCly4ruwahr11ZQnuFg7qlRURd2N6GZfLo4C8AOLa3T5rZUE5aN1x8Zr7MkMtRgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1SNNydTNsNsG6JOWbnKJqXBkIMdg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1304987
cf-polished: origSize=24833, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 13494
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ocHswbiVGzo4mpSLHe35hXwEBbsu3tvhEIfXeBp3NyaOW6hXkETG6kZmWQi%2BPDr8DkTpj1yXUQtsrDBl3oLljK%2FQXJ1ursxwjAJ5CQN6a7AIeWxV%2BelfPPODFwkRadpMHLR7lP5B3mikFj6"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe84904f850914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H3 200 51ECFC013A5F4D4C3D4DC1C255BF8F138C8B8A67556A0A34EA7C631900B254A0EB5547C19BAB6B3133A765FC8201B8BDAD0A142C2E2304A3FBDC1210CDE43179
assets.ad4m.at/ Frame 9DCF 11 KB
11 KB 36ms
32ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/51ECFC013A5F4D4C3D4DC1C255BF8F138C8B8A67556A0A34EA7C631900B254A0EB5547C19BAB6B3133A765FC8201B8BDAD0A142C2E2304A3FBDC1210CDE43179
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=885c8617ab355a686fcc803c74434f99%2F797953588450959800&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knm5nx6dbptsgck36nvtx2239ka1r1w7a35k4js2w03pp3117k4btywcr3hnyzxmyajawqst6gc1wepgmpcsfbzm0qdykjjm2df0w31qmfm39yhbs3sv50drhqjkcdtppj6paay3sf4pbvyyky684ncf2jv67kpm1z7j3t584txh78z7hpdqfw5tr4jbh5efz98pbwdspt74as30bvwhep5jgj49bjxfqvfwbkwb2dy8y50b3d8gxnjx7tsfmddnb0rfgjfqp22my4at6h0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaK00anPuZI2tOb2rxdwPp6ynwAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0EmmIu_lqMqk0Iusz65i75rrDA2axZMeQv4e3qdPQ2GT4rS-Kd92jenSmaiiVnsXHDxdBa4m_0mSDVun61noCjNTwOcRLkp5kMly3lA4HuhBP2VnJwjJ3D6lGYezxrmGX3QO8LJD2p73ICDyigbqjjAyh-AsxMGLvoCUnGJVr2Dj4UElgVybUaRaZ_zHun3G0ba9TSUEBqy_2CSS7hb65x7mUSQ3uUyZs5cRj2dbHoDCly4ruwahr11ZQnuFg7qlRURd2N6GZfLo4C8AOLa3T5rZUE5aN1x8Zr7MkMtRgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1SNNydTNsNsG6JOWbnKJqXBkIMdg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1f1298767e4be7239cf28bb31eaada9d1750fbf45f29b2294fcfd4add302bdd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 524747
cf-polished: qual=85, origFmt=jpeg, origSize=24400
alt-svc: h3=":443"; ma=86400
content-length: 10938
cf-bgj: imgq:85,h2pri
last-modified: Tue, 20 Jun 2023 13:48:21 GMT
server: cloudflare
etag: "e134bc76c0143a9a962b7159f7d67151"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TrK825F4CcQ3WbKuzgT9Wc%2BiExWN24PP3%2FJ%2BXT187S8pBjneKVjbeEPcMwyo6DEoJXM7CKhNkFh%2BC8fybRvT%2BG7kk2RcM5g2mQccRkPsWrgkcuFQGwZflaXdQHMcLligpOszGhUzTMtOWHxq"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe84904f851914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame 9DCF
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CLm05sX3goEDFXPKuwgdnHMJ7A;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=viewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=viewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023083000383688402417871X113752V1225131106MSviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netm...

49 B
1 KB

97ms
34ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023083000383688402417871X113752V1225131106MSviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C19491&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcd&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2C1YRCbf7QTqBbt9HdH9tpC22XcRTKTXEhA&c=300&d=250&e=&g=885c8617ab355a686fcc803c74434f99%2F797953588450959800&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716167&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1knm5nx6dbptsgck36nvtx2239ka1r1w7a35k4js2w03pp3117k4btywcr3hnyzxmyajawqst6gc1wepgmpcsfbzm0qdykjjm2df0w31qmfm39yhbs3sv50drhqjkcdtppj6paay3sf4pbvyyky684ncf2jv67kpm1z7j3t584txh78z7hpdqfw5tr4jbh5efz98pbwdspt74as30bvwhep5jgj49bjxfqvfwbkwb2dy8y50b3d8gxnjx7tsfmddnb0rfgjfqp22my4at6h0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCaK00anPuZI2tOb2rxdwPp6ynwAGQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0EmmIu_lqMqk0Iusz65i75rrDA2axZMeQv4e3qdPQ2GT4rS-Kd92jenSmaiiVnsXHDxdBa4m_0mSDVun61noCjNTwOcRLkp5kMly3lA4HuhBP2VnJwjJ3D6lGYezxrmGX3QO8LJD2p73ICDyigbqjjAyh-AsxMGLvoCUnGJVr2Dj4UElgVybUaRaZ_zHun3G0ba9TSUEBqy_2CSS7hb65x7mUSQ3uUyZs5cRj2dbHoDCly4ruwahr11ZQnuFg7qlRURd2N6GZfLo4C8AOLa3T5rZUE5aN1x8Zr7MkMtRgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1SNNydTNsNsG6JOWbnKJqXBkIMdg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 22:38:36 GMT
X-NODEIP: 46.4.62.19
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2023083000383688402417871X113752V1225131106MSviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
date: Tue, 29 Aug 2023 22:38:36 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 645E 12 KB
4 KB 30ms
30ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=0f5353630d99926386544de5206d8a28%2F4081905152126680695&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716221&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq9gbpfs27a7pf7pcxq8tf18bw1cbp230wh6hjkcq09w5g52as8zzanb7xh6vh17emwn6j85gdh9j7pzh1j21chwc0fhx3e4jzjmze006thzmd445hcpez3vn3hxqx3s19w4vw5vmkkhy7jg57m53j6r3tyss334n9jq8c357m0revv9xqzz5w1f1x6jpg9t86ca69hxxdakjt4pjgv0y45crqnx94r9zjxy9s2t10bdjjyhtr96dnxfc5zwjcys1z396wkt9h2f4f9kffg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuT1ra3PuZPWpCNWI-cAP2vCToAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3gFP0DQmdCM2ZUlm2ERh7WYrD7lgiE3OYwNXyi41h9cd3E2pMTiYysBTo3i_pv0g92bNIAF5owKZsdnoYlohKlYGNDTl6GjZRM1n3En3VutujhibdwkCz8RdEtIwIzbXwhmETNM1BoPV6TJzZ5cK4w9FhTE8Mkvj0mwn5ljgFxwCdrzWYEjyqSzag6tnxmMVhoDpueNhwhsxNbZsCfQWIT8Q183748XqpU2h5hGqrYCq2dO1AE8exKvNk7slIdEu8EeHMXiff4QeJ14uosC7wP-qXdVp8jYMSpdTTSCsZIiABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ESmalc1dOrVwX_rwKIqaL4aMlDw%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

483c10547e425f2938264825ed7b2a007fee84094dd9df349bd1a39becd4eb00

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1hvhjq58hxyrh0arb5atbtja2d4pf1wmvbgczzwcbsnkw7n52s0jezcjz0ez10kfhnvyakyyn888vmg6e2f3zn9hdmwn2cagvmc2hk2xmcz7vdx7v6ergbye12p5vpg0bfc0ynsbv4ahjxe197d5r600fy7cf4575r5wkbr7rnxfc6yjnb89rnwjefnfyqgz4jenamn4pc1b4m835n7b28qj3n31ygt59na5xyjwetqks1h1jgdcy5618n29bs34z12a5vrb63ry0ffw4ted0g6q3hztrq894kyzmmdz2dvwwkd1cz9exvx1t414mh8n3ebz5s4hdzv139xpze6f618jx1ge6y25c40f5g2dzmtv3jk6pwjmaxw5jv38fr8v6a0fc69zxd75na8mhzxvck787kb5n5v56zmaj3s3cndzc34eb4rb8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCuT1ra3PuZPWpCNWI-cAP2vCToAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3gFP0DQmdCM2ZUlm2ERh7WYrD7lgiE3OYwNXyi41h9cd3E2pMTiYysBTo3i_pv0g92bNIAF5owKZsdnoYlohKlYGNDTl6GjZRM1n3En3VutujhibdwkCz8RdEtIwIzbXwhmETNM1BoPV6TJzZ5cK4w9FhTE8Mkvj0mwn5ljgFxwCdrzWYEjyqSzag6tnxmMVhoDpueNhwhsxNbZsCfQWIT8Q183748XqpU2h5hGqrYCq2dO1AE8exKvNk7slIdEu8EeHMXiff4QeJ14uosC7wP-qXdVp8jYMSpdTTSCsZIiABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1ESmalc1dOrVwX_rwKIqaL4aMlDw%26client%3Dca-pub-1983042674979462%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fe84904c81d914c-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:36 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 2A0C 114 KB
14 KB 18ms
17ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=34a4e2d8435f614a55848caf9b3f0904%2F7011083126979331671&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716175&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5r9tzc967ttzw53hrzdhd3cjy0xwtr9temkg6kxrk62va17dfdmxw7yxrgj8rjzg7c003h20hvzrj7b3wqkdx45k2w4dr71wk9zqtxpb26f5n6k6sp7fp7jtngtw8c1e407sffs4fjmftfzgm933646n19ay02fgrqb32c5ecvkw2cxzgfg2qh4rkn64b18ef6cyqm6ptb7pbh5d7k97dc8fxakj1drfryz48w1ap834wf7zrc8hvanvcs2md0rszvpvh4cx0k0x3160b0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnmXDa3PuZKv3AsG_iQbP24zAApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAkMw1AwpOrI-qAMByAMCqgTfAU_QreRdUiG4UX9FwAmI4A_RG-MbbhpRZLhys7Pv6qpbnA-opQN7hCcEXndNf1ZdWkZzMuREBcEToOsbma4OaqeD4JbbcY6iYRYw96i1FlvFLLG_zLQFE4KgBuhAUIdIOtZ_D_BVsdpupE-pRzY3FuGFcdlUBm909ehPLB9bf5BIFBySrbSTDThHCH67f2SSKlJpgrg34nn56AFKiruVks7_qo0XnXTDF80qTSvzvbS1PBWZEhuVdvFclfy5GZzpkmB9MWbElP3RLMvIe2hdpGKiIl9hqoUDyW-MeDXctVqABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1o6l6UCftJRnKTFMF1HJ2x8MT-7A%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=34a4e2d8435f614a55848caf9b3f0904%2F7011083126979331671&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716175&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5r9tzc967ttzw53hrzdhd3cjy0xwtr9temkg6kxrk62va17dfdmxw7yxrgj8rjzg7c003h20hvzrj7b3wqkdx45k2w4dr71wk9zqtxpb26f5n6k6sp7fp7jtngtw8c1e407sffs4fjmftfzgm933646n19ay02fgrqb32c5ecvkw2cxzgfg2qh4rkn64b18ef6cyqm6ptb7pbh5d7k97dc8fxakj1drfryz48w1ap834wf7zrc8hvanvcs2md0rszvpvh4cx0k0x3160b0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnmXDa3PuZKv3AsG_iQbP24zAApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAkMw1AwpOrI-qAMByAMCqgTfAU_QreRdUiG4UX9FwAmI4A_RG-MbbhpRZLhys7Pv6qpbnA-opQN7hCcEXndNf1ZdWkZzMuREBcEToOsbma4OaqeD4JbbcY6iYRYw96i1FlvFLLG_zLQFE4KgBuhAUIdIOtZ_D_BVsdpupE-pRzY3FuGFcdlUBm909ehPLB9bf5BIFBySrbSTDThHCH67f2SSKlJpgrg34nn56AFKiruVks7_qo0XnXTDF80qTSvzvbS1PBWZEhuVdvFclfy5GZzpkmB9MWbElP3RLMvIe2hdpGKiIl9hqoUDyW-MeDXctVqABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1o6l6UCftJRnKTFMF1HJ2x8MT-7A%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 559526
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NP5NUQtWycxdNRXBZBPBzbd7DbH4pny8fjHIGpV19ntg0y5H8KRDI88KvUq8%2BbO9V2ot6g61tzEXA7hZzhvQJzCFITLKn%2BM0lDkEZ0pgSnfJJlBU3A00YfNcz%2BG%2Fp9ylXtV21gT1ZPY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7fe84904e834914c-FRA
expires: Tue, 29 Aug 2023 23:38:36 GMT

GET
H2 200 762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 2A0C 44 KB
44 KB 25ms
24ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=34a4e2d8435f614a55848caf9b3f0904%2F7011083126979331671&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716175&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5r9tzc967ttzw53hrzdhd3cjy0xwtr9temkg6kxrk62va17dfdmxw7yxrgj8rjzg7c003h20hvzrj7b3wqkdx45k2w4dr71wk9zqtxpb26f5n6k6sp7fp7jtngtw8c1e407sffs4fjmftfzgm933646n19ay02fgrqb32c5ecvkw2cxzgfg2qh4rkn64b18ef6cyqm6ptb7pbh5d7k97dc8fxakj1drfryz48w1ap834wf7zrc8hvanvcs2md0rszvpvh4cx0k0x3160b0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnmXDa3PuZKv3AsG_iQbP24zAApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAkMw1AwpOrI-qAMByAMCqgTfAU_QreRdUiG4UX9FwAmI4A_RG-MbbhpRZLhys7Pv6qpbnA-opQN7hCcEXndNf1ZdWkZzMuREBcEToOsbma4OaqeD4JbbcY6iYRYw96i1FlvFLLG_zLQFE4KgBuhAUIdIOtZ_D_BVsdpupE-pRzY3FuGFcdlUBm909ehPLB9bf5BIFBySrbSTDThHCH67f2SSKlJpgrg34nn56AFKiruVks7_qo0XnXTDF80qTSvzvbS1PBWZEhuVdvFclfy5GZzpkmB9MWbElP3RLMvIe2hdpGKiIl9hqoUDyW-MeDXctVqABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1o6l6UCftJRnKTFMF1HJ2x8MT-7A%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1035009
cf-polished: origFmt=png, origSize=65187
alt-svc: h3=":443"; ma=86400
content-length: 44710
cf-bgj: imgq:85,h2pri
last-modified: Tue, 17 Jan 2023 14:45:52 GMT
server: cloudflare
etag: "99941d3864a6d6ef01023c96e0475815"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JbsZBTXV3qtGUsdD4wcIGd7o07a6y5hW81j2hIiF%2BNmpN76MGzrtQMC%2FJ02NbgJlJ0vKwnvapVw2JMNs82HfVk01BhQ9%2BezoRIY2XR9r03KuaPkUW4CfvnXeuNXCX2Mko9p2AfTzFaG1dBA%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe84904e81d18c5-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H3 200 809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
assets.ad4m.at/ Frame 2A0C 699 KB
700 KB 29ms
28ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/809A17869665BC2442C85C79071F874D279E10AD5A86AE0D4E9E4675B3B2990B582EB8C5DC232E59854D169A2BAE7D6FD3BFE1D9A66864681803B10449FB6A8A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=34a4e2d8435f614a55848caf9b3f0904%2F7011083126979331671&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716175&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5r9tzc967ttzw53hrzdhd3cjy0xwtr9temkg6kxrk62va17dfdmxw7yxrgj8rjzg7c003h20hvzrj7b3wqkdx45k2w4dr71wk9zqtxpb26f5n6k6sp7fp7jtngtw8c1e407sffs4fjmftfzgm933646n19ay02fgrqb32c5ecvkw2cxzgfg2qh4rkn64b18ef6cyqm6ptb7pbh5d7k97dc8fxakj1drfryz48w1ap834wf7zrc8hvanvcs2md0rszvpvh4cx0k0x3160b0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnmXDa3PuZKv3AsG_iQbP24zAApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAkMw1AwpOrI-qAMByAMCqgTfAU_QreRdUiG4UX9FwAmI4A_RG-MbbhpRZLhys7Pv6qpbnA-opQN7hCcEXndNf1ZdWkZzMuREBcEToOsbma4OaqeD4JbbcY6iYRYw96i1FlvFLLG_zLQFE4KgBuhAUIdIOtZ_D_BVsdpupE-pRzY3FuGFcdlUBm909ehPLB9bf5BIFBySrbSTDThHCH67f2SSKlJpgrg34nn56AFKiruVks7_qo0XnXTDF80qTSvzvbS1PBWZEhuVdvFclfy5GZzpkmB9MWbElP3RLMvIe2hdpGKiIl9hqoUDyW-MeDXctVqABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1o6l6UCftJRnKTFMF1HJ2x8MT-7A%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4b8cd0d6d8c57ef39e1bb5cff8557261b3b2f640656680a72e421471032d841

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 181846
cf-polished: origFmt=png, origSize=1123807
alt-svc: h3=":443"; ma=86400
content-length: 716228
cf-bgj: imgq:85,h2pri
last-modified: Wed, 26 Jul 2023 14:19:55 GMT
server: cloudflare
etag: "5f84457cb2289c51e589af098eed3611"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=810kTD9EQ41geRkw5SucuqeTeDRoz0RCQsCRW07ClzBN7NOQeiRQgH%2BJlbvYhQz1cc%2B71e5%2BhTsPTZhnZk7IKwBi%2FartPqQ%2FjTqlUL%2B7VpGdQUPFBZoNj7TXNyXivhmKGICeDWv%2FwNoZqhDD"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe84905186b914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 2A0C
Redirect Chain

https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidV8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.conrad.de/ztpv.php?awc=11354_412871_1693348716_cac024d0-46bc-11ee-8502-226591661de6&insert=AW&&gdpr=0&gdpr_consent=

0
494 B

66ms
22ms

Image
text/html

2606:4700::6810:c0cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1693348716_cac024d0-46bc-11ee-8502-226591661de6&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=34a4e2d8435f614a55848caf9b3f0904%2F7011083126979331671&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716175&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5r9tzc967ttzw53hrzdhd3cjy0xwtr9temkg6kxrk62va17dfdmxw7yxrgj8rjzg7c003h20hvzrj7b3wqkdx45k2w4dr71wk9zqtxpb26f5n6k6sp7fp7jtngtw8c1e407sffs4fjmftfzgm933646n19ay02fgrqb32c5ecvkw2cxzgfg2qh4rkn64b18ef6cyqm6ptb7pbh5d7k97dc8fxakj1drfryz48w1ap834wf7zrc8hvanvcs2md0rszvpvh4cx0k0x3160b0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnmXDa3PuZKv3AsG_iQbP24zAApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAkMw1AwpOrI-qAMByAMCqgTfAU_QreRdUiG4UX9FwAmI4A_RG-MbbhpRZLhys7Pv6qpbnA-opQN7hCcEXndNf1ZdWkZzMuREBcEToOsbma4OaqeD4JbbcY6iYRYw96i1FlvFLLG_zLQFE4KgBuhAUIdIOtZ_D_BVsdpupE-pRzY3FuGFcdlUBm909ehPLB9bf5BIFBySrbSTDThHCH67f2SSKlJpgrg34nn56AFKiruVks7_qo0XnXTDF80qTSvzvbS1PBWZEhuVdvFclfy5GZzpkmB9MWbElP3RLMvIe2hdpGKiIl9hqoUDyW-MeDXctVqABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1o6l6UCftJRnKTFMF1HJ2x8MT-7A%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0

Protocol

Server

2606:4700::6810:c0cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
strict-transport-security: max-age=15552000
cf-ccp-worker: HTLPHandler-v1
server: cloudflare
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-cache
cf-ray: 7fe849067bd83a3d-FRA
content-length: 0
expires: -1

Redirect headers

Date: Tue, 29 Aug 2023 22:38:36 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1693348716_cac024d0-46bc-11ee-8502-226591661de6&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H3 200 D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 2A0C 53 KB
54 KB 21ms
19ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=34a4e2d8435f614a55848caf9b3f0904%2F7011083126979331671&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716175&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5r9tzc967ttzw53hrzdhd3cjy0xwtr9temkg6kxrk62va17dfdmxw7yxrgj8rjzg7c003h20hvzrj7b3wqkdx45k2w4dr71wk9zqtxpb26f5n6k6sp7fp7jtngtw8c1e407sffs4fjmftfzgm933646n19ay02fgrqb32c5ecvkw2cxzgfg2qh4rkn64b18ef6cyqm6ptb7pbh5d7k97dc8fxakj1drfryz48w1ap834wf7zrc8hvanvcs2md0rszvpvh4cx0k0x3160b0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnmXDa3PuZKv3AsG_iQbP24zAApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAkMw1AwpOrI-qAMByAMCqgTfAU_QreRdUiG4UX9FwAmI4A_RG-MbbhpRZLhys7Pv6qpbnA-opQN7hCcEXndNf1ZdWkZzMuREBcEToOsbma4OaqeD4JbbcY6iYRYw96i1FlvFLLG_zLQFE4KgBuhAUIdIOtZ_D_BVsdpupE-pRzY3FuGFcdlUBm909ehPLB9bf5BIFBySrbSTDThHCH67f2SSKlJpgrg34nn56AFKiruVks7_qo0XnXTDF80qTSvzvbS1PBWZEhuVdvFclfy5GZzpkmB9MWbElP3RLMvIe2hdpGKiIl9hqoUDyW-MeDXctVqABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1o6l6UCftJRnKTFMF1HJ2x8MT-7A%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 883673
cf-polished: origFmt=png, origSize=115129
alt-svc: h3=":443"; ma=86400
content-length: 54564
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:24 GMT
server: cloudflare
etag: "0a277d59efca0369a6983645e273659e"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xhKCRYpeHJFLyarM3hqZYxCL0tuQ%2FjKZRdyxQzHYRI4R%2FpGtJV%2FYeJ6BLcsRilUd21MfIGDi4TAB3Qj%2By8Elkd6yeQMf%2BJCTDlPVXsC%2FJrF%2F9LQdTmXistPEU1MGIk4hBzwC0KnEHGed%2FPS5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe84905186e914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H3 200 F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame 2A0C 23 KB
23 KB 22ms
20ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=34a4e2d8435f614a55848caf9b3f0904%2F7011083126979331671&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716175&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5r9tzc967ttzw53hrzdhd3cjy0xwtr9temkg6kxrk62va17dfdmxw7yxrgj8rjzg7c003h20hvzrj7b3wqkdx45k2w4dr71wk9zqtxpb26f5n6k6sp7fp7jtngtw8c1e407sffs4fjmftfzgm933646n19ay02fgrqb32c5ecvkw2cxzgfg2qh4rkn64b18ef6cyqm6ptb7pbh5d7k97dc8fxakj1drfryz48w1ap834wf7zrc8hvanvcs2md0rszvpvh4cx0k0x3160b0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnmXDa3PuZKv3AsG_iQbP24zAApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAkMw1AwpOrI-qAMByAMCqgTfAU_QreRdUiG4UX9FwAmI4A_RG-MbbhpRZLhys7Pv6qpbnA-opQN7hCcEXndNf1ZdWkZzMuREBcEToOsbma4OaqeD4JbbcY6iYRYw96i1FlvFLLG_zLQFE4KgBuhAUIdIOtZ_D_BVsdpupE-pRzY3FuGFcdlUBm909ehPLB9bf5BIFBySrbSTDThHCH67f2SSKlJpgrg34nn56AFKiruVks7_qo0XnXTDF80qTSvzvbS1PBWZEhuVdvFclfy5GZzpkmB9MWbElP3RLMvIe2hdpGKiIl9hqoUDyW-MeDXctVqABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1o6l6UCftJRnKTFMF1HJ2x8MT-7A%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 883469
cf-polished: qual=85, origFmt=jpeg, origSize=132437
alt-svc: h3=":443"; ma=86400
content-length: 23154
cf-bgj: imgq:85,h2pri
last-modified: Thu, 09 Dec 2021 17:51:23 GMT
server: cloudflare
etag: "c348b177953ac5720836c04e1a21673d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RF8kVoGmdY2KvWlToBx46irmBz3ECVP2PjsaXu9%2BNP5q22dYCCo9BzgmoSAVFL9ARo4TMC0qNXlUmoQJbx4MLhd1ZuXaWAQtjo5lMkc6COn272%2BYKROfIwFtQzfbROi%2BhPGglLv6GodUPXn5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe84905186f914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H/1.1

200
OK

/
partner.o2online.de/a/ Frame 2A0C
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CL635sX3goEDFeyR_QcdeiEJdg;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
https://www.telefonica-partner.de/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=120211V1226132702M&subid=viewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023083000383688402417875X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Ne...

49 B
1 KB

133ms
19ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023083000383688402417875X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023083000383688402417875X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=34a4e2d8435f614a55848caf9b3f0904%2F7011083126979331671&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716175&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5r9tzc967ttzw53hrzdhd3cjy0xwtr9temkg6kxrk62va17dfdmxw7yxrgj8rjzg7c003h20hvzrj7b3wqkdx45k2w4dr71wk9zqtxpb26f5n6k6sp7fp7jtngtw8c1e407sffs4fjmftfzgm933646n19ay02fgrqb32c5ecvkw2cxzgfg2qh4rkn64b18ef6cyqm6ptb7pbh5d7k97dc8fxakj1drfryz48w1ap834wf7zrc8hvanvcs2md0rszvpvh4cx0k0x3160b0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnmXDa3PuZKv3AsG_iQbP24zAApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAkMw1AwpOrI-qAMByAMCqgTfAU_QreRdUiG4UX9FwAmI4A_RG-MbbhpRZLhys7Pv6qpbnA-opQN7hCcEXndNf1ZdWkZzMuREBcEToOsbma4OaqeD4JbbcY6iYRYw96i1FlvFLLG_zLQFE4KgBuhAUIdIOtZ_D_BVsdpupE-pRzY3FuGFcdlUBm909ehPLB9bf5BIFBySrbSTDThHCH67f2SSKlJpgrg34nn56AFKiruVks7_qo0XnXTDF80qTSvzvbS1PBWZEhuVdvFclfy5GZzpkmB9MWbElP3RLMvIe2hdpGKiIl9hqoUDyW-MeDXctVqABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1o6l6UCftJRnKTFMF1HJ2x8MT-7A%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 22:38:36 GMT
X-NODEIP: 88.99.63.132
Server: nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=120211&s_id=2023083000383688402417875X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0&spid=2023083000383688402417875X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&partnerid=12218
date: Tue, 29 Aug 2023 22:38:36 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 2A0C 13 KB
14 KB 79ms
78ms Image
image/png 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=34a4e2d8435f614a55848caf9b3f0904%2F7011083126979331671&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716175&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5r9tzc967ttzw53hrzdhd3cjy0xwtr9temkg6kxrk62va17dfdmxw7yxrgj8rjzg7c003h20hvzrj7b3wqkdx45k2w4dr71wk9zqtxpb26f5n6k6sp7fp7jtngtw8c1e407sffs4fjmftfzgm933646n19ay02fgrqb32c5ecvkw2cxzgfg2qh4rkn64b18ef6cyqm6ptb7pbh5d7k97dc8fxakj1drfryz48w1ap834wf7zrc8hvanvcs2md0rszvpvh4cx0k0x3160b0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnmXDa3PuZKv3AsG_iQbP24zAApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAkMw1AwpOrI-qAMByAMCqgTfAU_QreRdUiG4UX9FwAmI4A_RG-MbbhpRZLhys7Pv6qpbnA-opQN7hCcEXndNf1ZdWkZzMuREBcEToOsbma4OaqeD4JbbcY6iYRYw96i1FlvFLLG_zLQFE4KgBuhAUIdIOtZ_D_BVsdpupE-pRzY3FuGFcdlUBm909ehPLB9bf5BIFBySrbSTDThHCH67f2SSKlJpgrg34nn56AFKiruVks7_qo0XnXTDF80qTSvzvbS1PBWZEhuVdvFclfy5GZzpkmB9MWbElP3RLMvIe2hdpGKiIl9hqoUDyW-MeDXctVqABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1o6l6UCftJRnKTFMF1HJ2x8MT-7A%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1304987
cf-polished: origSize=24833, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 13494
cf-bgj: imgq:85,h2pri
last-modified: Tue, 09 Feb 2021 15:11:57 GMT
server: cloudflare
etag: "174bb0dc35647e204b09aa120965604a"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LHCOnra4XnnLihTUyJ15TXvazJlQM4bFNzTYVLdUOUrkkd8hl4ELs4MLsuRZK5sOOQhVKdVW11L9XZ04hBhUN9WkG6YqLKWF9v%2Fm7CgL%2FxaoCMiJ%2FWeVdIJxdg78LKs4CAjD%2BPKomTA8lfZP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe849051871914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H3 200 BD296E86E998D91867132DA66ADF2A85F2CAF435EEB1621B3B7969B9EEA301A7B7C778E98190EE655C15B3F6F0886739D1832F3029FA7C86F597F5CA85554689
assets.ad4m.at/ Frame 2A0C 27 KB
27 KB 80ms
78ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/BD296E86E998D91867132DA66ADF2A85F2CAF435EEB1621B3B7969B9EEA301A7B7C778E98190EE655C15B3F6F0886739D1832F3029FA7C86F597F5CA85554689
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=34a4e2d8435f614a55848caf9b3f0904%2F7011083126979331671&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716175&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5r9tzc967ttzw53hrzdhd3cjy0xwtr9temkg6kxrk62va17dfdmxw7yxrgj8rjzg7c003h20hvzrj7b3wqkdx45k2w4dr71wk9zqtxpb26f5n6k6sp7fp7jtngtw8c1e407sffs4fjmftfzgm933646n19ay02fgrqb32c5ecvkw2cxzgfg2qh4rkn64b18ef6cyqm6ptb7pbh5d7k97dc8fxakj1drfryz48w1ap834wf7zrc8hvanvcs2md0rszvpvh4cx0k0x3160b0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnmXDa3PuZKv3AsG_iQbP24zAApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAkMw1AwpOrI-qAMByAMCqgTfAU_QreRdUiG4UX9FwAmI4A_RG-MbbhpRZLhys7Pv6qpbnA-opQN7hCcEXndNf1ZdWkZzMuREBcEToOsbma4OaqeD4JbbcY6iYRYw96i1FlvFLLG_zLQFE4KgBuhAUIdIOtZ_D_BVsdpupE-pRzY3FuGFcdlUBm909ehPLB9bf5BIFBySrbSTDThHCH67f2SSKlJpgrg34nn56AFKiruVks7_qo0XnXTDF80qTSvzvbS1PBWZEhuVdvFclfy5GZzpkmB9MWbElP3RLMvIe2hdpGKiIl9hqoUDyW-MeDXctVqABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1o6l6UCftJRnKTFMF1HJ2x8MT-7A%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b1f6750b46c0fd1393db6e6f571ef836a29fd11b2d6e9c32e65b784e3b06ea5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1674429
cf-polished: qual=85, origFmt=jpeg, origSize=123474
alt-svc: h3=":443"; ma=86400
content-length: 27302
cf-bgj: imgq:85,h2pri
last-modified: Mon, 10 Jul 2023 13:35:21 GMT
server: cloudflare
etag: "b2c66965c0cae09bbfaa712aade417a6"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qyVNMcFcCzSF4KCi5rBQUyuq22wCCPedTim6OdBCeE3lGb6InIQCa610FE2x7oDp9uF1lptgpPw53Cm117QDh2fRfEJotAi%2B1cP9ekbLSP2S8gxMgIFy2%2Bj%2FWPodmSt1g8%2BufcxVO7L330SM"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe849051872914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H/1.1

200
OK

/
partner.blau.de/a/ Frame 2A0C
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed...
https://ad.doubleclick.net/ddm/trackimp/N773418.3163536BLAU_AFFILIATE/B25532621.345088000;dc_pre=CIu45sX3goEDFXif_QcdBVQGcw;dc_trk_aid=536454876;dc_trk_cid=177082088;ord=%7B%7Btimestamp%7D%7D;dc_la...
https://www.telefonica-partner.de/tpv.php?t=117663V1225131106M&subid=viewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.lead-alliance.net/tpv.php?t=117663V1225131106M&subid=viewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023083000383688402417873X117663V1225131106MSviewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Net...

49 B
1 KB

84ms
22ms

Image
image/gif

167.233.13.224
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023083000383688402417873X117663V1225131106MSviewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C23576%2C197100&b=V8Xuwfr7H1zMSVHbHAtRtE9bhkTzT46hQ%2CYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHr%2C1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhA&f=m8ruefe8CweqsmHZHZtQCJGjTDTwT6rHA%2CqDRUmfD7H757CZHgHDtRCXXxaPTgTVZF3%2CwDgUdfpXcQeAkhEHRH2tEC44JfKTATKbC5&c=300&d=250&e=&g=34a4e2d8435f614a55848caf9b3f0904%2F7011083126979331671&i=21596%2C20774%2C20773&j=16%2C14%2C14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716175&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1k5r9tzc967ttzw53hrzdhd3cjy0xwtr9temkg6kxrk62va17dfdmxw7yxrgj8rjzg7c003h20hvzrj7b3wqkdx45k2w4dr71wk9zqtxpb26f5n6k6sp7fp7jtngtw8c1e407sffs4fjmftfzgm933646n19ay02fgrqb32c5ecvkw2cxzgfg2qh4rkn64b18ef6cyqm6ptb7pbh5d7k97dc8fxakj1drfryz48w1ap834wf7zrc8hvanvcs2md0rszvpvh4cx0k0x3160b0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCnmXDa3PuZKv3AsG_iQbP24zAApDhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTE5ODMwNDI2NzQ5Nzk0NjLIAQmpAkMw1AwpOrI-qAMByAMCqgTfAU_QreRdUiG4UX9FwAmI4A_RG-MbbhpRZLhys7Pv6qpbnA-opQN7hCcEXndNf1ZdWkZzMuREBcEToOsbma4OaqeD4JbbcY6iYRYw96i1FlvFLLG_zLQFE4KgBuhAUIdIOtZ_D_BVsdpupE-pRzY3FuGFcdlUBm909ehPLB9bf5BIFBySrbSTDThHCH67f2SSKlJpgrg34nn56AFKiruVks7_qo0XnXTDF80qTSvzvbS1PBWZEhuVdvFclfy5GZzpkmB9MWbElP3RLMvIe2hdpGKiIl9hqoUDyW-MeDXctVqABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1o6l6UCftJRnKTFMF1HJ2x8MT-7A%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 167.233.13.224 Hallbergmoos, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.224.13.233.167.clients.your-server.de
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Tue, 29 Aug 2023 22:38:36 GMT
X-NODEIP: 78.46.85.162
Server: nginx/1.14.0 (Ubuntu)
RM-PrivacyPolicy: https://www.nonstoppartner.net/
Content-Type: image/gif
P3P: policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection: keep-alive
Keep-Alive: timeout=10
Content-Length: 49

Redirect headers

location: https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=117663&s_id=2023083000383688402417873X117663V1225131106MSviewoneid1YRCbf7QT4QBAc9HdH9tAt22XcRTKTXEhAoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&cons=0
date: Tue, 29 Aug 2023 22:38:36 GMT
x-content-type-options: nosniff
server: nginx
x-xss-protection: 1; mode=block
content-type: text/html; charset=UTF-8

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 645E 114 KB
14 KB 57ms
56ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=0f5353630d99926386544de5206d8a28%2F4081905152126680695&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716221&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq9gbpfs27a7pf7pcxq8tf18bw1cbp230wh6hjkcq09w5g52as8zzanb7xh6vh17emwn6j85gdh9j7pzh1j21chwc0fhx3e4jzjmze006thzmd445hcpez3vn3hxqx3s19w4vw5vmkkhy7jg57m53j6r3tyss334n9jq8c357m0revv9xqzz5w1f1x6jpg9t86ca69hxxdakjt4pjgv0y45crqnx94r9zjxy9s2t10bdjjyhtr96dnxfc5zwjcys1z396wkt9h2f4f9kffg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuT1ra3PuZPWpCNWI-cAP2vCToAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3gFP0DQmdCM2ZUlm2ERh7WYrD7lgiE3OYwNXyi41h9cd3E2pMTiYysBTo3i_pv0g92bNIAF5owKZsdnoYlohKlYGNDTl6GjZRM1n3En3VutujhibdwkCz8RdEtIwIzbXwhmETNM1BoPV6TJzZ5cK4w9FhTE8Mkvj0mwn5ljgFxwCdrzWYEjyqSzag6tnxmMVhoDpueNhwhsxNbZsCfQWIT8Q183748XqpU2h5hGqrYCq2dO1AE8exKvNk7slIdEu8EeHMXiff4QeJ14uosC7wP-qXdVp8jYMSpdTTSCsZIiABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ESmalc1dOrVwX_rwKIqaL4aMlDw%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=0f5353630d99926386544de5206d8a28%2F4081905152126680695&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716221&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq9gbpfs27a7pf7pcxq8tf18bw1cbp230wh6hjkcq09w5g52as8zzanb7xh6vh17emwn6j85gdh9j7pzh1j21chwc0fhx3e4jzjmze006thzmd445hcpez3vn3hxqx3s19w4vw5vmkkhy7jg57m53j6r3tyss334n9jq8c357m0revv9xqzz5w1f1x6jpg9t86ca69hxxdakjt4pjgv0y45crqnx94r9zjxy9s2t10bdjjyhtr96dnxfc5zwjcys1z396wkt9h2f4f9kffg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuT1ra3PuZPWpCNWI-cAP2vCToAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3gFP0DQmdCM2ZUlm2ERh7WYrD7lgiE3OYwNXyi41h9cd3E2pMTiYysBTo3i_pv0g92bNIAF5owKZsdnoYlohKlYGNDTl6GjZRM1n3En3VutujhibdwkCz8RdEtIwIzbXwhmETNM1BoPV6TJzZ5cK4w9FhTE8Mkvj0mwn5ljgFxwCdrzWYEjyqSzag6tnxmMVhoDpueNhwhsxNbZsCfQWIT8Q183748XqpU2h5hGqrYCq2dO1AE8exKvNk7slIdEu8EeHMXiff4QeJ14uosC7wP-qXdVp8jYMSpdTTSCsZIiABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ESmalc1dOrVwX_rwKIqaL4aMlDw%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 559526
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLXPwkTcFBbL%2BVqbChU2oi3VlSFVAzMa9wZIq8yVFouuBCCHFbuqfHaqZXxEo6vPCbY1rRYdK3gz6dHLzWWQKvqKwkCFxWd3yuGaqYmTLqnATxXgVVdOl4qtXbh%2Fi5NXts3pKCzlYn0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7fe849053883914c-FRA
expires: Tue, 29 Aug 2023 23:38:36 GMT

GET
H3 200 63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
assets.ad4m.at/logo/ Frame 645E 8 KB
8 KB 59ms
58ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=0f5353630d99926386544de5206d8a28%2F4081905152126680695&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716221&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq9gbpfs27a7pf7pcxq8tf18bw1cbp230wh6hjkcq09w5g52as8zzanb7xh6vh17emwn6j85gdh9j7pzh1j21chwc0fhx3e4jzjmze006thzmd445hcpez3vn3hxqx3s19w4vw5vmkkhy7jg57m53j6r3tyss334n9jq8c357m0revv9xqzz5w1f1x6jpg9t86ca69hxxdakjt4pjgv0y45crqnx94r9zjxy9s2t10bdjjyhtr96dnxfc5zwjcys1z396wkt9h2f4f9kffg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuT1ra3PuZPWpCNWI-cAP2vCToAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3gFP0DQmdCM2ZUlm2ERh7WYrD7lgiE3OYwNXyi41h9cd3E2pMTiYysBTo3i_pv0g92bNIAF5owKZsdnoYlohKlYGNDTl6GjZRM1n3En3VutujhibdwkCz8RdEtIwIzbXwhmETNM1BoPV6TJzZ5cK4w9FhTE8Mkvj0mwn5ljgFxwCdrzWYEjyqSzag6tnxmMVhoDpueNhwhsxNbZsCfQWIT8Q183748XqpU2h5hGqrYCq2dO1AE8exKvNk7slIdEu8EeHMXiff4QeJ14uosC7wP-qXdVp8jYMSpdTTSCsZIiABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ESmalc1dOrVwX_rwKIqaL4aMlDw%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15cc42ec2a3a08dc0566d2f71a13e462fa764a4390c7d96870b71fd2cf6ff513

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1301241
cf-polished: origFmt=png, origSize=12956
alt-svc: h3=":443"; ma=86400
content-length: 7692
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 14:32:10 GMT
server: cloudflare
etag: "c6c297b07f296b60586b8613b6e9b5cd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mFnweyLVrfJ9lMCtJakTM3EGtQH9QCGEPH6kll0zaMjLIN5I0w7UJT15yHhzCTtP2VLakvGgJATP82YSw9t%2FG5TIX%2B2BlWm%2B4%2FmGh4vDIdn%2BG7yb1VwnEjFQnvjMvFUTZI%2BFWy%2BME8OWAqFH"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe849053884914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H3 200 A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
assets.ad4m.at/product_image/ Frame 645E 422 KB
423 KB 32ms
31ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=0f5353630d99926386544de5206d8a28%2F4081905152126680695&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716221&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq9gbpfs27a7pf7pcxq8tf18bw1cbp230wh6hjkcq09w5g52as8zzanb7xh6vh17emwn6j85gdh9j7pzh1j21chwc0fhx3e4jzjmze006thzmd445hcpez3vn3hxqx3s19w4vw5vmkkhy7jg57m53j6r3tyss334n9jq8c357m0revv9xqzz5w1f1x6jpg9t86ca69hxxdakjt4pjgv0y45crqnx94r9zjxy9s2t10bdjjyhtr96dnxfc5zwjcys1z396wkt9h2f4f9kffg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuT1ra3PuZPWpCNWI-cAP2vCToAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3gFP0DQmdCM2ZUlm2ERh7WYrD7lgiE3OYwNXyi41h9cd3E2pMTiYysBTo3i_pv0g92bNIAF5owKZsdnoYlohKlYGNDTl6GjZRM1n3En3VutujhibdwkCz8RdEtIwIzbXwhmETNM1BoPV6TJzZ5cK4w9FhTE8Mkvj0mwn5ljgFxwCdrzWYEjyqSzag6tnxmMVhoDpueNhwhsxNbZsCfQWIT8Q183748XqpU2h5hGqrYCq2dO1AE8exKvNk7slIdEu8EeHMXiff4QeJ14uosC7wP-qXdVp8jYMSpdTTSCsZIiABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ESmalc1dOrVwX_rwKIqaL4aMlDw%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d2cf79989a25b94d2694569e8a8372c34b3cfac8caf3f7c2ae6d97f7e9d02ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2627767
cf-polished: origFmt=png, origSize=632572
alt-svc: h3=":443"; ma=86400
content-length: 432334
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Dec 2021 17:30:00 GMT
server: cloudflare
etag: "ee529fd62e145fb264303add5fb5a944"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WHAFY5pxct%2FF2ZU96qJ7nVEYrfCQwv6UQgYrGFuFsYqOshkK0zVqX36iarFm5zaffa0AxH8eftFjrnutS%2FJDxKWL0A6flLOQWtzacho1rPXuvgQ5AWJHNxhfT05ACkr3CzuYp2ARFZys6cpR"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe8490558a7914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H3 200 FA9CA61D935C6BA276FF1B68950E437BC73C30EA8D07ABE832EB8EA5FFA419B5E11866E12FA023D2F3B7997F4D87D4003B3997C78782581A74229E6184C72441
assets.ad4m.at/logo/ Frame 645E 9 KB
9 KB 55ms
54ms Image
image/png 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/FA9CA61D935C6BA276FF1B68950E437BC73C30EA8D07ABE832EB8EA5FFA419B5E11866E12FA023D2F3B7997F4D87D4003B3997C78782581A74229E6184C72441
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=0f5353630d99926386544de5206d8a28%2F4081905152126680695&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716221&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq9gbpfs27a7pf7pcxq8tf18bw1cbp230wh6hjkcq09w5g52as8zzanb7xh6vh17emwn6j85gdh9j7pzh1j21chwc0fhx3e4jzjmze006thzmd445hcpez3vn3hxqx3s19w4vw5vmkkhy7jg57m53j6r3tyss334n9jq8c357m0revv9xqzz5w1f1x6jpg9t86ca69hxxdakjt4pjgv0y45crqnx94r9zjxy9s2t10bdjjyhtr96dnxfc5zwjcys1z396wkt9h2f4f9kffg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuT1ra3PuZPWpCNWI-cAP2vCToAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3gFP0DQmdCM2ZUlm2ERh7WYrD7lgiE3OYwNXyi41h9cd3E2pMTiYysBTo3i_pv0g92bNIAF5owKZsdnoYlohKlYGNDTl6GjZRM1n3En3VutujhibdwkCz8RdEtIwIzbXwhmETNM1BoPV6TJzZ5cK4w9FhTE8Mkvj0mwn5ljgFxwCdrzWYEjyqSzag6tnxmMVhoDpueNhwhsxNbZsCfQWIT8Q183748XqpU2h5hGqrYCq2dO1AE8exKvNk7slIdEu8EeHMXiff4QeJ14uosC7wP-qXdVp8jYMSpdTTSCsZIiABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ESmalc1dOrVwX_rwKIqaL4aMlDw%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6812a4b6f30e6c3cb730dd4cfe01d6c67f680b6c3fb5b294ed89db790e83e759

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1470262
cf-polished: origSize=16818, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 8787
cf-bgj: imgq:85,h2pri
last-modified: Tue, 15 Nov 2022 09:39:25 GMT
server: cloudflare
etag: "2388a7cd4d7ec3867d9c101735f80455"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4%2BRu63VuoroohYgXkxIcUrVz9Vz6k8sni2U9%2BatRdYnZczDHdWKf61OWKA2qAZIE%2B13GPBYOCvOGEuGJoLAcxv65Y7EUm%2BOLD7KHjGZNZYcQVb53l4W7xEWF0XfNNSIF5gOni97USVyCQBJ"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe8490558a9914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H3 200 8C8CE920AF3FF4A351EB0C8FDC38B7F930EFEED9A456A2A2D5CEC9953E0EF4F1624567D9BC2A24DFA064026D90D0B0375FE4E1EBBF728876ABF1A216C8E94E07
assets.ad4m.at/product_image/ Frame 645E 123 KB
124 KB 55ms
54ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/8C8CE920AF3FF4A351EB0C8FDC38B7F930EFEED9A456A2A2D5CEC9953E0EF4F1624567D9BC2A24DFA064026D90D0B0375FE4E1EBBF728876ABF1A216C8E94E07
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=0f5353630d99926386544de5206d8a28%2F4081905152126680695&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716221&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq9gbpfs27a7pf7pcxq8tf18bw1cbp230wh6hjkcq09w5g52as8zzanb7xh6vh17emwn6j85gdh9j7pzh1j21chwc0fhx3e4jzjmze006thzmd445hcpez3vn3hxqx3s19w4vw5vmkkhy7jg57m53j6r3tyss334n9jq8c357m0revv9xqzz5w1f1x6jpg9t86ca69hxxdakjt4pjgv0y45crqnx94r9zjxy9s2t10bdjjyhtr96dnxfc5zwjcys1z396wkt9h2f4f9kffg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuT1ra3PuZPWpCNWI-cAP2vCToAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3gFP0DQmdCM2ZUlm2ERh7WYrD7lgiE3OYwNXyi41h9cd3E2pMTiYysBTo3i_pv0g92bNIAF5owKZsdnoYlohKlYGNDTl6GjZRM1n3En3VutujhibdwkCz8RdEtIwIzbXwhmETNM1BoPV6TJzZ5cK4w9FhTE8Mkvj0mwn5ljgFxwCdrzWYEjyqSzag6tnxmMVhoDpueNhwhsxNbZsCfQWIT8Q183748XqpU2h5hGqrYCq2dO1AE8exKvNk7slIdEu8EeHMXiff4QeJ14uosC7wP-qXdVp8jYMSpdTTSCsZIiABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ESmalc1dOrVwX_rwKIqaL4aMlDw%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3101f75821bd640ea6a402a7fc91ce796a14c3301dae27977ef7e498493d2478

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2586448
cf-polished: origFmt=png, origSize=229500
alt-svc: h3=":443"; ma=86400
content-length: 126008
cf-bgj: imgq:85,h2pri
last-modified: Mon, 23 Jan 2023 13:55:21 GMT
server: cloudflare
etag: "7dad6cefef5a2fec617572bd0b300847"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JoxMvig7yBrufJj6Kvr7tXm%2BwsbrV3%2Fprt8AAFSwtGsNS4az6MYFEXc5QT385h3ha0%2B6L7tOZQ0A53wvyUC%2F%2FfeRJYnKUWKLn8ot6lypbrzcxkK%2FoDcVgxIzPCKbWmzN1DNNG5MmQVToJMhm"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe8490558ab914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H3 200 63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
assets.ad4m.at/logo/ Frame 645E 6 KB
7 KB 58ms
56ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=0f5353630d99926386544de5206d8a28%2F4081905152126680695&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716221&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq9gbpfs27a7pf7pcxq8tf18bw1cbp230wh6hjkcq09w5g52as8zzanb7xh6vh17emwn6j85gdh9j7pzh1j21chwc0fhx3e4jzjmze006thzmd445hcpez3vn3hxqx3s19w4vw5vmkkhy7jg57m53j6r3tyss334n9jq8c357m0revv9xqzz5w1f1x6jpg9t86ca69hxxdakjt4pjgv0y45crqnx94r9zjxy9s2t10bdjjyhtr96dnxfc5zwjcys1z396wkt9h2f4f9kffg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuT1ra3PuZPWpCNWI-cAP2vCToAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3gFP0DQmdCM2ZUlm2ERh7WYrD7lgiE3OYwNXyi41h9cd3E2pMTiYysBTo3i_pv0g92bNIAF5owKZsdnoYlohKlYGNDTl6GjZRM1n3En3VutujhibdwkCz8RdEtIwIzbXwhmETNM1BoPV6TJzZ5cK4w9FhTE8Mkvj0mwn5ljgFxwCdrzWYEjyqSzag6tnxmMVhoDpueNhwhsxNbZsCfQWIT8Q183748XqpU2h5hGqrYCq2dO1AE8exKvNk7slIdEu8EeHMXiff4QeJ14uosC7wP-qXdVp8jYMSpdTTSCsZIiABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ESmalc1dOrVwX_rwKIqaL4aMlDw%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e992acf8af7de27497c44cca7f3758d64d10946bebd1b17319287c0d8f83b29c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2603618
cf-polished: origFmt=png, origSize=15890
alt-svc: h3=":443"; ma=86400
content-length: 6208
cf-bgj: imgq:85,h2pri
last-modified: Thu, 16 Jul 2020 06:05:30 GMT
server: cloudflare
etag: "be722651a81e6407bdfd83394a59e232"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGPCNrIVteTbtvyKbkhRCpMVz6CtMQSbl4%2FXTANxKFw6mGGaIq0dkgPbI71g1ifNeCYMnutCi1kELCfH%2BlGB82wnb1eUZJTJ2S6OKIL%2F5q9S%2BnVFf3YFj0J9anXTTI0gKgYFriOzw4JObNe0"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe8490558ad914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H3 200 1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
assets.ad4m.at/product_image/ Frame 645E 9 KB
9 KB 59ms
58ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=0f5353630d99926386544de5206d8a28%2F4081905152126680695&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716221&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq9gbpfs27a7pf7pcxq8tf18bw1cbp230wh6hjkcq09w5g52as8zzanb7xh6vh17emwn6j85gdh9j7pzh1j21chwc0fhx3e4jzjmze006thzmd445hcpez3vn3hxqx3s19w4vw5vmkkhy7jg57m53j6r3tyss334n9jq8c357m0revv9xqzz5w1f1x6jpg9t86ca69hxxdakjt4pjgv0y45crqnx94r9zjxy9s2t10bdjjyhtr96dnxfc5zwjcys1z396wkt9h2f4f9kffg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuT1ra3PuZPWpCNWI-cAP2vCToAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3gFP0DQmdCM2ZUlm2ERh7WYrD7lgiE3OYwNXyi41h9cd3E2pMTiYysBTo3i_pv0g92bNIAF5owKZsdnoYlohKlYGNDTl6GjZRM1n3En3VutujhibdwkCz8RdEtIwIzbXwhmETNM1BoPV6TJzZ5cK4w9FhTE8Mkvj0mwn5ljgFxwCdrzWYEjyqSzag6tnxmMVhoDpueNhwhsxNbZsCfQWIT8Q183748XqpU2h5hGqrYCq2dO1AE8exKvNk7slIdEu8EeHMXiff4QeJ14uosC7wP-qXdVp8jYMSpdTTSCsZIiABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ESmalc1dOrVwX_rwKIqaL4aMlDw%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 028565858aca93c3b487996eb5af450fa2671990023c0a38f485a16513d26013

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2043551
cf-polished: qual=85, origFmt=jpeg, origSize=25987
alt-svc: h3=":443"; ma=86400
content-length: 8886
cf-bgj: imgq:85,h2pri
last-modified: Thu, 17 Dec 2020 12:29:34 GMT
server: cloudflare
etag: "d40ef49dd0a29ca0e7601d1b405d4d78"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R3jxW632FDo1fG322bB2z4w8X7itdusr5CeMroDp71%2FwVPFTrhwcsPxEMF%2FphmFqevr7uRb4HtN2K7XUSJfCw3n7feXr%2BklfY9oK5JBPx5RP%2Baffd0b%2F%2FGz2uCe8jXhVPnxVdWjJdLH1I6WX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe8490558af914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 645E 43 B
702 B 220ms
177ms Image
image/gif 104.64.118.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2629118&v=19228&q=388274&r=412871&pv=1&pref3=oneid2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcgoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=0f5353630d99926386544de5206d8a28%2F4081905152126680695&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716221&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq9gbpfs27a7pf7pcxq8tf18bw1cbp230wh6hjkcq09w5g52as8zzanb7xh6vh17emwn6j85gdh9j7pzh1j21chwc0fhx3e4jzjmze006thzmd445hcpez3vn3hxqx3s19w4vw5vmkkhy7jg57m53j6r3tyss334n9jq8c357m0revv9xqzz5w1f1x6jpg9t86ca69hxxdakjt4pjgv0y45crqnx94r9zjxy9s2t10bdjjyhtr96dnxfc5zwjcys1z396wkt9h2f4f9kffg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuT1ra3PuZPWpCNWI-cAP2vCToAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3gFP0DQmdCM2ZUlm2ERh7WYrD7lgiE3OYwNXyi41h9cd3E2pMTiYysBTo3i_pv0g92bNIAF5owKZsdnoYlohKlYGNDTl6GjZRM1n3En3VutujhibdwkCz8RdEtIwIzbXwhmETNM1BoPV6TJzZ5cK4w9FhTE8Mkvj0mwn5ljgFxwCdrzWYEjyqSzag6tnxmMVhoDpueNhwhsxNbZsCfQWIT8Q183748XqpU2h5hGqrYCq2dO1AE8exKvNk7slIdEu8EeHMXiff4QeJ14uosC7wP-qXdVp8jYMSpdTTSCsZIiABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ESmalc1dOrVwX_rwKIqaL4aMlDw%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-118-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 22:38:36 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 9F12 12 KB
5 KB 69ms
69ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=cc9a572ced426c513075b78f58d4cab0%2F10985148051160379145&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716274&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kacxyv5nsc00e1ndha0tfn4rknpqpv5nkg3nahqnvp0pmwdvs3f20qmza3sj4ge161m27ac7a64rfp56hvwyqs3wx3mhyass9pdts5wx7v80m970mzj1kdhddj5j51apqvk7s7bks9f2hbfxag6t9ht8f8n5mqbv02gm3v35xa46qyjn2dhres76bbj39dn71gya6bm0rg66hnh8c5cmn42d3z7e7v3dzhmmyts3kdzx7n5fngvr3za4nxb0eb1dc52kxa76vhnafa23bj0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX0bza3PuZITiBd_C7_UPiLW40AOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0BhiQUyYHXsMU1j-WWRdHkIrizi_jAgXIJP6xwQ6TQqEd8FX0lbkNoJoqX1lIupWcTnl8aC4T29zqRNpltJzLKXUahpYkk3jRLwdFjjNlYpfYkpyaKUcWo_oUsI8i0Fu5ZNoqtZVZfbpMIqhDAW_UK_Kj8L8-mdchn3eO1B63QKXF89T4qH0hvKHsYHONlCNQkCwxQd6azTjFEjHJ0c8M1EtLWJLGuRLcDyrCPmuR9HOF68EcoOFW0vFkCqm62LVEIxaFvSzXbEZb0idnacdhAIPWsQTyLHvkoKYXpekgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZnbQiymMXsTJwgcJAxwP0EgBLiQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3040f08e08f34fe75c925eb3b2f85fb62b27d374deba100b3ec4eb8ae8b92a3d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1j4rmgzn4wmb869fz3cz6he081fhztatzqws4m6t53x3qp9gd4px31bcywfhzzay5s1690acftmgwvrhn79495jtwhtka7v2xcb8f6pzwhq1yhmm7medcsxnncscyp0ktnfv6awkcswcz31qy3w307sw6td57z4c88gh136f76vwwnbc46f1c6mfjam2ch20gdqwt5d13y0p5tfpf3zbacbnngcqg41rn4h8snhm0nh6nxft3erfz35p97kzg7ncev7804k02pdax1pz9e1afnq748v9a6d72tw5bjak44qsb001502jvkes4zzbejj6wxq199h8ec9dj06wph5z5ampkw4pvg3w4k446cb2wb6mebbtacbrk5nt6ekdvmgspz8hzfhj6vnjrvwqjttrd1t8qfa6dh4kq7khydj0epq3ms89b1q3m&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCX0bza3PuZITiBd_C7_UPiLW40AOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0BhiQUyYHXsMU1j-WWRdHkIrizi_jAgXIJP6xwQ6TQqEd8FX0lbkNoJoqX1lIupWcTnl8aC4T29zqRNpltJzLKXUahpYkk3jRLwdFjjNlYpfYkpyaKUcWo_oUsI8i0Fu5ZNoqtZVZfbpMIqhDAW_UK_Kj8L8-mdchn3eO1B63QKXF89T4qH0hvKHsYHONlCNQkCwxQd6azTjFEjHJ0c8M1EtLWJLGuRLcDyrCPmuR9HOF68EcoOFW0vFkCqm62LVEIxaFvSzXbEZb0idnacdhAIPWsQTyLHvkoKYXpekgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1ZnbQiymMXsTJwgcJAxwP0EgBLiQ%26client%3Dca-pub-1983042674979462%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fe8490568bb914c-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:36 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame FB8A 12 KB
5 KB 56ms
55ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=183975%2C24723%2C305597&b=j83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9%2C2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9&f=xDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA%2C4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA&c=300&d=250&e=&g=10a743ff29d1f3909e97739b1ab69973%2F887098673830650361&i=20597%2C22473%2C83339&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716290&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfjb1da8xmmdst5tm9qgxccyraggqhq0afn17ex4zk26w8ab1y243q2m327ar1dr9fxvjmc9mvbe0z8cnpywyv3zf57zggt9ff59yj9dash4wgwd9dtwpbcsf94aqkgthj0k2nthge7x5ytax8pe36nr1f4c61ac4wqnba8gfbqctn0c712f71dcsjpcpx9s57b9qxzqkass2chexzmt4bj3f104kg0skbbt55ddvcja9avrt0a1my59k2hne34hcrt308pkpvq5tve1ya0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDzea3PuZI7gCp-YxdwP2-an0AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0IR8I2Q-Z8MyTwW55mx7cPUmWcnlZZPirvQUMDTD3tPGUz6_GA1nlmVZiNndbVLlnRurvlzGnDLyNGIHkGwrOEUVzcHVF0fQqQAa6AztGkVKAk4t3PLsQ30ymfpjc-Uiz_zDVEHsqgQ4zeNRbEQIFK4JdOqdFwCB9E_A-Khkbx8VThM6iXK61u4vJpwIwBL0HIB51Y3L3X9C27qsTOvmBOd3BjjESPLZBhI8CgF6xvNNh30tMF2EhfMNz8MCEGlv06JlA3ae079r5ROupdYFDPNxdyaVCmt8txf-WVRQgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F8qu1S6wIX00PXxQ27p5QNX3tTg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a623b36160eec683995e0ba001f6fea1e614d561ce98cc7a9ef27ce747b3ebd3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src ;connect-src https:;default-src 'self';font-src ;form-action 'none';frame-src ;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src 'unsafe-inline'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1gavbacjakkvr7pafnbr78zwpjeda4b1x0hgbscc87rfkctvmp95t0m1467vjh12xdx4xnz00ftbrxf143mxfa6tq51kfzt8pp4nt7hevmbs62t51mh271mdd4abd7f2d7jdwemb51jsjk64q5m2qfp7r1437scatnwyh4y2vx2vg0kas0kcxt2wfcjr1z2p9n57v8c0myt0b6nfyhdfhyr228f88mhxb49ba3q0rzbyszz8h0xjz397y8nb6d1x72b5s0bxe5h2yh0q41t1jtz5mvc3zcgjfkp5prcpdrd46b2rxyamk7qdb8jxmta76thww7xw0akdzc4zjqw4d2b7mrakxcbz3t9vct8t59zbryfwz91x5m31cgnpmncjq6vjd1dtxp8wd9xrxmt8qwwmk6pbc8z7qrzc3gs796dndcnvwg9ce&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLDzea3PuZI7gCp-YxdwP2-an0AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0IR8I2Q-Z8MyTwW55mx7cPUmWcnlZZPirvQUMDTD3tPGUz6_GA1nlmVZiNndbVLlnRurvlzGnDLyNGIHkGwrOEUVzcHVF0fQqQAa6AztGkVKAk4t3PLsQ30ymfpjc-Uiz_zDVEHsqgQ4zeNRbEQIFK4JdOqdFwCB9E_A-Khkbx8VThM6iXK61u4vJpwIwBL0HIB51Y3L3X9C27qsTOvmBOd3BjjESPLZBhI8CgF6xvNNh30tMF2EhfMNz8MCEGlv06JlA3ae079r5ROupdYFDPNxdyaVCmt8txf-WVRQgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3F8qu1S6wIX00PXxQ27p5QNX3tTg%26client%3Dca-pub-1983042674979462%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7fe8490568b7914c-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri https:;child-src *;connect-src https:;default-src 'self';font-src *;form-action 'none';frame-src *;img-src https: data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src https: 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 29 Aug 2023 22:38:36 GMT
expires: 0
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
permissions-policy: accelerometer=(),autoplay=(self),camera=(),display-capture=(),encrypted-media=(self),fullscreen=(),gamepad=(),geolocation=(),gyroscope=(),hid=(),identity-credentials-get=(),idle-detection=*,local-fonts=*,magnetometer=(),microphone=(),midi=(),otp-credentials=(),payment=(),picture-in-picture=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=(),web-share=*,xr-spatial-tracking=()
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H2 429 link.html
track.webgains.com/ Frame 645E 0
0 123ms
27ms Script
text/html 3.10.47.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kzf3n0yrhd7nw96m6wanxj2rdq4dw5m2wscbv701e5jcr01j339wcxzrtdfpyse1t0egn1esqkmsgejaqkbssnbpxnkekzff80bhpjtg75d77x1jckem516tz7tjvmtqd2gm6r1ah3x630tgn88bh4523dzx57s48y9z59271wkdpycaerkatde0g7z08fmvpxzn1kxx4wkak4gz9420x7knjx51gs0wvkh2p941zb93c4mbhf6jmxdc373er6010v0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gq9gbpfs27a7pf7pcxq8tf18bw1cbp230wh6hjkcq09w5g52as8zzanb7xh6vh17emwn6j85gdh9j7pzh1j21chwc0fhx3e4jzjmze006thzmd445hcpez3vn3hxqx3s19w4vw5vmkkhy7jg57m53j6r3tyss334n9jq8c357m0revv9xqzz5w1f1x6jpg9t86ca69hxxdakjt4pjgv0y45crqnx94r9zjxy9s2t10bdjjyhtr96dnxfc5zwjcys1z396wkt9h2f4f9kffg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCuT1ra3PuZPWpCNWI-cAP2vCToAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3gFP0DQmdCM2ZUlm2ERh7WYrD7lgiE3OYwNXyi41h9cd3E2pMTiYysBTo3i_pv0g92bNIAF5owKZsdnoYlohKlYGNDTl6GjZRM1n3En3VutujhibdwkCz8RdEtIwIzbXwhmETNM1BoPV6TJzZ5cK4w9FhTE8Mkvj0mwn5ljgFxwCdrzWYEjyqSzag6tnxmMVhoDpueNhwhsxNbZsCfQWIT8Q183748XqpU2h5hGqrYCq2dO1AE8exKvNk7slIdEu8EeHMXiff4QeJ14uosC7wP-qXdVp8jYMSpdTTSCsZIiABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1ESmalc1dOrVwX_rwKIqaL4aMlDw%252526client%25253Dca-pub-1983042674979462%252526adurl%25253D&clickref=oneidApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9oneid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7oneid__suite_Netmix_Reach13_BlackFridayPush
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=0f5353630d99926386544de5206d8a28%2F4081905152126680695&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716221&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq9gbpfs27a7pf7pcxq8tf18bw1cbp230wh6hjkcq09w5g52as8zzanb7xh6vh17emwn6j85gdh9j7pzh1j21chwc0fhx3e4jzjmze006thzmd445hcpez3vn3hxqx3s19w4vw5vmkkhy7jg57m53j6r3tyss334n9jq8c357m0revv9xqzz5w1f1x6jpg9t86ca69hxxdakjt4pjgv0y45crqnx94r9zjxy9s2t10bdjjyhtr96dnxfc5zwjcys1z396wkt9h2f4f9kffg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuT1ra3PuZPWpCNWI-cAP2vCToAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3gFP0DQmdCM2ZUlm2ERh7WYrD7lgiE3OYwNXyi41h9cd3E2pMTiYysBTo3i_pv0g92bNIAF5owKZsdnoYlohKlYGNDTl6GjZRM1n3En3VutujhibdwkCz8RdEtIwIzbXwhmETNM1BoPV6TJzZ5cK4w9FhTE8Mkvj0mwn5ljgFxwCdrzWYEjyqSzag6tnxmMVhoDpueNhwhsxNbZsCfQWIT8Q183748XqpU2h5hGqrYCq2dO1AE8exKvNk7slIdEu8EeHMXiff4QeJ14uosC7wP-qXdVp8jYMSpdTTSCsZIiABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ESmalc1dOrVwX_rwKIqaL4aMlDw%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.47.90 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-47-90.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 9F12 114 KB
14 KB 40ms
40ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=cc9a572ced426c513075b78f58d4cab0%2F10985148051160379145&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716274&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kacxyv5nsc00e1ndha0tfn4rknpqpv5nkg3nahqnvp0pmwdvs3f20qmza3sj4ge161m27ac7a64rfp56hvwyqs3wx3mhyass9pdts5wx7v80m970mzj1kdhddj5j51apqvk7s7bks9f2hbfxag6t9ht8f8n5mqbv02gm3v35xa46qyjn2dhres76bbj39dn71gya6bm0rg66hnh8c5cmn42d3z7e7v3dzhmmyts3kdzx7n5fngvr3za4nxb0eb1dc52kxa76vhnafa23bj0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX0bza3PuZITiBd_C7_UPiLW40AOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0BhiQUyYHXsMU1j-WWRdHkIrizi_jAgXIJP6xwQ6TQqEd8FX0lbkNoJoqX1lIupWcTnl8aC4T29zqRNpltJzLKXUahpYkk3jRLwdFjjNlYpfYkpyaKUcWo_oUsI8i0Fu5ZNoqtZVZfbpMIqhDAW_UK_Kj8L8-mdchn3eO1B63QKXF89T4qH0hvKHsYHONlCNQkCwxQd6azTjFEjHJ0c8M1EtLWJLGuRLcDyrCPmuR9HOF68EcoOFW0vFkCqm62LVEIxaFvSzXbEZb0idnacdhAIPWsQTyLHvkoKYXpekgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZnbQiymMXsTJwgcJAxwP0EgBLiQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=cc9a572ced426c513075b78f58d4cab0%2F10985148051160379145&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716274&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kacxyv5nsc00e1ndha0tfn4rknpqpv5nkg3nahqnvp0pmwdvs3f20qmza3sj4ge161m27ac7a64rfp56hvwyqs3wx3mhyass9pdts5wx7v80m970mzj1kdhddj5j51apqvk7s7bks9f2hbfxag6t9ht8f8n5mqbv02gm3v35xa46qyjn2dhres76bbj39dn71gya6bm0rg66hnh8c5cmn42d3z7e7v3dzhmmyts3kdzx7n5fngvr3za4nxb0eb1dc52kxa76vhnafa23bj0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX0bza3PuZITiBd_C7_UPiLW40AOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0BhiQUyYHXsMU1j-WWRdHkIrizi_jAgXIJP6xwQ6TQqEd8FX0lbkNoJoqX1lIupWcTnl8aC4T29zqRNpltJzLKXUahpYkk3jRLwdFjjNlYpfYkpyaKUcWo_oUsI8i0Fu5ZNoqtZVZfbpMIqhDAW_UK_Kj8L8-mdchn3eO1B63QKXF89T4qH0hvKHsYHONlCNQkCwxQd6azTjFEjHJ0c8M1EtLWJLGuRLcDyrCPmuR9HOF68EcoOFW0vFkCqm62LVEIxaFvSzXbEZb0idnacdhAIPWsQTyLHvkoKYXpekgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZnbQiymMXsTJwgcJAxwP0EgBLiQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 559526
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbrv7Tj3ALpdwJWvUhclHog5QmyN6katoccRk57XzeWGLgXRz7EtRdzwzXH1OhA4y6nz%2BeEwYCATT0daj5hx5S85ErXHb8QykbojtdV2Rec6lc5dfslzVEirg9FS9TPmeJw6rJsOtMU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7fe84905b90b914c-FRA
expires: Tue, 29 Aug 2023 23:38:36 GMT

GET
H3 200 63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
assets.ad4m.at/logo/ Frame 9F12 8 KB
8 KB 39ms
39ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/63CADBEA68649ECF1642645CEB25DF73A19E0B4D7735826E76E1CFE7786A55E8278917477BD44BA47017F94D7AA0F7B3A1C8F0FE880A090BE49650B6F1EAF6D9
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=cc9a572ced426c513075b78f58d4cab0%2F10985148051160379145&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716274&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kacxyv5nsc00e1ndha0tfn4rknpqpv5nkg3nahqnvp0pmwdvs3f20qmza3sj4ge161m27ac7a64rfp56hvwyqs3wx3mhyass9pdts5wx7v80m970mzj1kdhddj5j51apqvk7s7bks9f2hbfxag6t9ht8f8n5mqbv02gm3v35xa46qyjn2dhres76bbj39dn71gya6bm0rg66hnh8c5cmn42d3z7e7v3dzhmmyts3kdzx7n5fngvr3za4nxb0eb1dc52kxa76vhnafa23bj0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX0bza3PuZITiBd_C7_UPiLW40AOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0BhiQUyYHXsMU1j-WWRdHkIrizi_jAgXIJP6xwQ6TQqEd8FX0lbkNoJoqX1lIupWcTnl8aC4T29zqRNpltJzLKXUahpYkk3jRLwdFjjNlYpfYkpyaKUcWo_oUsI8i0Fu5ZNoqtZVZfbpMIqhDAW_UK_Kj8L8-mdchn3eO1B63QKXF89T4qH0hvKHsYHONlCNQkCwxQd6azTjFEjHJ0c8M1EtLWJLGuRLcDyrCPmuR9HOF68EcoOFW0vFkCqm62LVEIxaFvSzXbEZb0idnacdhAIPWsQTyLHvkoKYXpekgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZnbQiymMXsTJwgcJAxwP0EgBLiQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15cc42ec2a3a08dc0566d2f71a13e462fa764a4390c7d96870b71fd2cf6ff513

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1301241
cf-polished: origFmt=png, origSize=12956
alt-svc: h3=":443"; ma=86400
content-length: 7692
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 14:32:10 GMT
server: cloudflare
etag: "c6c297b07f296b60586b8613b6e9b5cd"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hGiiRW%2FgeYx2APcQSeKHnJ7Ry9LxKCVr222dR8Lk6I%2ButTMRYn72mGu62XiLDXcpG%2BwMgO59%2F%2Fd4Rup0gihoMSfHfFGpG8v1ZHNeJjVh2oGq4JYZsE7Tcc6fE5hRAhSm9aMO3ePr0LQ%2FC2U5"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe84905b90d914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H3 200 A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
assets.ad4m.at/product_image/ Frame 9F12 422 KB
423 KB 32ms
18ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/A290FB32C3CD17E30EABAAAC51275DC38FA2A2B372BE62031F552E1A8212BBA05286FFE21393F5511F67356FC5DA6D062DDAC9B6677230AA33BD1E7B84B05A27
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=cc9a572ced426c513075b78f58d4cab0%2F10985148051160379145&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716274&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kacxyv5nsc00e1ndha0tfn4rknpqpv5nkg3nahqnvp0pmwdvs3f20qmza3sj4ge161m27ac7a64rfp56hvwyqs3wx3mhyass9pdts5wx7v80m970mzj1kdhddj5j51apqvk7s7bks9f2hbfxag6t9ht8f8n5mqbv02gm3v35xa46qyjn2dhres76bbj39dn71gya6bm0rg66hnh8c5cmn42d3z7e7v3dzhmmyts3kdzx7n5fngvr3za4nxb0eb1dc52kxa76vhnafa23bj0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX0bza3PuZITiBd_C7_UPiLW40AOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0BhiQUyYHXsMU1j-WWRdHkIrizi_jAgXIJP6xwQ6TQqEd8FX0lbkNoJoqX1lIupWcTnl8aC4T29zqRNpltJzLKXUahpYkk3jRLwdFjjNlYpfYkpyaKUcWo_oUsI8i0Fu5ZNoqtZVZfbpMIqhDAW_UK_Kj8L8-mdchn3eO1B63QKXF89T4qH0hvKHsYHONlCNQkCwxQd6azTjFEjHJ0c8M1EtLWJLGuRLcDyrCPmuR9HOF68EcoOFW0vFkCqm62LVEIxaFvSzXbEZb0idnacdhAIPWsQTyLHvkoKYXpekgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZnbQiymMXsTJwgcJAxwP0EgBLiQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d2cf79989a25b94d2694569e8a8372c34b3cfac8caf3f7c2ae6d97f7e9d02ae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2627767
cf-polished: origFmt=png, origSize=632572
alt-svc: h3=":443"; ma=86400
content-length: 432334
cf-bgj: imgq:85,h2pri
last-modified: Wed, 29 Dec 2021 17:30:00 GMT
server: cloudflare
etag: "ee529fd62e145fb264303add5fb5a944"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aoLggp%2Fz5h0q4FsyEGKNWSwadHeBujNEkPuzbgcmGFyGv3r6XftYTSilB4VL4a3aNOgK%2Fy5u18X2LJKA61GFervpsDHzy26cp5Hk26%2BMtl6Mb1iwFz8BQWSHzrecde%2F9WVbHRqnuTh7sI2Sz"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe84905f944914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H3 200 FA9CA61D935C6BA276FF1B68950E437BC73C30EA8D07ABE832EB8EA5FFA419B5E11866E12FA023D2F3B7997F4D87D4003B3997C78782581A74229E6184C72441
assets.ad4m.at/logo/ Frame 9F12 9 KB
9 KB 52ms
38ms Image
image/png 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/FA9CA61D935C6BA276FF1B68950E437BC73C30EA8D07ABE832EB8EA5FFA419B5E11866E12FA023D2F3B7997F4D87D4003B3997C78782581A74229E6184C72441
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=cc9a572ced426c513075b78f58d4cab0%2F10985148051160379145&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716274&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kacxyv5nsc00e1ndha0tfn4rknpqpv5nkg3nahqnvp0pmwdvs3f20qmza3sj4ge161m27ac7a64rfp56hvwyqs3wx3mhyass9pdts5wx7v80m970mzj1kdhddj5j51apqvk7s7bks9f2hbfxag6t9ht8f8n5mqbv02gm3v35xa46qyjn2dhres76bbj39dn71gya6bm0rg66hnh8c5cmn42d3z7e7v3dzhmmyts3kdzx7n5fngvr3za4nxb0eb1dc52kxa76vhnafa23bj0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX0bza3PuZITiBd_C7_UPiLW40AOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0BhiQUyYHXsMU1j-WWRdHkIrizi_jAgXIJP6xwQ6TQqEd8FX0lbkNoJoqX1lIupWcTnl8aC4T29zqRNpltJzLKXUahpYkk3jRLwdFjjNlYpfYkpyaKUcWo_oUsI8i0Fu5ZNoqtZVZfbpMIqhDAW_UK_Kj8L8-mdchn3eO1B63QKXF89T4qH0hvKHsYHONlCNQkCwxQd6azTjFEjHJ0c8M1EtLWJLGuRLcDyrCPmuR9HOF68EcoOFW0vFkCqm62LVEIxaFvSzXbEZb0idnacdhAIPWsQTyLHvkoKYXpekgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZnbQiymMXsTJwgcJAxwP0EgBLiQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6812a4b6f30e6c3cb730dd4cfe01d6c67f680b6c3fb5b294ed89db790e83e759

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1470262
cf-polished: origSize=16818, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 8787
cf-bgj: imgq:85,h2pri
last-modified: Tue, 15 Nov 2022 09:39:25 GMT
server: cloudflare
etag: "2388a7cd4d7ec3867d9c101735f80455"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YuBYT1teVXkZJe3mDfCeZD6CcfHd%2B1wqrKjFe9CPl8G2pU2BSXrwt%2F6GbCRb%2ByUUnDkenpkgSNk%2Fu3SHjh093qab3sSHwHhWWOTdii3eD0yjX%2BPaiFGO9PkJjbm50Z25H1wmOQPOTUMIK8%2F9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe84905f945914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H3 200 8C8CE920AF3FF4A351EB0C8FDC38B7F930EFEED9A456A2A2D5CEC9953E0EF4F1624567D9BC2A24DFA064026D90D0B0375FE4E1EBBF728876ABF1A216C8E94E07
assets.ad4m.at/product_image/ Frame 9F12 123 KB
124 KB 52ms
38ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/8C8CE920AF3FF4A351EB0C8FDC38B7F930EFEED9A456A2A2D5CEC9953E0EF4F1624567D9BC2A24DFA064026D90D0B0375FE4E1EBBF728876ABF1A216C8E94E07
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=cc9a572ced426c513075b78f58d4cab0%2F10985148051160379145&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716274&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kacxyv5nsc00e1ndha0tfn4rknpqpv5nkg3nahqnvp0pmwdvs3f20qmza3sj4ge161m27ac7a64rfp56hvwyqs3wx3mhyass9pdts5wx7v80m970mzj1kdhddj5j51apqvk7s7bks9f2hbfxag6t9ht8f8n5mqbv02gm3v35xa46qyjn2dhres76bbj39dn71gya6bm0rg66hnh8c5cmn42d3z7e7v3dzhmmyts3kdzx7n5fngvr3za4nxb0eb1dc52kxa76vhnafa23bj0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX0bza3PuZITiBd_C7_UPiLW40AOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0BhiQUyYHXsMU1j-WWRdHkIrizi_jAgXIJP6xwQ6TQqEd8FX0lbkNoJoqX1lIupWcTnl8aC4T29zqRNpltJzLKXUahpYkk3jRLwdFjjNlYpfYkpyaKUcWo_oUsI8i0Fu5ZNoqtZVZfbpMIqhDAW_UK_Kj8L8-mdchn3eO1B63QKXF89T4qH0hvKHsYHONlCNQkCwxQd6azTjFEjHJ0c8M1EtLWJLGuRLcDyrCPmuR9HOF68EcoOFW0vFkCqm62LVEIxaFvSzXbEZb0idnacdhAIPWsQTyLHvkoKYXpekgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZnbQiymMXsTJwgcJAxwP0EgBLiQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3101f75821bd640ea6a402a7fc91ce796a14c3301dae27977ef7e498493d2478

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2586448
cf-polished: origFmt=png, origSize=229500
alt-svc: h3=":443"; ma=86400
content-length: 126008
cf-bgj: imgq:85,h2pri
last-modified: Mon, 23 Jan 2023 13:55:21 GMT
server: cloudflare
etag: "7dad6cefef5a2fec617572bd0b300847"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fy1hVpSHlCGvs6n50YXEEtnKDiHq5M5pN1DpOEqmTBpc%2BGayF%2Fw0kXvxDMNkO1BpAEz4QiyDiiefS13z%2FeVqrzUiyFoKY71twmmi%2FKM%2BBSlRiHMpd%2BN8B1sFROEaJOjNW%2BKLfeEQ1jcLbMOC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe84905f946914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H3 200 63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
assets.ad4m.at/logo/ Frame 9F12 6 KB
7 KB 56ms
42ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/63C59000D9C213BF45B1F82F0F2618F31313AAAA8B58CC73D9E650F42FBED7BA4DF9A1F0D5E39C9D50FDF4A5C844FF0FCC1CD3C6A60D5E5960184143530743A4
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=cc9a572ced426c513075b78f58d4cab0%2F10985148051160379145&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716274&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kacxyv5nsc00e1ndha0tfn4rknpqpv5nkg3nahqnvp0pmwdvs3f20qmza3sj4ge161m27ac7a64rfp56hvwyqs3wx3mhyass9pdts5wx7v80m970mzj1kdhddj5j51apqvk7s7bks9f2hbfxag6t9ht8f8n5mqbv02gm3v35xa46qyjn2dhres76bbj39dn71gya6bm0rg66hnh8c5cmn42d3z7e7v3dzhmmyts3kdzx7n5fngvr3za4nxb0eb1dc52kxa76vhnafa23bj0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX0bza3PuZITiBd_C7_UPiLW40AOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0BhiQUyYHXsMU1j-WWRdHkIrizi_jAgXIJP6xwQ6TQqEd8FX0lbkNoJoqX1lIupWcTnl8aC4T29zqRNpltJzLKXUahpYkk3jRLwdFjjNlYpfYkpyaKUcWo_oUsI8i0Fu5ZNoqtZVZfbpMIqhDAW_UK_Kj8L8-mdchn3eO1B63QKXF89T4qH0hvKHsYHONlCNQkCwxQd6azTjFEjHJ0c8M1EtLWJLGuRLcDyrCPmuR9HOF68EcoOFW0vFkCqm62LVEIxaFvSzXbEZb0idnacdhAIPWsQTyLHvkoKYXpekgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZnbQiymMXsTJwgcJAxwP0EgBLiQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e992acf8af7de27497c44cca7f3758d64d10946bebd1b17319287c0d8f83b29c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2603618
cf-polished: origFmt=png, origSize=15890
alt-svc: h3=":443"; ma=86400
content-length: 6208
cf-bgj: imgq:85,h2pri
last-modified: Thu, 16 Jul 2020 06:05:30 GMT
server: cloudflare
etag: "be722651a81e6407bdfd83394a59e232"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cmcOSLyhjG9kFLp59DWGosL%2FVgqvlNBO44BmA6Ap69WQTERrHwkID6qW26lmLdvfB5%2B6t06pCy7%2FZkopgQ7EH1ogfeAEy6Wqv80Xh3uR7ohYf%2F2UMnBZUvpPyJEGb1Ys2rF%2BHHb30qMBnNyW"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe84905f947914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H3 200 1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
assets.ad4m.at/product_image/ Frame 9F12 9 KB
9 KB 57ms
43ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1676B5A8D805B79544F31FDF318F71919051388884DEE860E61C018B9F1A57100F3300CCE67F3E220C3E5A469FED99CE509B2A1EDD13F0FB6C8277D894DDF6BE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=cc9a572ced426c513075b78f58d4cab0%2F10985148051160379145&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716274&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kacxyv5nsc00e1ndha0tfn4rknpqpv5nkg3nahqnvp0pmwdvs3f20qmza3sj4ge161m27ac7a64rfp56hvwyqs3wx3mhyass9pdts5wx7v80m970mzj1kdhddj5j51apqvk7s7bks9f2hbfxag6t9ht8f8n5mqbv02gm3v35xa46qyjn2dhres76bbj39dn71gya6bm0rg66hnh8c5cmn42d3z7e7v3dzhmmyts3kdzx7n5fngvr3za4nxb0eb1dc52kxa76vhnafa23bj0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX0bza3PuZITiBd_C7_UPiLW40AOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0BhiQUyYHXsMU1j-WWRdHkIrizi_jAgXIJP6xwQ6TQqEd8FX0lbkNoJoqX1lIupWcTnl8aC4T29zqRNpltJzLKXUahpYkk3jRLwdFjjNlYpfYkpyaKUcWo_oUsI8i0Fu5ZNoqtZVZfbpMIqhDAW_UK_Kj8L8-mdchn3eO1B63QKXF89T4qH0hvKHsYHONlCNQkCwxQd6azTjFEjHJ0c8M1EtLWJLGuRLcDyrCPmuR9HOF68EcoOFW0vFkCqm62LVEIxaFvSzXbEZb0idnacdhAIPWsQTyLHvkoKYXpekgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZnbQiymMXsTJwgcJAxwP0EgBLiQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 028565858aca93c3b487996eb5af450fa2671990023c0a38f485a16513d26013

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2043551
cf-polished: qual=85, origFmt=jpeg, origSize=25987
alt-svc: h3=":443"; ma=86400
content-length: 8886
cf-bgj: imgq:85,h2pri
last-modified: Thu, 17 Dec 2020 12:29:34 GMT
server: cloudflare
etag: "d40ef49dd0a29ca0e7601d1b405d4d78"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q8dJxWsckl64pELeyed0Hd3ygVhC%2FGl0bpypMG6QaIwFEiKG3jRwQIsuLNwRjrtpPrl1kYbA6nAB4PfDBT0NeQK%2BUjn0HsgFcr0ihiHhjWIyfjKlbBeZbJbnRUVFG%2BJTtoXStykjz77Si9Ug"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe84905f948914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 9F12 43 B
702 B 137ms
120ms Image
image/gif 104.64.118.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2629118&v=19228&q=388274&r=412871&pv=1&pref3=oneid2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcgoneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=cc9a572ced426c513075b78f58d4cab0%2F10985148051160379145&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716274&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kacxyv5nsc00e1ndha0tfn4rknpqpv5nkg3nahqnvp0pmwdvs3f20qmza3sj4ge161m27ac7a64rfp56hvwyqs3wx3mhyass9pdts5wx7v80m970mzj1kdhddj5j51apqvk7s7bks9f2hbfxag6t9ht8f8n5mqbv02gm3v35xa46qyjn2dhres76bbj39dn71gya6bm0rg66hnh8c5cmn42d3z7e7v3dzhmmyts3kdzx7n5fngvr3za4nxb0eb1dc52kxa76vhnafa23bj0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX0bza3PuZITiBd_C7_UPiLW40AOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0BhiQUyYHXsMU1j-WWRdHkIrizi_jAgXIJP6xwQ6TQqEd8FX0lbkNoJoqX1lIupWcTnl8aC4T29zqRNpltJzLKXUahpYkk3jRLwdFjjNlYpfYkpyaKUcWo_oUsI8i0Fu5ZNoqtZVZfbpMIqhDAW_UK_Kj8L8-mdchn3eO1B63QKXF89T4qH0hvKHsYHONlCNQkCwxQd6azTjFEjHJ0c8M1EtLWJLGuRLcDyrCPmuR9HOF68EcoOFW0vFkCqm62LVEIxaFvSzXbEZb0idnacdhAIPWsQTyLHvkoKYXpekgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZnbQiymMXsTJwgcJAxwP0EgBLiQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-118-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 22:38:36 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H2 429 link.html
track.webgains.com/ Frame 645E 0
0 95ms
30ms Script
text/html 3.10.47.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=4314458&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kb6w4dqz9eda4qd2tksc1cx5q1qt7dhvp9bzmzt6v53hkze73ppdd270p1dan263a4f0914qyg95fap64gjrxb0ad2r278cn25ende92dsqkd5g9e5ee7gb80a0rd0q26kfsvjn93epewb0st8p15re56y1pnztyr0s0rqv19ptbhnmbz9v3fbeeeg7qqqnr76245z0ssrj3g252tctpxdh0qefv2mv1vm39sn1xzqye7xrhq74eq3msj9wf0xr11x0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gq9gbpfs27a7pf7pcxq8tf18bw1cbp230wh6hjkcq09w5g52as8zzanb7xh6vh17emwn6j85gdh9j7pzh1j21chwc0fhx3e4jzjmze006thzmd445hcpez3vn3hxqx3s19w4vw5vmkkhy7jg57m53j6r3tyss334n9jq8c357m0revv9xqzz5w1f1x6jpg9t86ca69hxxdakjt4pjgv0y45crqnx94r9zjxy9s2t10bdjjyhtr96dnxfc5zwjcys1z396wkt9h2f4f9kffg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCuT1ra3PuZPWpCNWI-cAP2vCToAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3gFP0DQmdCM2ZUlm2ERh7WYrD7lgiE3OYwNXyi41h9cd3E2pMTiYysBTo3i_pv0g92bNIAF5owKZsdnoYlohKlYGNDTl6GjZRM1n3En3VutujhibdwkCz8RdEtIwIzbXwhmETNM1BoPV6TJzZ5cK4w9FhTE8Mkvj0mwn5ljgFxwCdrzWYEjyqSzag6tnxmMVhoDpueNhwhsxNbZsCfQWIT8Q183748XqpU2h5hGqrYCq2dO1AE8exKvNk7slIdEu8EeHMXiff4QeJ14uosC7wP-qXdVp8jYMSpdTTSCsZIiABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1ESmalc1dOrVwX_rwKIqaL4aMlDw%252526client%25253Dca-pub-1983042674979462%252526adurl%25253D&clickref=oneidg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDceoneid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5oneid__suite_Netmix_Reach13_BlackFridayPush
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=0f5353630d99926386544de5206d8a28%2F4081905152126680695&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716221&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1gq9gbpfs27a7pf7pcxq8tf18bw1cbp230wh6hjkcq09w5g52as8zzanb7xh6vh17emwn6j85gdh9j7pzh1j21chwc0fhx3e4jzjmze006thzmd445hcpez3vn3hxqx3s19w4vw5vmkkhy7jg57m53j6r3tyss334n9jq8c357m0revv9xqzz5w1f1x6jpg9t86ca69hxxdakjt4pjgv0y45crqnx94r9zjxy9s2t10bdjjyhtr96dnxfc5zwjcys1z396wkt9h2f4f9kffg%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCuT1ra3PuZPWpCNWI-cAP2vCToAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3gFP0DQmdCM2ZUlm2ERh7WYrD7lgiE3OYwNXyi41h9cd3E2pMTiYysBTo3i_pv0g92bNIAF5owKZsdnoYlohKlYGNDTl6GjZRM1n3En3VutujhibdwkCz8RdEtIwIzbXwhmETNM1BoPV6TJzZ5cK4w9FhTE8Mkvj0mwn5ljgFxwCdrzWYEjyqSzag6tnxmMVhoDpueNhwhsxNbZsCfQWIT8Q183748XqpU2h5hGqrYCq2dO1AE8exKvNk7slIdEu8EeHMXiff4QeJ14uosC7wP-qXdVp8jYMSpdTTSCsZIiABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_1ESmalc1dOrVwX_rwKIqaL4aMlDw%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.47.90 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-47-90.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame FB8A 114 KB
14 KB 48ms
35ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24723%2C305597&b=j83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9%2C2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9&f=xDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA%2C4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA&c=300&d=250&e=&g=10a743ff29d1f3909e97739b1ab69973%2F887098673830650361&i=20597%2C22473%2C83339&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716290&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfjb1da8xmmdst5tm9qgxccyraggqhq0afn17ex4zk26w8ab1y243q2m327ar1dr9fxvjmc9mvbe0z8cnpywyv3zf57zggt9ff59yj9dash4wgwd9dtwpbcsf94aqkgthj0k2nthge7x5ytax8pe36nr1f4c61ac4wqnba8gfbqctn0c712f71dcsjpcpx9s57b9qxzqkass2chexzmt4bj3f104kg0skbbt55ddvcja9avrt0a1my59k2hne34hcrt308pkpvq5tve1ya0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDzea3PuZI7gCp-YxdwP2-an0AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0IR8I2Q-Z8MyTwW55mx7cPUmWcnlZZPirvQUMDTD3tPGUz6_GA1nlmVZiNndbVLlnRurvlzGnDLyNGIHkGwrOEUVzcHVF0fQqQAa6AztGkVKAk4t3PLsQ30ymfpjc-Uiz_zDVEHsqgQ4zeNRbEQIFK4JdOqdFwCB9E_A-Khkbx8VThM6iXK61u4vJpwIwBL0HIB51Y3L3X9C27qsTOvmBOd3BjjESPLZBhI8CgF6xvNNh30tMF2EhfMNz8MCEGlv06JlA3ae079r5ROupdYFDPNxdyaVCmt8txf-WVRQgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F8qu1S6wIX00PXxQ27p5QNX3tTg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=183975%2C24723%2C305597&b=j83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9%2C2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9&f=xDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA%2C4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA&c=300&d=250&e=&g=10a743ff29d1f3909e97739b1ab69973%2F887098673830650361&i=20597%2C22473%2C83339&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716290&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfjb1da8xmmdst5tm9qgxccyraggqhq0afn17ex4zk26w8ab1y243q2m327ar1dr9fxvjmc9mvbe0z8cnpywyv3zf57zggt9ff59yj9dash4wgwd9dtwpbcsf94aqkgthj0k2nthge7x5ytax8pe36nr1f4c61ac4wqnba8gfbqctn0c712f71dcsjpcpx9s57b9qxzqkass2chexzmt4bj3f104kg0skbbt55ddvcja9avrt0a1my59k2hne34hcrt308pkpvq5tve1ya0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDzea3PuZI7gCp-YxdwP2-an0AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0IR8I2Q-Z8MyTwW55mx7cPUmWcnlZZPirvQUMDTD3tPGUz6_GA1nlmVZiNndbVLlnRurvlzGnDLyNGIHkGwrOEUVzcHVF0fQqQAa6AztGkVKAk4t3PLsQ30ymfpjc-Uiz_zDVEHsqgQ4zeNRbEQIFK4JdOqdFwCB9E_A-Khkbx8VThM6iXK61u4vJpwIwBL0HIB51Y3L3X9C27qsTOvmBOd3BjjESPLZBhI8CgF6xvNNh30tMF2EhfMNz8MCEGlv06JlA3ae079r5ROupdYFDPNxdyaVCmt8txf-WVRQgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F8qu1S6wIX00PXxQ27p5QNX3tTg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1687950287
age: 559526
cf-polished: origSize=117335
x-guploader-uploadid: ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 28 Jun 2023 11:05:15 GMT
server: cloudflare
etag: W/"5d49535c2a84a9762127b3d9e77d7e02"
vary: Accept-Encoding
x-goog-generation: 1687950315098833
content-type: text/css
x-goog-hash: crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tti1EicCzQ5YKTlJu3bTQmBKXyVdeVqSYP4XTevtkXEo9Kv2kiV8JAgTT0igofdvE9cNY0%2FpWQsDypM66TgVGuoKD8ebSWrOZQROpGruINK0W42VIvyEPTmaGCh2Kz0UxxQ3OrKy8II%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 117335
cf-ray: 7fe849060951914c-FRA
expires: Tue, 29 Aug 2023 23:38:36 GMT

GET
H3 200 71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
assets.ad4m.at/logo/ Frame FB8A 10 KB
10 KB 49ms
36ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/71822252443746CAFD12D9E55FD268C1CD4E723FC7E6FEA7C619297C18F60F705EDC75D8C302298612ADE97D145F0B4D195653C63CDD1F77FE140282FF3AC22A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24723%2C305597&b=j83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9%2C2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9&f=xDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA%2C4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA&c=300&d=250&e=&g=10a743ff29d1f3909e97739b1ab69973%2F887098673830650361&i=20597%2C22473%2C83339&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716290&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfjb1da8xmmdst5tm9qgxccyraggqhq0afn17ex4zk26w8ab1y243q2m327ar1dr9fxvjmc9mvbe0z8cnpywyv3zf57zggt9ff59yj9dash4wgwd9dtwpbcsf94aqkgthj0k2nthge7x5ytax8pe36nr1f4c61ac4wqnba8gfbqctn0c712f71dcsjpcpx9s57b9qxzqkass2chexzmt4bj3f104kg0skbbt55ddvcja9avrt0a1my59k2hne34hcrt308pkpvq5tve1ya0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDzea3PuZI7gCp-YxdwP2-an0AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0IR8I2Q-Z8MyTwW55mx7cPUmWcnlZZPirvQUMDTD3tPGUz6_GA1nlmVZiNndbVLlnRurvlzGnDLyNGIHkGwrOEUVzcHVF0fQqQAa6AztGkVKAk4t3PLsQ30ymfpjc-Uiz_zDVEHsqgQ4zeNRbEQIFK4JdOqdFwCB9E_A-Khkbx8VThM6iXK61u4vJpwIwBL0HIB51Y3L3X9C27qsTOvmBOd3BjjESPLZBhI8CgF6xvNNh30tMF2EhfMNz8MCEGlv06JlA3ae079r5ROupdYFDPNxdyaVCmt8txf-WVRQgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F8qu1S6wIX00PXxQ27p5QNX3tTg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 699394
cf-polished: origFmt=png, origSize=16618
alt-svc: h3=":443"; ma=86400
content-length: 9924
cf-bgj: imgq:85,h2pri
last-modified: Mon, 21 Aug 2023 20:22:01 GMT
server: cloudflare
etag: "4cd9dc474d501ed5668738ba6819e1e6"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YpB86d1KdSx0a5C5UP0XHxwmqFnjhYJ7YKktsQxbl%2FvMh5fD6iaUGm2MG%2BeHBkmdYgKF%2Flu1CFHbSTaZmlsZWr4xwVBErsI%2Bxp6k5xtwy%2BUZLdlIJVuwCIzYSx5eooG0w8hjcbLZh88xWvUQ"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe849060952914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H3 200 1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame FB8A 637 KB
637 KB 44ms
36ms Image
image/png 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24723%2C305597&b=j83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9%2C2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9&f=xDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA%2C4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA&c=300&d=250&e=&g=10a743ff29d1f3909e97739b1ab69973%2F887098673830650361&i=20597%2C22473%2C83339&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716290&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfjb1da8xmmdst5tm9qgxccyraggqhq0afn17ex4zk26w8ab1y243q2m327ar1dr9fxvjmc9mvbe0z8cnpywyv3zf57zggt9ff59yj9dash4wgwd9dtwpbcsf94aqkgthj0k2nthge7x5ytax8pe36nr1f4c61ac4wqnba8gfbqctn0c712f71dcsjpcpx9s57b9qxzqkass2chexzmt4bj3f104kg0skbbt55ddvcja9avrt0a1my59k2hne34hcrt308pkpvq5tve1ya0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDzea3PuZI7gCp-YxdwP2-an0AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0IR8I2Q-Z8MyTwW55mx7cPUmWcnlZZPirvQUMDTD3tPGUz6_GA1nlmVZiNndbVLlnRurvlzGnDLyNGIHkGwrOEUVzcHVF0fQqQAa6AztGkVKAk4t3PLsQ30ymfpjc-Uiz_zDVEHsqgQ4zeNRbEQIFK4JdOqdFwCB9E_A-Khkbx8VThM6iXK61u4vJpwIwBL0HIB51Y3L3X9C27qsTOvmBOd3BjjESPLZBhI8CgF6xvNNh30tMF2EhfMNz8MCEGlv06JlA3ae079r5ROupdYFDPNxdyaVCmt8txf-WVRQgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F8qu1S6wIX00PXxQ27p5QNX3tTg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48544d39ceaebb01d8e31886a19c82330f02125740397558bb0baa16b81b8c6f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1573491
cf-polished: origSize=731561, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 651990
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Mar 2022 07:03:31 GMT
server: cloudflare
etag: "1b69278243c107df5b11186b1f6ca585"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FhfxTYA9lUWcSkYmokA8mfHVlRYnNzOYLu%2BdaGeDFLXolRB9lTxLrHEmFY7LGz2EcwqlVQLNEkM%2BwjQ8dL9N2Bnl1rd5T27%2B4VFBcgbZFUEKV7D9lwSfUnaml3j0cg3TeFlsvMwY5Gkesbbs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe849061961914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H3 200 DD764190D6CE80910BC7AF0AB42A0D01A58B48D68E5B29FB01F10153A3070E664C184E4393DFE49B8B93C06F8C00EC83A0ED0915E62BC1292EC3D266B795FB4D
assets.ad4m.at/logo/ Frame FB8A 15 KB
16 KB 66ms
58ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/DD764190D6CE80910BC7AF0AB42A0D01A58B48D68E5B29FB01F10153A3070E664C184E4393DFE49B8B93C06F8C00EC83A0ED0915E62BC1292EC3D266B795FB4D
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24723%2C305597&b=j83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9%2C2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9&f=xDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA%2C4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA&c=300&d=250&e=&g=10a743ff29d1f3909e97739b1ab69973%2F887098673830650361&i=20597%2C22473%2C83339&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716290&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfjb1da8xmmdst5tm9qgxccyraggqhq0afn17ex4zk26w8ab1y243q2m327ar1dr9fxvjmc9mvbe0z8cnpywyv3zf57zggt9ff59yj9dash4wgwd9dtwpbcsf94aqkgthj0k2nthge7x5ytax8pe36nr1f4c61ac4wqnba8gfbqctn0c712f71dcsjpcpx9s57b9qxzqkass2chexzmt4bj3f104kg0skbbt55ddvcja9avrt0a1my59k2hne34hcrt308pkpvq5tve1ya0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDzea3PuZI7gCp-YxdwP2-an0AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0IR8I2Q-Z8MyTwW55mx7cPUmWcnlZZPirvQUMDTD3tPGUz6_GA1nlmVZiNndbVLlnRurvlzGnDLyNGIHkGwrOEUVzcHVF0fQqQAa6AztGkVKAk4t3PLsQ30ymfpjc-Uiz_zDVEHsqgQ4zeNRbEQIFK4JdOqdFwCB9E_A-Khkbx8VThM6iXK61u4vJpwIwBL0HIB51Y3L3X9C27qsTOvmBOd3BjjESPLZBhI8CgF6xvNNh30tMF2EhfMNz8MCEGlv06JlA3ae079r5ROupdYFDPNxdyaVCmt8txf-WVRQgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F8qu1S6wIX00PXxQ27p5QNX3tTg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a8c55e2a65ab16a22b95904c1e8853cc86c6794f55bb398b58b0cdb42f7d7e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 644226
cf-polished: origFmt=png, origSize=37262
alt-svc: h3=":443"; ma=86400
content-length: 15752
cf-bgj: imgq:85,h2pri
last-modified: Fri, 08 May 2020 23:04:25 GMT
server: cloudflare
etag: "a89fa17c218240e5a9f82c47ff6f59a4"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2FVuITA1uufXehFvCoBOEiTwaMOU8GBa2gn5iET207dnuJJbtwTB19jBFeqs2fWfBQ2GlZe32hvaSLsQGqAd%2B0rhQclYV8a1hZVNtQx6gvCoWmdkECwBCP2qGaBMR9hYqiYKVKmCwlojSoSq"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe849061963914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H3 200 BFA660F4C579A67BFC4FEC1F0BE3FDC649D3AE4EFD32521BEE7E5D753BA8C7AFEF86E209C94227BB718C2AA92E9C7120DB942BD7F9D9EC000E243B6917E8EAFE
assets.ad4m.at/product_image/ Frame FB8A 50 KB
50 KB 67ms
59ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/BFA660F4C579A67BFC4FEC1F0BE3FDC649D3AE4EFD32521BEE7E5D753BA8C7AFEF86E209C94227BB718C2AA92E9C7120DB942BD7F9D9EC000E243B6917E8EAFE
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24723%2C305597&b=j83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9%2C2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9&f=xDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA%2C4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA&c=300&d=250&e=&g=10a743ff29d1f3909e97739b1ab69973%2F887098673830650361&i=20597%2C22473%2C83339&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716290&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfjb1da8xmmdst5tm9qgxccyraggqhq0afn17ex4zk26w8ab1y243q2m327ar1dr9fxvjmc9mvbe0z8cnpywyv3zf57zggt9ff59yj9dash4wgwd9dtwpbcsf94aqkgthj0k2nthge7x5ytax8pe36nr1f4c61ac4wqnba8gfbqctn0c712f71dcsjpcpx9s57b9qxzqkass2chexzmt4bj3f104kg0skbbt55ddvcja9avrt0a1my59k2hne34hcrt308pkpvq5tve1ya0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDzea3PuZI7gCp-YxdwP2-an0AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0IR8I2Q-Z8MyTwW55mx7cPUmWcnlZZPirvQUMDTD3tPGUz6_GA1nlmVZiNndbVLlnRurvlzGnDLyNGIHkGwrOEUVzcHVF0fQqQAa6AztGkVKAk4t3PLsQ30ymfpjc-Uiz_zDVEHsqgQ4zeNRbEQIFK4JdOqdFwCB9E_A-Khkbx8VThM6iXK61u4vJpwIwBL0HIB51Y3L3X9C27qsTOvmBOd3BjjESPLZBhI8CgF6xvNNh30tMF2EhfMNz8MCEGlv06JlA3ae079r5ROupdYFDPNxdyaVCmt8txf-WVRQgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F8qu1S6wIX00PXxQ27p5QNX3tTg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2ebf6b894adb91b35cd1135329e9390d36768d4430b538a2df087a4f5bc31b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 644225
cf-polished: degrade=85, origSize=112842, status=vary_header_present
alt-svc: h3=":443"; ma=86400
content-length: 51046
cf-bgj: imgq:85,h2pri
last-modified: Mon, 11 May 2020 13:22:15 GMT
server: cloudflare
etag: "7778098ecd14772f2698109849e1c874"
vary: X-Goog-Allowed-Resources, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zBLYnRprgbPZr%2BTzX6Tn0%2B2vgMtp3C9%2BmljKyWqb%2FpxOIhbHvcR%2BMiAIM%2Fv%2FmiUwCBiXvAJf6ejI%2BzEnmwZ8%2B5ov%2BkBagrrf26TG%2BuE%2BTTcDPmklOfuBVPD2PZZ5dShn7IRgT1NyC4I4fJK1"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe849061964914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H3 200 FE0B78D97BA1F2E5CD2154F6820A1AB9B86F5F439818DF46163CA56E8EE17513C3A0CE54E604EC24901F78DD798D13BAE97E0680454D3977BD86051E08913E70
assets.ad4m.at/logo/ Frame FB8A 4 KB
5 KB 70ms
62ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/FE0B78D97BA1F2E5CD2154F6820A1AB9B86F5F439818DF46163CA56E8EE17513C3A0CE54E604EC24901F78DD798D13BAE97E0680454D3977BD86051E08913E70
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24723%2C305597&b=j83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9%2C2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9&f=xDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA%2C4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA&c=300&d=250&e=&g=10a743ff29d1f3909e97739b1ab69973%2F887098673830650361&i=20597%2C22473%2C83339&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716290&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfjb1da8xmmdst5tm9qgxccyraggqhq0afn17ex4zk26w8ab1y243q2m327ar1dr9fxvjmc9mvbe0z8cnpywyv3zf57zggt9ff59yj9dash4wgwd9dtwpbcsf94aqkgthj0k2nthge7x5ytax8pe36nr1f4c61ac4wqnba8gfbqctn0c712f71dcsjpcpx9s57b9qxzqkass2chexzmt4bj3f104kg0skbbt55ddvcja9avrt0a1my59k2hne34hcrt308pkpvq5tve1ya0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDzea3PuZI7gCp-YxdwP2-an0AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0IR8I2Q-Z8MyTwW55mx7cPUmWcnlZZPirvQUMDTD3tPGUz6_GA1nlmVZiNndbVLlnRurvlzGnDLyNGIHkGwrOEUVzcHVF0fQqQAa6AztGkVKAk4t3PLsQ30ymfpjc-Uiz_zDVEHsqgQ4zeNRbEQIFK4JdOqdFwCB9E_A-Khkbx8VThM6iXK61u4vJpwIwBL0HIB51Y3L3X9C27qsTOvmBOd3BjjESPLZBhI8CgF6xvNNh30tMF2EhfMNz8MCEGlv06JlA3ae079r5ROupdYFDPNxdyaVCmt8txf-WVRQgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F8qu1S6wIX00PXxQ27p5QNX3tTg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76967d830f6aef06f336d8b7323d7d8a07e08b56080a1b3c8b9ada0b5e7ead26

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1916691
cf-polished: origFmt=png, origSize=16545
alt-svc: h3=":443"; ma=86400
content-length: 4432
cf-bgj: imgq:85,h2pri
last-modified: Tue, 27 Sep 2022 13:33:57 GMT
server: cloudflare
etag: "a12a2ed1d853ee0e3231c93bd5bd45d2"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rbhXT8C0t9jEjSC2kvGxRCPO5y5Vft5%2BhpDasNiqwknZErGFyU2n0k1PF4PVGEsovYWhy%2FJ2B1IfVgzyX%2BUvgwrYac%2BgL8g9Z57CDcHS%2BpsNI9OUrWFxXetJiFEunGIo0Pc%2B%2BA7kzf6aAxEq"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe849061965914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H3 200 24C97359018345C62B9D1E833CD308D0FC4079886968BB586800C5A8007C4B15B2D03544D9B4E0842C3C92E9ACC3FB0367D6FA9DB6881A7555CD9F473DC7363A
assets.ad4m.at/product_image/ Frame FB8A 33 KB
33 KB 67ms
62ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/24C97359018345C62B9D1E833CD308D0FC4079886968BB586800C5A8007C4B15B2D03544D9B4E0842C3C92E9ACC3FB0367D6FA9DB6881A7555CD9F473DC7363A
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24723%2C305597&b=j83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9%2C2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9&f=xDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA%2C4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA&c=300&d=250&e=&g=10a743ff29d1f3909e97739b1ab69973%2F887098673830650361&i=20597%2C22473%2C83339&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716290&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfjb1da8xmmdst5tm9qgxccyraggqhq0afn17ex4zk26w8ab1y243q2m327ar1dr9fxvjmc9mvbe0z8cnpywyv3zf57zggt9ff59yj9dash4wgwd9dtwpbcsf94aqkgthj0k2nthge7x5ytax8pe36nr1f4c61ac4wqnba8gfbqctn0c712f71dcsjpcpx9s57b9qxzqkass2chexzmt4bj3f104kg0skbbt55ddvcja9avrt0a1my59k2hne34hcrt308pkpvq5tve1ya0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDzea3PuZI7gCp-YxdwP2-an0AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0IR8I2Q-Z8MyTwW55mx7cPUmWcnlZZPirvQUMDTD3tPGUz6_GA1nlmVZiNndbVLlnRurvlzGnDLyNGIHkGwrOEUVzcHVF0fQqQAa6AztGkVKAk4t3PLsQ30ymfpjc-Uiz_zDVEHsqgQ4zeNRbEQIFK4JdOqdFwCB9E_A-Khkbx8VThM6iXK61u4vJpwIwBL0HIB51Y3L3X9C27qsTOvmBOd3BjjESPLZBhI8CgF6xvNNh30tMF2EhfMNz8MCEGlv06JlA3ae079r5ROupdYFDPNxdyaVCmt8txf-WVRQgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F8qu1S6wIX00PXxQ27p5QNX3tTg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 363d0f434386e451eeda529f507afc653925d1e39143c76b68af0aa6a338ce3c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1031064
cf-polished: qual=85, origFmt=jpeg, origSize=92486
alt-svc: h3=":443"; ma=86400
content-length: 33574
cf-bgj: imgq:85,h2pri
last-modified: Thu, 03 Nov 2022 16:49:21 GMT
server: cloudflare
etag: "9631adcd8ba4c1bf8d61fa68ef9b8f9d"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2F6oa2Kev1xrc9DRH3pQtcbaHOoKGONkFkFt4hiTPgPakw0NDnACzf2bNzz9yXnHkz%2BllM0FrneyeMxa2O300VpB1LLfhV3Ge4Yr5LRt6GFu7ZbsknCVz%2BcJIY%2FWytfFRyO2nE%2FxKKXKoEO1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 7fe849061966914c-FRA
expires: Wed, 30 Aug 2023 22:38:36 GMT

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame FB8A 43 B
704 B 122ms
84ms Image
image/gif 104.64.118.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3247883&v=16798&q=361110&r=412871&pv=1&pref3=oneidj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24723%2C305597&b=j83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9%2C2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9&f=xDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA%2C4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA&c=300&d=250&e=&g=10a743ff29d1f3909e97739b1ab69973%2F887098673830650361&i=20597%2C22473%2C83339&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716290&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfjb1da8xmmdst5tm9qgxccyraggqhq0afn17ex4zk26w8ab1y243q2m327ar1dr9fxvjmc9mvbe0z8cnpywyv3zf57zggt9ff59yj9dash4wgwd9dtwpbcsf94aqkgthj0k2nthge7x5ytax8pe36nr1f4c61ac4wqnba8gfbqctn0c712f71dcsjpcpx9s57b9qxzqkass2chexzmt4bj3f104kg0skbbt55ddvcja9avrt0a1my59k2hne34hcrt308pkpvq5tve1ya0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDzea3PuZI7gCp-YxdwP2-an0AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0IR8I2Q-Z8MyTwW55mx7cPUmWcnlZZPirvQUMDTD3tPGUz6_GA1nlmVZiNndbVLlnRurvlzGnDLyNGIHkGwrOEUVzcHVF0fQqQAa6AztGkVKAk4t3PLsQ30ymfpjc-Uiz_zDVEHsqgQ4zeNRbEQIFK4JdOqdFwCB9E_A-Khkbx8VThM6iXK61u4vJpwIwBL0HIB51Y3L3X9C27qsTOvmBOd3BjjESPLZBhI8CgF6xvNNh30tMF2EhfMNz8MCEGlv06JlA3ae079r5ROupdYFDPNxdyaVCmt8txf-WVRQgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F8qu1S6wIX00PXxQ27p5QNX3tTg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-118-247.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 29 Aug 2023 22:38:36 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2D3F 0
0 76ms
74ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230828&jk=2345678649997198&bg=!LC-lL2DNAAYkVgHwBFY7ADQBe5WfOLMS--RjP6KOieOJN3zULdQMv-C8iRkmIXha7WXF5znLm4qkpKeGvSWC0h7oDpVHAgAAAlpSAAAACGgBB5kCxVxpsutuCzV1xXV-MMyIlmBzWiqxJBz_MN6bxVxMvOFGFfyyZ-yXMFKuv1aGNR3uSjntT9BgUUIOJmYcvqCvSph59OjuU8abQNAVLZiY5XjKx3JdxuHAIgAj_E6IZOQMvmcjVd8rkT5ERuUQEbYLaljUhnwfLiureV4g25VeenXDoqj4tA5UDlrWu3PH4ZGhOgUh2sRDxd3hMoPlppvHnp1WMSpomrosFiMsMTkVB8iHHXlwZ0P35eo7d_dpvbH4w5kQReitbV3iBHk6UKmPZkQ2znxMgJH4_5sFrFmhezEQtjGxmd7xE5eyK9K8EHoXKht1zGCc9Y0RjRmBYt_MOVZV2ey9LNm5iVTA0aGuA7ChELy7NDJxhdFJykE7Uo1MASEnfBuTiRAEKruXhgde-eyPEb43PcZg1f3FTcpnVdOrAAm8vuIzIaCebPlwreNbNliFYlJsnUcL0nnARmfXf9VhI-PhUuJz9R8gsJuTCALx-3VgTnNE0cgk8A6WyhVYlMhPCmQePPAnzXO5-NSr-WbwFHGxpncen9Q0Ip-h_rufGSaAhoOC430oA8Uy2u0I8e_oPgVg8lXC6SF0oeonWnKbaiIsLk3144fg_qH-iDpVVaAddjmp13GmNirQ4-l5ceahrVlJEhQh0dwrkXOtHs-IoRwOFuaMwKwcgy9Cpq2y7ixkBEBMyACjDu-AkX_2UfMb9SicKgapGoEgvonVrc1qCaJo0gpXNnXwMD0Rr_y_0QCowMD6N0JOGB4nS1quuzoUQCcFAjoEuzS_MOtOqocC4BDXukDDHdJk5rmotr2ag487VlC2wH6vtjRhxUvrd2iB02rRRWlI2ak0tqhBAkq-wsqTAk--jHjrNNDh9ttQLtIAXhFMH7_KcIbaEzwuClo-YBdiAJSca15nEwwf4MnPexhjaFmyxI3mdi1HUv9fj0T4R4Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H2 429 link.html
track.webgains.com/ Frame 9F12 0
0 34ms
30ms Script
text/html 3.10.47.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hrj44eqe7y31sn4wb6q5qgn3rd72kq7wv9qzxab7zj4kz9jr3z4d6gare3pjxvndwfaz5tvbmend9cx27gva2pt50zjqj65r1sx5122be0vzpw5bgebf6nh6tjr52vw1g5k0bbh96mta4f66fg3gfa559r3q15b69enmdrgdnwxr0964qfddrrtvzegb08ypbyvh8ntvs55hf9a41v0bjsazc8qgst0vexezkg8s6erab4teb56q9yqzd7p0szg0aetj%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kacxyv5nsc00e1ndha0tfn4rknpqpv5nkg3nahqnvp0pmwdvs3f20qmza3sj4ge161m27ac7a64rfp56hvwyqs3wx3mhyass9pdts5wx7v80m970mzj1kdhddj5j51apqvk7s7bks9f2hbfxag6t9ht8f8n5mqbv02gm3v35xa46qyjn2dhres76bbj39dn71gya6bm0rg66hnh8c5cmn42d3z7e7v3dzhmmyts3kdzx7n5fngvr3za4nxb0eb1dc52kxa76vhnafa23bj0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCX0bza3PuZITiBd_C7_UPiLW40AOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0BhiQUyYHXsMU1j-WWRdHkIrizi_jAgXIJP6xwQ6TQqEd8FX0lbkNoJoqX1lIupWcTnl8aC4T29zqRNpltJzLKXUahpYkk3jRLwdFjjNlYpfYkpyaKUcWo_oUsI8i0Fu5ZNoqtZVZfbpMIqhDAW_UK_Kj8L8-mdchn3eO1B63QKXF89T4qH0hvKHsYHONlCNQkCwxQd6azTjFEjHJ0c8M1EtLWJLGuRLcDyrCPmuR9HOF68EcoOFW0vFkCqm62LVEIxaFvSzXbEZb0idnacdhAIPWsQTyLHvkoKYXpekgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1ZnbQiymMXsTJwgcJAxwP0EgBLiQ%252526client%25253Dca-pub-1983042674979462%252526adurl%25253D&clickref=oneidApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9oneid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7oneid__suite_Netmix_Reach13_BlackFridayPush
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=cc9a572ced426c513075b78f58d4cab0%2F10985148051160379145&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716274&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kacxyv5nsc00e1ndha0tfn4rknpqpv5nkg3nahqnvp0pmwdvs3f20qmza3sj4ge161m27ac7a64rfp56hvwyqs3wx3mhyass9pdts5wx7v80m970mzj1kdhddj5j51apqvk7s7bks9f2hbfxag6t9ht8f8n5mqbv02gm3v35xa46qyjn2dhres76bbj39dn71gya6bm0rg66hnh8c5cmn42d3z7e7v3dzhmmyts3kdzx7n5fngvr3za4nxb0eb1dc52kxa76vhnafa23bj0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX0bza3PuZITiBd_C7_UPiLW40AOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0BhiQUyYHXsMU1j-WWRdHkIrizi_jAgXIJP6xwQ6TQqEd8FX0lbkNoJoqX1lIupWcTnl8aC4T29zqRNpltJzLKXUahpYkk3jRLwdFjjNlYpfYkpyaKUcWo_oUsI8i0Fu5ZNoqtZVZfbpMIqhDAW_UK_Kj8L8-mdchn3eO1B63QKXF89T4qH0hvKHsYHONlCNQkCwxQd6azTjFEjHJ0c8M1EtLWJLGuRLcDyrCPmuR9HOF68EcoOFW0vFkCqm62LVEIxaFvSzXbEZb0idnacdhAIPWsQTyLHvkoKYXpekgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZnbQiymMXsTJwgcJAxwP0EgBLiQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.47.90 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-47-90.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H2 200 link.html Show response
track.webgains.com/ Frame 9F12 2 KB
2 KB 70ms
69ms Script
text/html 3.10.47.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=4314458&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hsh0cgh3nsckzxmq0r8hf90sd4m6vhx207hz3qb7xkas7bspeb8144jmeeac6gaj79jdrejdjtccvp5x2mzzbryh6wnhwdx2e6c86svaergrbrjbwxw2rpszksxfnxgkw6btqx5p4tqh060w708vdwq822m9x5bz2jbe68qt2f13hgxvm6dtbn610bqxh0dkmaxg5z9cqeqdbqv3nt8e84n09ff7tsn21qy1je77rdwkhpzw0ttx6kmr3xa5y7md6jh2%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kacxyv5nsc00e1ndha0tfn4rknpqpv5nkg3nahqnvp0pmwdvs3f20qmza3sj4ge161m27ac7a64rfp56hvwyqs3wx3mhyass9pdts5wx7v80m970mzj1kdhddj5j51apqvk7s7bks9f2hbfxag6t9ht8f8n5mqbv02gm3v35xa46qyjn2dhres76bbj39dn71gya6bm0rg66hnh8c5cmn42d3z7e7v3dzhmmyts3kdzx7n5fngvr3za4nxb0eb1dc52kxa76vhnafa23bj0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCX0bza3PuZITiBd_C7_UPiLW40AOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0BhiQUyYHXsMU1j-WWRdHkIrizi_jAgXIJP6xwQ6TQqEd8FX0lbkNoJoqX1lIupWcTnl8aC4T29zqRNpltJzLKXUahpYkk3jRLwdFjjNlYpfYkpyaKUcWo_oUsI8i0Fu5ZNoqtZVZfbpMIqhDAW_UK_Kj8L8-mdchn3eO1B63QKXF89T4qH0hvKHsYHONlCNQkCwxQd6azTjFEjHJ0c8M1EtLWJLGuRLcDyrCPmuR9HOF68EcoOFW0vFkCqm62LVEIxaFvSzXbEZb0idnacdhAIPWsQTyLHvkoKYXpekgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1ZnbQiymMXsTJwgcJAxwP0EgBLiQ%252526client%25253Dca-pub-1983042674979462%252526adurl%25253D&clickref=oneidg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDceoneid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5oneid__suite_Netmix_Reach13_BlackFridayPush
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=cc9a572ced426c513075b78f58d4cab0%2F10985148051160379145&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716274&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kacxyv5nsc00e1ndha0tfn4rknpqpv5nkg3nahqnvp0pmwdvs3f20qmza3sj4ge161m27ac7a64rfp56hvwyqs3wx3mhyass9pdts5wx7v80m970mzj1kdhddj5j51apqvk7s7bks9f2hbfxag6t9ht8f8n5mqbv02gm3v35xa46qyjn2dhres76bbj39dn71gya6bm0rg66hnh8c5cmn42d3z7e7v3dzhmmyts3kdzx7n5fngvr3za4nxb0eb1dc52kxa76vhnafa23bj0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX0bza3PuZITiBd_C7_UPiLW40AOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0BhiQUyYHXsMU1j-WWRdHkIrizi_jAgXIJP6xwQ6TQqEd8FX0lbkNoJoqX1lIupWcTnl8aC4T29zqRNpltJzLKXUahpYkk3jRLwdFjjNlYpfYkpyaKUcWo_oUsI8i0Fu5ZNoqtZVZfbpMIqhDAW_UK_Kj8L8-mdchn3eO1B63QKXF89T4qH0hvKHsYHONlCNQkCwxQd6azTjFEjHJ0c8M1EtLWJLGuRLcDyrCPmuR9HOF68EcoOFW0vFkCqm62LVEIxaFvSzXbEZb0idnacdhAIPWsQTyLHvkoKYXpekgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZnbQiymMXsTJwgcJAxwP0EgBLiQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.47.90 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-47-90.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: cdd553ca03bf2b7460d539109d35522f2bdf86b84ab1f91d29ba79791f83e878

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
last-modified: Tue, 29 Aug 2023 22:38:36 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 29 Aug 2023 22:39:36 GMT

GET
H2 429 link.html
track.webgains.com/ Frame FB8A 0
0 31ms
30ms Script
text/html 3.10.47.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1htm847ybjgmkdz8vgx9pqvg8zgyed29kehb6p5n95f03vt21k17ed6v5q9fxj0r9kr5yw5h00yabwqx2rhnsnp710ef5wc9vzcgp3qhtk1e194zqq55fkgpkqd72srr7b250q74f4rbhgxahx35aff17bahbxa1jn9gjej3qyscn0fk6r866a2rccp367cexj5xvd2dh3a5x29semz05qz413p1nne90taqrb7w152r0bfy1rab58qnvf2z2dz6w4%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hfjb1da8xmmdst5tm9qgxccyraggqhq0afn17ex4zk26w8ab1y243q2m327ar1dr9fxvjmc9mvbe0z8cnpywyv3zf57zggt9ff59yj9dash4wgwd9dtwpbcsf94aqkgthj0k2nthge7x5ytax8pe36nr1f4c61ac4wqnba8gfbqctn0c712f71dcsjpcpx9s57b9qxzqkass2chexzmt4bj3f104kg0skbbt55ddvcja9avrt0a1my59k2hne34hcrt308pkpvq5tve1ya0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLDzea3PuZI7gCp-YxdwP2-an0AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0IR8I2Q-Z8MyTwW55mx7cPUmWcnlZZPirvQUMDTD3tPGUz6_GA1nlmVZiNndbVLlnRurvlzGnDLyNGIHkGwrOEUVzcHVF0fQqQAa6AztGkVKAk4t3PLsQ30ymfpjc-Uiz_zDVEHsqgQ4zeNRbEQIFK4JdOqdFwCB9E_A-Khkbx8VThM6iXK61u4vJpwIwBL0HIB51Y3L3X9C27qsTOvmBOd3BjjESPLZBhI8CgF6xvNNh30tMF2EhfMNz8MCEGlv06JlA3ae079r5ROupdYFDPNxdyaVCmt8txf-WVRQgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3F8qu1S6wIX00PXxQ27p5QNX3tTg%252526client%25253Dca-pub-1983042674979462%252526adurl%25253D&clickref=oneidxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsAoneid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24723%2C305597&b=j83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9%2C2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9&f=xDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA%2C4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA&c=300&d=250&e=&g=10a743ff29d1f3909e97739b1ab69973%2F887098673830650361&i=20597%2C22473%2C83339&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716290&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfjb1da8xmmdst5tm9qgxccyraggqhq0afn17ex4zk26w8ab1y243q2m327ar1dr9fxvjmc9mvbe0z8cnpywyv3zf57zggt9ff59yj9dash4wgwd9dtwpbcsf94aqkgthj0k2nthge7x5ytax8pe36nr1f4c61ac4wqnba8gfbqctn0c712f71dcsjpcpx9s57b9qxzqkass2chexzmt4bj3f104kg0skbbt55ddvcja9avrt0a1my59k2hne34hcrt308pkpvq5tve1ya0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDzea3PuZI7gCp-YxdwP2-an0AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0IR8I2Q-Z8MyTwW55mx7cPUmWcnlZZPirvQUMDTD3tPGUz6_GA1nlmVZiNndbVLlnRurvlzGnDLyNGIHkGwrOEUVzcHVF0fQqQAa6AztGkVKAk4t3PLsQ30ymfpjc-Uiz_zDVEHsqgQ4zeNRbEQIFK4JdOqdFwCB9E_A-Khkbx8VThM6iXK61u4vJpwIwBL0HIB51Y3L3X9C27qsTOvmBOd3BjjESPLZBhI8CgF6xvNNh30tMF2EhfMNz8MCEGlv06JlA3ae079r5ROupdYFDPNxdyaVCmt8txf-WVRQgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F8qu1S6wIX00PXxQ27p5QNX3tTg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.47.90 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-47-90.eu-west-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
server: awselb/2.0
content-length: 45
content-type: text/html

GET
H2 200 link.html Show response
track.webgains.com/ Frame FB8A 2 KB
2 KB 82ms
82ms Script
text/html 3.10.47.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2045165&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hhq8771g3wsf2x1stmhcm2154m4m929a62h55y463tnkhmqtsjawkf9yp7rksp80k04nkj40hx1a0649rcaaj801andj2046yt1qyd2jj29chjkbzt0ak5124chc3j44p0ywq24mjym9hp2b5zwnnze51ae200z503aatvsq3f72qvjs7w89c5mzp7cpmrrq6ecwty7d09w9ncn1gcxdrnddcwpzcdx561q2praw74xyssxa06s213kdw0n4dyv%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hfjb1da8xmmdst5tm9qgxccyraggqhq0afn17ex4zk26w8ab1y243q2m327ar1dr9fxvjmc9mvbe0z8cnpywyv3zf57zggt9ff59yj9dash4wgwd9dtwpbcsf94aqkgthj0k2nthge7x5ytax8pe36nr1f4c61ac4wqnba8gfbqctn0c712f71dcsjpcpx9s57b9qxzqkass2chexzmt4bj3f104kg0skbbt55ddvcja9avrt0a1my59k2hne34hcrt308pkpvq5tve1ya0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLDzea3PuZI7gCp-YxdwP2-an0AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0IR8I2Q-Z8MyTwW55mx7cPUmWcnlZZPirvQUMDTD3tPGUz6_GA1nlmVZiNndbVLlnRurvlzGnDLyNGIHkGwrOEUVzcHVF0fQqQAa6AztGkVKAk4t3PLsQ30ymfpjc-Uiz_zDVEHsqgQ4zeNRbEQIFK4JdOqdFwCB9E_A-Khkbx8VThM6iXK61u4vJpwIwBL0HIB51Y3L3X9C27qsTOvmBOd3BjjESPLZBhI8CgF6xvNNh30tMF2EhfMNz8MCEGlv06JlA3ae079r5ROupdYFDPNxdyaVCmt8txf-WVRQgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3F8qu1S6wIX00PXxQ27p5QNX3tTg%252526client%25253Dca-pub-1983042674979462%252526adurl%25253D&clickref=oneid4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHKoneid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneid2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcgoneid__suite_Netmix_Reach13_BlackFridayPush
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24723%2C305597&b=j83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9%2C2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9&f=xDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA%2C4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA&c=300&d=250&e=&g=10a743ff29d1f3909e97739b1ab69973%2F887098673830650361&i=20597%2C22473%2C83339&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716290&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfjb1da8xmmdst5tm9qgxccyraggqhq0afn17ex4zk26w8ab1y243q2m327ar1dr9fxvjmc9mvbe0z8cnpywyv3zf57zggt9ff59yj9dash4wgwd9dtwpbcsf94aqkgthj0k2nthge7x5ytax8pe36nr1f4c61ac4wqnba8gfbqctn0c712f71dcsjpcpx9s57b9qxzqkass2chexzmt4bj3f104kg0skbbt55ddvcja9avrt0a1my59k2hne34hcrt308pkpvq5tve1ya0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDzea3PuZI7gCp-YxdwP2-an0AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0IR8I2Q-Z8MyTwW55mx7cPUmWcnlZZPirvQUMDTD3tPGUz6_GA1nlmVZiNndbVLlnRurvlzGnDLyNGIHkGwrOEUVzcHVF0fQqQAa6AztGkVKAk4t3PLsQ30ymfpjc-Uiz_zDVEHsqgQ4zeNRbEQIFK4JdOqdFwCB9E_A-Khkbx8VThM6iXK61u4vJpwIwBL0HIB51Y3L3X9C27qsTOvmBOd3BjjESPLZBhI8CgF6xvNNh30tMF2EhfMNz8MCEGlv06JlA3ae079r5ROupdYFDPNxdyaVCmt8txf-WVRQgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F8qu1S6wIX00PXxQ27p5QNX3tTg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.10.47.90 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-10-47-90.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 15140244740d8e22709b7dbe59a3b01c1b5fb96b8b52d18374faeb3c5d7c92f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:36 GMT
last-modified: Tue, 29 Aug 2023 22:38:36 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Tue, 29 Aug 2023 22:39:36 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 9F12 51 KB
18 KB 66ms
8ms Script
text/javascript 18.66.147.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=4314458&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hsh0cgh3nsckzxmq0r8hf90sd4m6vhx207hz3qb7xkas7bspeb8144jmeeac6gaj79jdrejdjtccvp5x2mzzbryh6wnhwdx2e6c86svaergrbrjbwxw2rpszksxfnxgkw6btqx5p4tqh060w708vdwq822m9x5bz2jbe68qt2f13hgxvm6dtbn610bqxh0dkmaxg5z9cqeqdbqv3nt8e84n09ff7tsn21qy1je77rdwkhpzw0ttx6kmr3xa5y7md6jh2%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kacxyv5nsc00e1ndha0tfn4rknpqpv5nkg3nahqnvp0pmwdvs3f20qmza3sj4ge161m27ac7a64rfp56hvwyqs3wx3mhyass9pdts5wx7v80m970mzj1kdhddj5j51apqvk7s7bks9f2hbfxag6t9ht8f8n5mqbv02gm3v35xa46qyjn2dhres76bbj39dn71gya6bm0rg66hnh8c5cmn42d3z7e7v3dzhmmyts3kdzx7n5fngvr3za4nxb0eb1dc52kxa76vhnafa23bj0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCX0bza3PuZITiBd_C7_UPiLW40AOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0BhiQUyYHXsMU1j-WWRdHkIrizi_jAgXIJP6xwQ6TQqEd8FX0lbkNoJoqX1lIupWcTnl8aC4T29zqRNpltJzLKXUahpYkk3jRLwdFjjNlYpfYkpyaKUcWo_oUsI8i0Fu5ZNoqtZVZfbpMIqhDAW_UK_Kj8L8-mdchn3eO1B63QKXF89T4qH0hvKHsYHONlCNQkCwxQd6azTjFEjHJ0c8M1EtLWJLGuRLcDyrCPmuR9HOF68EcoOFW0vFkCqm62LVEIxaFvSzXbEZb0idnacdhAIPWsQTyLHvkoKYXpekgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1ZnbQiymMXsTJwgcJAxwP0EgBLiQ%252526client%25253Dca-pub-1983042674979462%252526adurl%25253D&clickref=oneidg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDceoneid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5oneid__suite_Netmix_Reach13_BlackFridayPush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-120.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:40:54 GMT
content-encoding: gzip
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified: Mon, 07 Aug 2023 14:11:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 21463
etag: W/"cb7accb6a6fc086cd831549a78a2fe42"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: 0-cdJ8yWxZamvHLki97-wPYGV_SqkrifYnILqkBooMwBhceev6qkrQ==

GET
H2 200 1685516558_w7VoAGX8eskIDsMiPrGSzoAxHXwiwJWl.jpg
cdn.track.production.webgains.team/293750/ Frame 9F12 5 KB
6 KB 48ms
8ms Image
image/jpeg 99.86.4.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/293750/1685516558_w7VoAGX8eskIDsMiPrGSzoAxHXwiwJWl.jpg?Expires=1693349016&Signature=UCHzZSdhVu3CzReo8NvE1R1xnyKsd-DxHCNuUZ2FpNk8kAnjeRDXPwn3gYfd~ZLKQE6Juzud1u2J9LexxdLW3sAGYdb8hx3S5Nf9cboK2z9~A66miV5udjYPPacty8l2gzztxoi0evc3MLYPtvswRsRv4GFdo2CddRTZw-ZJqdghLLWCZ4svaSfyGTL25hj1ymZW2l0w6hy26KF2twjnp4fwNAkjDMqTmYar9kGd-3AqvD1hxiJJJ-PsxBs96gotrasUATybwX9whxTTWVm-uACSY6QcxZKnz4BEdfVRk7AGgzLvX11BgY2fpd0YHr9XwmKcV8LKpYqZHK4i7y2jog__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=177100%2C331960%2C64769&b=EbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7%2CwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5%2C2xqt6fRQfxEkJuVHWHkt8tAYAcWT7TEYcg&f=ApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9%2Cg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDce%2C4BxHEf1KsZp4RCGH9HdtzCD9DuZTpTjRHK&c=300&d=250&e=&g=cc9a572ced426c513075b78f58d4cab0%2F10985148051160379145&i=65803%2C83131%2C27835&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716274&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1kacxyv5nsc00e1ndha0tfn4rknpqpv5nkg3nahqnvp0pmwdvs3f20qmza3sj4ge161m27ac7a64rfp56hvwyqs3wx3mhyass9pdts5wx7v80m970mzj1kdhddj5j51apqvk7s7bks9f2hbfxag6t9ht8f8n5mqbv02gm3v35xa46qyjn2dhres76bbj39dn71gya6bm0rg66hnh8c5cmn42d3z7e7v3dzhmmyts3kdzx7n5fngvr3za4nxb0eb1dc52kxa76vhnafa23bj0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCX0bza3PuZITiBd_C7_UPiLW40AOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0BhiQUyYHXsMU1j-WWRdHkIrizi_jAgXIJP6xwQ6TQqEd8FX0lbkNoJoqX1lIupWcTnl8aC4T29zqRNpltJzLKXUahpYkk3jRLwdFjjNlYpfYkpyaKUcWo_oUsI8i0Fu5ZNoqtZVZfbpMIqhDAW_UK_Kj8L8-mdchn3eO1B63QKXF89T4qH0hvKHsYHONlCNQkCwxQd6azTjFEjHJ0c8M1EtLWJLGuRLcDyrCPmuR9HOF68EcoOFW0vFkCqm62LVEIxaFvSzXbEZb0idnacdhAIPWsQTyLHvkoKYXpekgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1ZnbQiymMXsTJwgcJAxwP0EgBLiQ%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-94.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f59796638c7e20f2670b48291fa640999399d26df98e745266819d09a2d3382a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 29 Aug 2023 07:52:25 GMT
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
last-modified: Wed, 31 May 2023 07:02:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 53171
x-amz-server-side-encryption: AES256
etag: "5f13380fc04441bf12ae889c4e1c8818"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 5356
x-amz-cf-id: MLmG9vbU-iiDnAVK6jpz5KgfnJvJkSzfQ5bFmdTbo6q_da4WB7OFLg==

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame FB8A 51 KB
18 KB 45ms
10ms Script
text/javascript 18.66.147.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2045165&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hhq8771g3wsf2x1stmhcm2154m4m929a62h55y463tnkhmqtsjawkf9yp7rksp80k04nkj40hx1a0649rcaaj801andj2046yt1qyd2jj29chjkbzt0ak5124chc3j44p0ywq24mjym9hp2b5zwnnze51ae200z503aatvsq3f72qvjs7w89c5mzp7cpmrrq6ecwty7d09w9ncn1gcxdrnddcwpzcdx561q2praw74xyssxa06s213kdw0n4dyv%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hfjb1da8xmmdst5tm9qgxccyraggqhq0afn17ex4zk26w8ab1y243q2m327ar1dr9fxvjmc9mvbe0z8cnpywyv3zf57zggt9ff59yj9dash4wgwd9dtwpbcsf94aqkgthj0k2nthge7x5ytax8pe36nr1f4c61ac4wqnba8gfbqctn0c712f71dcsjpcpx9s57b9qxzqkass2chexzmt4bj3f104kg0skbbt55ddvcja9avrt0a1my59k2hne34hcrt308pkpvq5tve1ya0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLDzea3PuZI7gCp-YxdwP2-an0AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0IR8I2Q-Z8MyTwW55mx7cPUmWcnlZZPirvQUMDTD3tPGUz6_GA1nlmVZiNndbVLlnRurvlzGnDLyNGIHkGwrOEUVzcHVF0fQqQAa6AztGkVKAk4t3PLsQ30ymfpjc-Uiz_zDVEHsqgQ4zeNRbEQIFK4JdOqdFwCB9E_A-Khkbx8VThM6iXK61u4vJpwIwBL0HIB51Y3L3X9C27qsTOvmBOd3BjjESPLZBhI8CgF6xvNNh30tMF2EhfMNz8MCEGlv06JlA3ae079r5ROupdYFDPNxdyaVCmt8txf-WVRQgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3F8qu1S6wIX00PXxQ27p5QNX3tTg%252526client%25253Dca-pub-1983042674979462%252526adurl%25253D&clickref=oneid4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHKoneid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneid2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcgoneid__suite_Netmix_Reach13_BlackFridayPush
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-120.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 16:40:54 GMT
content-encoding: gzip
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
last-modified: Mon, 07 Aug 2023 14:11:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 21463
etag: W/"cb7accb6a6fc086cd831549a78a2fe42"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: FcVm4MX08ruhWOTQGE6rpEv6_MxJWsRZI6lHFMOOXd3lYbkrHnyXKw==

GET
H2 200 banner%20120x600.jpg
cdn.track.production.webgains.team/264135/ Frame FB8A 103 KB
103 KB 26ms
9ms Image
image/jpeg 99.86.4.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/264135/banner%20120x600.jpg?Expires=1693349016&Signature=MqbAgcM8wvc-pqYCN-WxzvbfdosywOIxARPgzq4OyI64rzFTR7vKxjcpRVcmafKXJjBVdTh1C~qeedmpIHIRnPM8fnKKcT~80NVQCXUFBZF~t2loVlDh1TFIJW4gqUJLRYGNM5ELUJCizeDyMH4uTAMpvvq6ZRm2miTz26toKMiqDywNLBtouIOy6QuXOS~yNS09YQKK9pg~pyidosLIeDebCTx873Qi2tIAhs8hloRVPUPUwEvtMiuTt3RxK0OYDUflIAdV5hmXXG3K2U745~24eWMXDidt9px5Te14Ij7da4YNyp6rbC0dVTDZAPnxn151fIkT9gNwzoPOSuu4WQ__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=183975%2C24723%2C305597&b=j83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9%2C2xqt6fRQfJgzuVHWHkt8tmemcWT7TEYcg%2Cj83uEfZeS8drxhYHEH2t6t4x5YsKTzTxJc9&f=xDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsA%2C4BxHEf1KsRWKUGH9HdtzCxzxUZTpTjRHK%2CxDwUQfgPSwemASPHdHztDCm3PbcJT6T8ZsA&c=300&d=250&e=&g=10a743ff29d1f3909e97739b1ab69973%2F887098673830650361&i=20597%2C22473%2C83339&j=21%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach13_BlackFridayPush&r=1693348716290&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hfjb1da8xmmdst5tm9qgxccyraggqhq0afn17ex4zk26w8ab1y243q2m327ar1dr9fxvjmc9mvbe0z8cnpywyv3zf57zggt9ff59yj9dash4wgwd9dtwpbcsf94aqkgthj0k2nthge7x5ytax8pe36nr1f4c61ac4wqnba8gfbqctn0c712f71dcsjpcpx9s57b9qxzqkass2chexzmt4bj3f104kg0skbbt55ddvcja9avrt0a1my59k2hne34hcrt308pkpvq5tve1ya0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCLDzea3PuZI7gCp-YxdwP2-an0AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0IR8I2Q-Z8MyTwW55mx7cPUmWcnlZZPirvQUMDTD3tPGUz6_GA1nlmVZiNndbVLlnRurvlzGnDLyNGIHkGwrOEUVzcHVF0fQqQAa6AztGkVKAk4t3PLsQ30ymfpjc-Uiz_zDVEHsqgQ4zeNRbEQIFK4JdOqdFwCB9E_A-Khkbx8VThM6iXK61u4vJpwIwBL0HIB51Y3L3X9C27qsTOvmBOd3BjjESPLZBhI8CgF6xvNNh30tMF2EhfMNz8MCEGlv06JlA3ae079r5ROupdYFDPNxdyaVCmt8txf-WVRQgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_3F8qu1S6wIX00PXxQ27p5QNX3tTg%2526client%253Dca-pub-1983042674979462%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-94.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 94f54661c81da124054968cf2555b727cd2f6df9db1fed49aa8314df0e6b1362

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: null
date: Tue, 29 Aug 2023 03:28:08 GMT
via: 1.1 7fcb41b117930690c299be9cec4a977a.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 10:09:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 69029
etag: "ec6cbec7e316ce99d9af521aeafffab0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 105375
x-amz-cf-id: hXXYzTdXDrHP126VYuF48eFl8TQwcDc6dOJMzJEB33XAmsnVZpKFHg==

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D60F 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_dhTg-6NjQKFtAX7g9IZf0S-6sKpJkxZWkmZM8yDXCLtBzUkll5_k9xPrwSucMcgePXlt9xGW2_Fy76olFCmqiKHTaHNukRndZy3e&sig=Cg0ArKJSzHbuPmjyMlY8EAE&id=lidar2&mcvt=1002&p=0,0,250,300&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&v=20230828&bin=7&avms=nio&bs=0,0&mc=0.54&if=1&vu=1&app=0&itpl=20&adk=4228253406&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693348715451&rpt=274&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame DBCC 0
0 73ms
72ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230828&jk=3972637629488550&bg=!qqmlqebNAAYkVgHwBFY7ADQBe5WfOA89A3MU9z-YFtLewx2Vu6F57qjtSQA1wxqs-JAOkhIfLreZVQ7aahRVUqaA0BbwAgAAAVJSAAAAHmgBBwoAAeSZAsmNRN4bZgg1VW9I11V9MHxOzgZppjEFGcqqPUHa0GdVCtRWD6rIEz588ps4DY3i9U9dRQNDymfudUU9XvHrV6FaRk5CkId_MyqunUdRIeO1Z69bld5UaKhIMY89BsUbXRCsWYdyI6SGEJgRpTu3myFVADhr5X3M58kWdSGdbtPd2FSMowjxtLldCxAGSwlYfRqFEC5fmGHO736Fv2letqQ8DrFmlMSnSy75AgxR4kVQI-qFWTZmIYXLV34iy4UKP_Ua3Ai03LY6FEEVcsz8NnKVtRSrdJozejkGgRAF9J9ewLhghcK9ASIiKozk0DKni1i3Zz3YMff4Ssbh8qTSLrO_SEMZBGpWPbiAt_ngVEAZ8Fz5sat3cDHZE64464aWwvGZ3_Fg4encpyXbBYdqfRnbtNBfyU8qRcYUJQMrGrD7Nql2QPL033Tf35T5nxcN47MVKe-ZUPGf52uWNEMT9oy3UjwUAzmnICZeEyb9nfBOKKlkpUV_XynwbZOCHj42zpvKNird5eSnk7XR_L0YjKEcJIHjhXHFQgk15bG94E-gRN20jNcKEivb94E0cYG662ft4tj5QX8UcQrgcBUlbrxx40XeFJboqCyGB4ddwQohth62SJER8qEXE8L57iDqMNnITaLhBl07qhsC2VC8JqJlU306mRCouh4ObZmWF74tHid2B-VQ_4Emma3YVIN994sYYv4KkUOu6Fgw1-Bj--nSm25CxVokCY9puGCAJWfMGT9ZaR1dYFGOmcyIY5Gm4EnuewwkJNKSOVSJ1uXtASWqOujpldir8PoJCpQFmEOwx4hXcuy2mVbxVIeSN-T1rxGRwPS4G6qp_hYg0m1gjCFxzcCoDC3sfeBucRKOYY_esIVWotFLRmf3O4HfE65u0d1hbs7H6TJPcWyzd1YPoiQROCbWnuKMrfr9XQJ8y9r1f2Sl9ieMxVhzAw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E52B 0
0 73ms
73ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230828&jk=3629789203006036&bg=!qaqlquXNAAYkVgHwBFY7ADQBe5WfOASl9aUSzQDE7Zy2kMXp8PjCaAHd7oF2Vt1fE8AI2ml_WvxdII3ONG41fI2jJpkPAgAAAUJSAAAACGgBB5kCz72zNDitkO4A-9z4WeHQnPLzbA8KIpuzKLbvQqH4bTl41JMkJCddetp0NnNaYd7OGu2QUVUla0vqLMCsRFmrsp96QMbayeS7osSnaQzYA1Q7tFC5X8SMso5whdvAY5lM8q2yKpWOS0lmYLSXvVCqjHENhe885NBe_CpboUMos4AAxsInCO9rdDRa_dTlkxJ7yWvQrj0IAzUJ_2tCwJYRF-zuH3qS52n9Gxpczboxlwpr5PhGFg5JF7rVZehb02EmcTKs2EHz-JhoqLmGF0JFzfr5qVDLttR2QgSJAoVyqjsT0snyaRh5x9bSINGQcxeCSSAldWJsBkQNusKwUVGYPEC1VOHoRAHweaC5N_plzRLB_mqBhDhn8s6Ls-U9yKSj_G7y9Y0gxkWKjcr9y5uxK7meRPClMLeoe7bfTQ-Fwo_JHC3ktOneq5UcHCMIoPa04pGJdRoYjIvvd5GwqMkovdnPR5X2ylSDtY7WDhGLRqaeDokyyXjndXhMqnfhZsq0myr1j55oRFWm22CLgC5DihGpPix2AcbTk6JgcwiKvoyL_kddVHI5wQq45AeCCiBnpeK3yFSAbWiFvg5P-lKCQN604WL9DqCCusMxvf0S6t-jCbc37zBWTrNuqEdtH7lUmtAAm6ZIEcWRa2AeOSQkjbCA5OYIZhIs1rQ4IXJJCIrD1v4NUQFzz3dUtHqlzlGkp8KAwKPfWHXUBcSz4QHIbI9ErurJX2ZKhaSYTTY2GZxAbkzB1uWZTsnPuRb7UiViubYZvyxtQ79l9kGBk1s_raoDL1l3s76gaiPQcS_e2xCWj-IAmX0PwnrEpSCkKuqaf1O-hHdNBYrgS0JFjZfDq5B6CADO3sPK4O-TH7Q0uksrz4m0dwe0zT_DP3MgvTcMoH8ux3_6feixfgRGNeBDFVTb7407LB00xxmo9lsJ9X73007AZnkHKQ9aCSK_Sc89
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EBC7 0
0 72ms
72ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230828&jk=3439189426482461&bg=!NDelN3jNAAYkVgHwBFY7ADQBe5WfODCkzP9kKIcHJS1sA0lcj7R5hv8RSWpxV-vprWvzkI3HDMKEvBgPwlWfqgIcRUL7AgAAASBSAAAACGgBB5kCydvbTSZkgOkHQS4vJu3ShTCLn2JFePILSxbt16MJkqvJNQl97zTA4fCn951pIhuvnHegCvPXXhsu1hqmQMWGznoIblzql8BULjMtGJ9nmw5zKPMloXJtML9kg-TWFkozKf3JOqHoAfEbbVhZQUByMM1IjiNF5yHGyVJiSCKSnOwjnJgqCSiLHR3nJBpIyfveKY1-nzFCxfIIU0IB8JQbV_i0wU6EXvxfEAO97_FFBhaeStK0U4cQhxGnshGp_-UMt9VoS-rP2Sz2Hv8D6P86mvcSd3CV0bH8dLvOWAIqRDu__r8uTppDTEobstrou9pxJBmUfHCFTE4tX7jQIBfuZCeZjMULqCYUjiXhud0Ez6UV9oax55G8fJ8hroHWpXhMupIJHUY1IKXrS-o0mhhb-lPs20aKD3fvQCNnNhYfiHiIPk9G7gzbrTdFHU1wdq-6TL1yma46_U6fdGAOxz3YdeKguWCH2QVWrJY2F1BdD42Q3ibU-5UAyTe_l2n0pwbBX9K5XinjkPuTr7rbB2x99zbHqABNF4lMhQFf138atVSQPV0N7L29DQ2EuQHQHOpEKAoffnOZ7SNhuwt2fwPNfJjR5cqwN8PuoeU_WmKGw-RaTAOXoFO2_OqzU7Cn4vYj5q3vqmvK9QsxWnSvrZpEaWlIw3xg0vfwpgzteVWwD-IrcZ4ll9wDsbZUFP4npSPu2UPLSSE4BzEnCGmoSoqVBs-dRc5A7LDlMEG_8nxCvZfWMD1yslvDzIe-eQ-i16sB7Oee83hCzTmv64sMLWAFDraaBm5XZDMYjrMZ9-wsm7noGtFuEbnzGWlqxx-wDTN1D8hqxvQnizCX8uzovur-ooRjjlnDX5T0C1qMjyDwAqfBvlmquuvQ_vlZQriDgzXphvyWyHs5lSleKJgy2ZFVR_j86Fp5SH6J23wFfyxpcbQSG1ukdPJlD2ei
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4A11 0
0 73ms
73ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230828&jk=3930112406842115&bg=!KimlKWbNAAYkVgHwBFY7ADQBe5WfOJewdAXfAokQZllD8bu9tXatE2mZvEQrDY_9xQifJWp0ynL1qktFFCg_gxxGEGVBAgAAAQlSAAAACGgBB5kCuk_m6Nn_C5THNMpzjB3Vv8VBZKHZAVjd5h-WvMeE2Hxco3_obAK5vXUsOzoK3m3HYBVWMbYZHdt840PZiU4LvGroQYSHR3OWns6nqW5IWqjMdnGRFp6l7oBVSLaSbfZFgoz0BMl3orSDGiQB3LFZV_0HZYDGU164c5AAO-5P_yN3Rm7tm4mE4xUcyrpy7XkkYHHEukdTOwvml9Dw6einBdkGYE_Rdyi-CNqDBur_8cyeWohZGMW-B_20yRqLDzxsdvz6rWuz_8Rmn5FV5QjtVcHgynne95536m0nbtff5mj89EFCrwsLdrnqLjQA7OOR4uNetuBiGi3UkPqPXS4cBXwLJ1K2WeNvSYZ2aHjKsB-yF3TJcARsExuyf20BRKZa1Hga1UTCTQ3Utyr_uQPpvEmEmEIqHDSYUkxhpMW8QRM2HlRoFDkQLog8ZxJXJlZ_SgEb5td7k3G40BEiGjjp6zz7v2iXd03cnJAEsaanEKzdS1LQoqszqeHniWHqrZ7YyRJ9afUKyV94Z_HkPkM_HRH6gooQs2Et4JzzfrxFwdOtcvxvRS1NhuBWx4xsgHcDUrg5A70zHl_IAdL41-ktK94kWasFR4J_SHNdSgCEyOyvTdBIcHPTJpHrttcH430bH8dycQz0HfXwuJYlgqvgMeHQkcc_5vtEp34C8seec7h80wt5xrvuqcUVqJFEL8RVMm_ayCs53jtE9j42gwSXWFxepfZgF5d1Vkj5kxaXFcQG7cqw6NcsOc71VnU_tCrqDaQDuGOpmz2I0c4ymA1nB0EJjjSSplAbcmXGNcIiVmFt6UcXSMf8jy5Z0Y4xIZa0fwoK7ZB0pdv4T7AFfLsWc1WNB_1oB5W-Eq6fc1-hvep1AXkMZRp74g-4YN8SHTAkpm-d_rlAhXWVn7Iz93me5jDRIIX5udPwRnM-
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

GET
H/1.1 200
OK idSync
sync.aralego.com/ 35 B
413 B 450ms
103ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:37 GMT
connection: close
content-length: 35
content-type: image/gif

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 9F12 16 B
209 B 62ms
60ms Fetch
application/json 35.179.59.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.179.59.129 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-179-59-129.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 29 Aug 2023 22:38:37 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 95ms
19ms Preflight 35.179.59.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.179.59.129 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-179-59-129.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Tue, 29 Aug 2023 22:38:37 GMT
server: nginx

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame FB8A 16 B
209 B 81ms
80ms Fetch
application/json 35.179.59.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.179.59.129 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-179-59-129.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 29 Aug 2023 22:38:37 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 58ms
20ms Preflight 35.179.59.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.179.59.129 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-179-59-129.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Tue, 29 Aug 2023 22:38:37 GMT
server: nginx

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame 2D3F 35 B
413 B 391ms
98ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:37 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame DBCC 35 B
413 B 395ms
102ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:37 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame EBC7 35 B
413 B 393ms
99ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:37 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame E52B 35 B
413 B 387ms
93ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:37 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK idSync
sync.aralego.com/ Frame 4A11 35 B
413 B 394ms
102ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idSync
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Fairfax, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:37 GMT
connection: close
content-length: 35
content-type: image/gif

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 18ms
17ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-PPY9Z37CCJ&gtm=45je38n0&_p=705413750&cid=544351479.1693348713&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1693348713&sct=1&seg=0&dl=https%3A%2F%2Flihkg.com%2Fthread%2F3470022%2Fpage%2F2&dt=%233470022%23%E4%BB%8A%E6%97%A5%E4%BF%BE%E5%80%8B%E8%81%B7%E5%93%A1%E5%8F%AB%E6%88%91%E5%8E%BB%E7%9F%B3%E9%96%80%E6%8B%8E%E5%AD%B8%E7%94%9F%E8%AD%89&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PPY9Z37CCJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 29 Aug 2023 22:38:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lihkg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/palmate-lihkg/trc/3/ Frame D897 3 KB
2 KB 96ms
80ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-lihkg/trc/3/json?tim=00%3A38%3A39.694&lti=deflated&data=%7B%22id%22%3A680%2C%22ii%22%3A%22%2Fsmj%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1693305329359%2C%22vi%22%3A1693348719690%2C%22cv%22%3A%2220230829-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpb.lihkg.com%2Fsmj%3Ftheme%3Dlight%26passback%3D1%26platform%3Dmobile-web%26is_mobile%3D1%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A1%2C%22ga%22%3Atrue%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fpb.lihkg.com%2Fsmj%3Ftheme%3Dlight%26passback%3D1%26platform%3Dmobile-web%26is_mobile%3D1%22%2C%22vpi%22%3A%22%2Fsmj%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A320%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A320%2C%22dh%22%3A250%2C%22qs%22%3A%22%3Ftheme%3Dlight%26passback%3D1%26platform%3Dmobile-web%26is_mobile%3D1%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-gam-300x250%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Article%20Thumbnail%20300x250%22%2C%22orig_uip%22%3A%22Mid%20Article%20Thumbnail%20300x250%22%2C%22cd%22%3A0%2C%22mw%22%3A0%2C%22amw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fsmj%2CMid%20Article%20Thumbnail%20300x250%3Dthumbnails-gam-300x250%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 99442ffdcbca472f9dd7c91b57bd872e32eea3c50761a8370c02d9ab4102387e

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 73
date: Tue, 29 Aug 2023 22:38:39 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7482
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230067-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1693348720.713902,VS0,VE73
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://pb.lihkg.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/palmate-lihkg/trc/3/ Frame 3686 3 KB
2 KB 96ms
83ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-lihkg/trc/3/json?tim=00%3A38%3A39.699&lti=deflated&data=%7B%22id%22%3A293%2C%22ii%22%3A%22%2Fsmj%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1693305329359%2C%22vi%22%3A1693348719698%2C%22cv%22%3A%2220230829-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpb.lihkg.com%2Fsmj%3Ftheme%3Dlight%26passback%3D1%26platform%3Dmobile-web%26is_mobile%3D1%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A1%2C%22ga%22%3Atrue%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fpb.lihkg.com%2Fsmj%3Ftheme%3Dlight%26passback%3D1%26platform%3Dmobile-web%26is_mobile%3D1%22%2C%22vpi%22%3A%22%2Fsmj%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A320%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A320%2C%22dh%22%3A250%2C%22qs%22%3A%22%3Ftheme%3Dlight%26passback%3D1%26platform%3Dmobile-web%26is_mobile%3D1%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-gam-300x250%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Article%20Thumbnail%20300x250%22%2C%22orig_uip%22%3A%22Mid%20Article%20Thumbnail%20300x250%22%2C%22cd%22%3A0%2C%22mw%22%3A0%2C%22amw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fsmj%2CMid%20Article%20Thumbnail%20300x250%3Dthumbnails-gam-300x250%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 490f98c1546f8b02490bd5705e5b6e328698766b64fa67d2999b79171119b02d

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 77
date: Tue, 29 Aug 2023 22:38:39 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7458
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230067-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1693348720.713883,VS0,VE77
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://pb.lihkg.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 userx.20230829-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame D897 17 KB
6 KB 7ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230829-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 723ca45bc19fb07fbebe56f38e0f52626fca12b1f701ba1eefa33bf41b23efca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: skt8UWvYNkGjnz7ZpNLRFS7KR8tL3Le_
content-encoding: gzip
via: 1.1 varnish
date: Tue, 29 Aug 2023 22:38:39 GMT
x-amz-request-id: T7SM0E8J3Y5JTBM9
age: 43051
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: SQ0dE2lkXPfEtWyaalEi2WqEiOU36hHwHGkEmHErudaAT+5J/PY+JKKwBP+Oj3kg5iX/UEbbQbk=
x-served-by: cache-fra-eddf8230067-FRA
last-modified: Tue, 29 Aug 2023 10:41:09 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693348720.818817,VS0,VE0
etag: "465df069033ddeffaac71b302063aca4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 48
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 30917

GET
H2 204 abtests
am-trc-events.taboola.com/palmate-lihkg/log/3/ Frame D897 0
231 B 56ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-lihkg/log/3/abtests?route=AM:AM:V&lti=deflated&ri=b514dc1c537302e2654c641fca1da7ac&sd=v2_0dbfea2c2b4cf09d15b7061dcc25f771_b1e454ff-1667-4d89-8a25-18d9fb835f4d-tuctbe7f8ef_1693348719_1693348719_CNawjgYQuLpcGMrYy5ukMSABKAEwODib4wlAgYoQSNqc2gNQ____________AVgAYABo8Yjmp8nnrMKLAXAA&ui=b1e454ff-1667-4d89-8a25-18d9fb835f4d-tuctbe7f8ef&pi=/smj&wi=-8323673355417702064&pt=text&vi=1693348719690&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1693348719806%7D&tim=00%3A38%3A39.807&id=3405&llvl=2&cv=20230829-7-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 29 Aug 2023 22:38:39 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 userx.20230829-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 3686 17 KB
5 KB 8ms
8ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230829-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 723ca45bc19fb07fbebe56f38e0f52626fca12b1f701ba1eefa33bf41b23efca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: skt8UWvYNkGjnz7ZpNLRFS7KR8tL3Le_
content-encoding: gzip
via: 1.1 varnish
date: Tue, 29 Aug 2023 22:38:39 GMT
x-amz-request-id: T7SM0E8J3Y5JTBM9
age: 43051
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: SQ0dE2lkXPfEtWyaalEi2WqEiOU36hHwHGkEmHErudaAT+5J/PY+JKKwBP+Oj3kg5iX/UEbbQbk=
x-served-by: cache-fra-eddf8230067-FRA
last-modified: Tue, 29 Aug 2023 10:41:09 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693348720.837083,VS0,VE0
etag: "465df069033ddeffaac71b302063aca4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 51
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 30918

GET
H2 204 fix-user-id
trc.taboola.com/palmate-lihkg/log/3/ Frame 3686 0
299 B 16ms
15ms Image
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/palmate-lihkg/log/3/fix-user-id?lti=deflated&ri=279cc383edce9440ad3c8ad92e214f77&sd=v2_9956d9dffbfebae7cb02f9373dbddd5c_dc6418d1-ff1a-4e90-99df-3f556d0fb1dd-tuctbe7f8ef_1693348719_1693348719_CNawjgYQuLpcGNLYy5ukMSABKAEwODib4wlAgYoQSNqc2gNQ____________AVgAYABo8Yjmp8nnrMKLAXAA&ui=dc6418d1-ff1a-4e90-99df-3f556d0fb1dd-tuctbe7f8ef&pi=/smj&wi=-8323673355417702064&pt=text&vi=1693348719698&time=1693348719823&fromUser=b1e454ff-1667-4d89-8a25-18d9fb835f4d-tuctbe7f8ef&toUser=dc6418d1-ff1a-4e90-99df-3f556d0fb1dd-tuctbe7f8ef&fromSD=v2_0dbfea2c2b4cf09d15b7061dcc25f771_b1e454ff-1667-4d89-8a25-18d9fb835f4d-tuctbe7f8ef_1693348719_1693348719_CNawjgYQuLpcGMrYy5ukMSABKAEwODib4wlAgYoQSNqc2gNQ____________AVgAYABo8Yjmp8nnrMKLAXAA&toSD=v2_9956d9dffbfebae7cb02f9373dbddd5c_dc6418d1-ff1a-4e90-99df-3f556d0fb1dd-tuctbe7f8ef_1693348719_1693348719_CNawjgYQuLpcGNLYy5ukMSABKAEwODib4wlAgYoQSNqc2gNQ____________AVgAYABo8Yjmp8nnrMKLAXAA&tim=00%3A38%3A39.823&id=5370&llvl=2&cv=20230829-7-RELEASE&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Tue, 29 Aug 2023 22:38:39 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7334
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230067-FRA
pragma: no-cache
server: nginx
x-timer: S1693348720.838224,VS0,VE9
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 abtests
am-trc-events.taboola.com/palmate-lihkg/log/3/ Frame 3686 0
230 B 38ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-lihkg/log/3/abtests?route=AM:AM:V&lti=deflated&ri=279cc383edce9440ad3c8ad92e214f77&sd=v2_9956d9dffbfebae7cb02f9373dbddd5c_dc6418d1-ff1a-4e90-99df-3f556d0fb1dd-tuctbe7f8ef_1693348719_1693348719_CNawjgYQuLpcGNLYy5ukMSABKAEwODib4wlAgYoQSNqc2gNQ____________AVgAYABo8Yjmp8nnrMKLAXAA&ui=dc6418d1-ff1a-4e90-99df-3f556d0fb1dd-tuctbe7f8ef&pi=/smj&wi=-8323673355417702064&pt=text&vi=1693348719698&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1693348719827%7D&tim=00%3A38%3A39.827&id=429&llvl=2&cv=20230829-7-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 29 Aug 2023 22:38:39 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 json Show response
trc.taboola.com/palmate-lihkg/trc/3/ Frame BAAB 3 KB
2 KB 89ms
88ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-lihkg/trc/3/json?tim=00%3A38%3A39.850&lti=deflated&data=%7B%22id%22%3A174%2C%22ii%22%3A%22%2Fsmj%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_9956d9dffbfebae7cb02f9373dbddd5c_dc6418d1-ff1a-4e90-99df-3f556d0fb1dd-tuctbe7f8ef_1693348719_1693348719_CNawjgYQuLpcGNLYy5ukMSABKAEwODib4wlAgYoQSNqc2gNQ____________AVgAYABo8Yjmp8nnrMKLAXAA%22%2C%22ui%22%3A%22dc6418d1-ff1a-4e90-99df-3f556d0fb1dd-tuctbe7f8ef%22%2C%22uifp%22%3A%22dc6418d1-ff1a-4e90-99df-3f556d0fb1dd-tuctbe7f8ef%22%2C%22lbt%22%3A1693305329359%2C%22vi%22%3A1693348719844%2C%22cv%22%3A%2220230829-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpb.lihkg.com%2Fsmj%3Ftheme%3Dlight%26passback%3D1%26platform%3Dmobile-web%26is_mobile%3D1%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A1%2C%22ga%22%3Atrue%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fpb.lihkg.com%2Fsmj%3Ftheme%3Dlight%26passback%3D1%26platform%3Dmobile-web%26is_mobile%3D1%22%2C%22vpi%22%3A%22%2Fsmj%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A320%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A320%2C%22dh%22%3A250%2C%22qs%22%3A%22%3Ftheme%3Dlight%26passback%3D1%26platform%3Dmobile-web%26is_mobile%3D1%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-gam-300x250%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Article%20Thumbnail%20300x250%22%2C%22orig_uip%22%3A%22Mid%20Article%20Thumbnail%20300x250%22%2C%22cd%22%3A0%2C%22mw%22%3A0%2C%22amw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fsmj%2CMid%20Article%20Thumbnail%20300x250%3Dthumbnails-gam-300x250%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9238b43cdc071efcc3f09db1454c889c86904ce11fb8761dc09e8169b2c2ef48

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 82
date: Tue, 29 Aug 2023 22:38:39 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7147
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230067-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1693348720.853904,VS0,VE82
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://pb.lihkg.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 f498ba5bd6f04bc888e9f258ea48550e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D897 6 KB
7 KB 9ms
5ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f498ba5bd6f04bc888e9f258ea48550e.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ba0f85e1ea446943ab6a8d652e5c00228cd06402263dc6e10687a61d57b7533c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 29 Aug 2023 22:38:39 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f498ba5bd6f04bc888e9f258ea48550e.jpg
age: 2469709
edge-cache-tag: 586015311461799713573492966267005842837,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 586015311461799713573492966267005842837,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 214
expiration: expiry-date="Fri, 04 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.weser-kurier.de/
content-length: 6186
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100146-IAD, cache-iad-kcgs7200033-IAD, cache-sna10747-LGB, cache-iad-kcgs7200067-IAD, cache-fra-eddf8230067-FRA
last-modified: Tue, 04 Jul 2023 09:10:13 GMT
server: nginx
x-timer: S1693348720.858039,VS0,VE1
etag: "c430ffc725e6b48dab91758ef0877338"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 27, 1

GET
H2 200 c3ae11ee3d8909fdba31be5db6dd5ecb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 3686 16 KB
17 KB 7ms
7ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c3ae11ee3d8909fdba31be5db6dd5ecb.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: af880809ebc3490a493fdf0fe3bd2fe3372f37480bfb48cdbbfe0d040dbf605d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 29 Aug 2023 22:38:39 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c3ae11ee3d8909fdba31be5db6dd5ecb.jpg
age: 1241443
edge-cache-tag: 544051340269768483257890749870413906243,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 544051340269768483257890749870413906243,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 1285
req-referer: https://www.sanier.de/
content-length: 16350
x-request-id: 6c47ee3cd8a2c6e9ff71dbccfe2f37fe
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200143-IAD, cache-iad-kjyo7100128-IAD, cache-chi-kigq8000132-CHI, cache-iad-kcgs7200072-IAD, cache-fra-eddf8230067-FRA
last-modified: Tue, 08 Aug 2023 02:03:08 GMT
server: nginx
x-timer: S1693348720.870196,VS0,VE1
etag: "dff11d8d8a628f8fa8499210608757d5"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 9, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f498ba5bd6f04bc888e9f258ea48550e.jpg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ba0f85e1ea446943ab6a8d652e5c00228cd06402263dc6e10687a61d57b7533c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 29 Aug 2023 22:38:39 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f498ba5bd6f04bc888e9f258ea48550e.jpg
age: 2469709
edge-cache-tag: 586015311461799713573492966267005842837,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 586015311461799713573492966267005842837,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 214
expiration: expiry-date="Fri, 04 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.weser-kurier.de/
content-length: 6186
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100146-IAD, cache-iad-kcgs7200033-IAD, cache-sna10747-LGB, cache-iad-kcgs7200067-IAD, cache-fra-eddf8230067-FRA
last-modified: Tue, 04 Jul 2023 09:10:13 GMT
server: nginx
x-timer: S1693348720.878492,VS0,VE0
etag: "c430ffc725e6b48dab91758ef0877338"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 27, 2

GET
H2 206 https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1684248547%2Fnhh2ovm1zwul5x3op4n5.mp4
videos.taboola.com/taboola/video/fetch/q_auto:low/ Frame D897 57 KB
57 KB 23ms
8ms Media
video/mp4 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://videos.taboola.com/taboola/video/fetch/q_auto:low/https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1684248547%2Fnhh2ovm1zwul5x3op4n5.mp4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.44 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

0ae6d5e96fc82e373137e8cd555d4c272430f6752b033f5a7e797c11cfe3881e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://pb.lihkg.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Range: bytes=0-

Response headers

strict-transport-security: max-age=604800
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
date: Tue, 29 Aug 2023 22:38:39 GMT
age: 3764780
x-cache: HIT, HIT
Content-Range: bytes 0-58070/58071
server-timing: cld-akam;mitm=f;dur=257;cpu=108;start=2023-07-17T08:52:19.223Z;desc=miss,rtt;dur=0,cloudinary;dur=145;start=2023-07-17T08:52:19.266Z
Content-Length: 58071
x-backend-name: fastlyshield--shield_cache_iad_kiad7000093_IAD
x-served-by: cache-iad-kiad7000093-IAD, cache-fra-eddf8230067-FRA
last-modified: Sun, 11 Jun 2023 11:57:33 GMT
server: Cloudinary
x-timer: S1693348720.909992,VS0,VE2
etag: "ef90ee8760079022832fa95519d61bdf"
vary: /video/fetch/q_auto:low/https%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Fv1684248547%2Fnhh2ovm1zwul5x3op4n5.mp4
content-type: video/mp4;codecs=avc1
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,Content-Range,Etag,Server-Timing,Vary,X-Cld-Error,X-Content-Type-Options
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 79, 0

GET
H2 204 debug
am-trc-events.taboola.com/palmate-lihkg/log/2/ Frame 3686 0
89 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-lihkg/log/2/debug?tim=00%3A38%3A39.896&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=2682&cv=20230829-7-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:39 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13324

GET
H2 204 debug
am-trc-events.taboola.com/palmate-lihkg/log/2/ Frame D897 0
89 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-lihkg/log/2/debug?tim=00%3A38%3A39.879&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=6575&cv=20230829-7-RELEASE&lt=deflated&uuid=071f62cb50e1e9698fdd97cd4edb39c65fa667ef47816ef1f26de3e7e6cb7c3f&dcc=1&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:39 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13324

GET
H2 200 f498ba5bd6f04bc888e9f258ea48550e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame D897 6 KB
6 KB 7ms
7ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f498ba5bd6f04bc888e9f258ea48550e.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ba0f85e1ea446943ab6a8d652e5c00228cd06402263dc6e10687a61d57b7533c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 29 Aug 2023 22:38:39 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f498ba5bd6f04bc888e9f258ea48550e.jpg
age: 2469709
edge-cache-tag: 586015311461799713573492966267005842837,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 586015311461799713573492966267005842837,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 214
expiration: expiry-date="Fri, 04 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.weser-kurier.de/
content-length: 6186
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100146-IAD, cache-iad-kcgs7200033-IAD, cache-sna10747-LGB, cache-iad-kcgs7200067-IAD, cache-fra-eddf8230067-FRA
last-modified: Tue, 04 Jul 2023 09:10:13 GMT
server: nginx
x-timer: S1693348720.908291,VS0,VE0
etag: "c430ffc725e6b48dab91758ef0877338"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 27, 3

GET
H2 200 userx.20230829-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame BAAB 17 KB
6 KB 7ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230829-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 723ca45bc19fb07fbebe56f38e0f52626fca12b1f701ba1eefa33bf41b23efca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: skt8UWvYNkGjnz7ZpNLRFS7KR8tL3Le_
content-encoding: gzip
via: 1.1 varnish
date: Tue, 29 Aug 2023 22:38:39 GMT
x-amz-request-id: T7SM0E8J3Y5JTBM9
age: 43051
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: SQ0dE2lkXPfEtWyaalEi2WqEiOU36hHwHGkEmHErudaAT+5J/PY+JKKwBP+Oj3kg5iX/UEbbQbk=
x-served-by: cache-fra-eddf8230067-FRA
last-modified: Tue, 29 Aug 2023 10:41:09 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693348720.956336,VS0,VE0
etag: "465df069033ddeffaac71b302063aca4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 9
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 30919

GET
H2 200 article-and-feed-area-scanner.20230829-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame BAAB 3 KB
1 KB 7ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-and-feed-area-scanner.20230829-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c3e4c95c37e68d5d3dfdb24b429218752f19e46fc7bb97a345bbceb4971a11d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: ez2fWxThXX5_oK5K6WbF0kaalMJ.iQv3
content-encoding: gzip
via: 1.1 varnish
date: Tue, 29 Aug 2023 22:38:39 GMT
x-amz-request-id: PBGP7E3YS797E1D5
age: 43180
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1149
x-amz-id-2: rpjpRXF16iAikZMqEXVv4MZFw38MDt+xJBXhJ0+hcpePh3rRb9o1/Y6AxS7IVL/wiXFOFQMRl/Y=
x-served-by: cache-fra-eddf8230067-FRA
last-modified: Tue, 29 Aug 2023 10:39:00 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693348720.956485,VS0,VE0
etag: "d7f88d9d18c2615307fa9de7201cb8e5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 96
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 40297

GET
H2 204 abtests
am-trc-events.taboola.com/palmate-lihkg/log/3/ Frame BAAB 0
230 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-lihkg/log/3/abtests?route=AM:AM:V&lti=deflated&ri=4c23a07263f47931318c01feb2f50e9e&sd=v2_9956d9dffbfebae7cb02f9373dbddd5c_dc6418d1-ff1a-4e90-99df-3f556d0fb1dd-tuctbe7f8ef_1693348719_1693348719_CNawjgYQuLpcGOTZy5ukMSACKAEwODib4wlAgYoQSNqc2gNQ____________AVgAYABo8Yjmp8nnrMKLAXAA&ui=dc6418d1-ff1a-4e90-99df-3f556d0fb1dd-tuctbe7f8ef&pi=/smj&wi=-8323673355417702064&pt=text&vi=1693348719844&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1693348719948%7D&tim=00%3A38%3A39.948&id=9304&llvl=2&cv=20230829-7-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 29 Aug 2023 22:38:39 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 d818f04afbd9ebdf62c6bd52b4c16f69.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame BAAB 9 KB
9 KB 7ms
7ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d818f04afbd9ebdf62c6bd52b4c16f69.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0da4a3b0915734a131522ad9f339e97820928784dcec1e647f158d016d1714b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 29 Aug 2023 22:38:39 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d818f04afbd9ebdf62c6bd52b4c16f69.jpeg
age: 34710
edge-cache-tag: 549071134709539405522177109416881562895,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 549071134709539405522177109416881562895,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 378
req-referer: https://www.lefigaro.fr/actualite-france/un-multirecidiviste-de-paroles-de-haine-rachel-khan-sort-du-silence-apres-les-dires-de-medine-qualifies-d-antisemites-20230828
content-length: 8704
x-request-id: f7e893224b4dca4d7c079bf02122b704
x-backend-name: LA_nlb201
x-served-by: cache-iad-kcgs7200159-IAD, cache-iad-kiad7000062-IAD, cache-sna10749-LGB, cache-iad-kjyo7100150-IAD, cache-fra-eddf8230067-FRA
last-modified: Mon, 28 Aug 2023 17:07:50 GMT
server: nginx
x-timer: S1693348720.965652,VS0,VE1
etag: "3ea07a5781db7ab7becf362caa287075"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 204 debug
am-trc-events.taboola.com/palmate-lihkg/log/2/ Frame BAAB 0
89 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-lihkg/log/2/debug?tim=00%3A38%3A39.964&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=2270&cv=20230829-7-RELEASE&lt=deflated&uuid=2eb7e228d36a7ce02a505355f8d84220002408daff0f499f8828a439c1afdfdc&dcc=1&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:39 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14243

GET
H2 200 json Show response
trc.taboola.com/palmate-lihkg/trc/3/ Frame 718F 3 KB
2 KB 98ms
98ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-lihkg/trc/3/json?tim=00%3A38%3A40.210&lti=deflated&data=%7B%22id%22%3A928%2C%22ii%22%3A%22%2Fsmj%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_9956d9dffbfebae7cb02f9373dbddd5c_dc6418d1-ff1a-4e90-99df-3f556d0fb1dd-tuctbe7f8ef_1693348719_1693348719_CNawjgYQuLpcGOTZy5ukMSACKAEwODib4wlAgYoQSNqc2gNQ____________AVgAYABo8Yjmp8nnrMKLAXAA%22%2C%22ui%22%3A%22dc6418d1-ff1a-4e90-99df-3f556d0fb1dd-tuctbe7f8ef%22%2C%22uifp%22%3A%22dc6418d1-ff1a-4e90-99df-3f556d0fb1dd-tuctbe7f8ef%22%2C%22lbt%22%3A1693305329359%2C%22vi%22%3A1693348720209%2C%22cv%22%3A%2220230829-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpb.lihkg.com%2Fsmj%3Ftheme%3Dlight%26is_mobile%3D1%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22cmps%22%3A1%2C%22ga%22%3Atrue%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fpb.lihkg.com%2Fsmj%3Ftheme%3Dlight%26is_mobile%3D1%22%2C%22vpi%22%3A%22%2Fsmj%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A250%2C%22dw%22%3A300%2C%22dh%22%3A250%2C%22qs%22%3A%22%3Ftheme%3Dlight%26is_mobile%3D1%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-gam-300x250%3Aabp%3D0%22%2C%22uip%22%3A%22Mid%20Article%20Thumbnail%20300x250%22%2C%22orig_uip%22%3A%22Mid%20Article%20Thumbnail%20300x250%22%2C%22cd%22%3A0%2C%22mw%22%3A0%2C%22amw%22%3A300%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fsmj%2CMid%20Article%20Thumbnail%20300x250%3Dthumbnails-gam-300x250%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9586082d2429022157beddd5f9de6a3c714ce987ad520ae63a8836125e311b61

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 92
date: Tue, 29 Aug 2023 22:38:40 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7331
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230067-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1693348720.213560,VS0,VE92
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://pb.lihkg.com
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 userx.20230829-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 718F 17 KB
6 KB 7ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230829-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 723ca45bc19fb07fbebe56f38e0f52626fca12b1f701ba1eefa33bf41b23efca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: skt8UWvYNkGjnz7ZpNLRFS7KR8tL3Le_
content-encoding: gzip
via: 1.1 varnish
date: Tue, 29 Aug 2023 22:38:40 GMT
x-amz-request-id: T7SM0E8J3Y5JTBM9
age: 43051
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: SQ0dE2lkXPfEtWyaalEi2WqEiOU36hHwHGkEmHErudaAT+5J/PY+JKKwBP+Oj3kg5iX/UEbbQbk=
x-served-by: cache-fra-eddf8230067-FRA
last-modified: Tue, 29 Aug 2023 10:41:09 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1693348720.321345,VS0,VE0
etag: "465df069033ddeffaac71b302063aca4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 52
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 30920

GET
H2 204 abtests
am-trc-events.taboola.com/palmate-lihkg/log/3/ Frame 718F 0
230 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-lihkg/log/3/abtests?route=AM:AM:V&lti=deflated&ri=9819d9fa4d29e47a41b5fe854b01f957&sd=v2_9956d9dffbfebae7cb02f9373dbddd5c_dc6418d1-ff1a-4e90-99df-3f556d0fb1dd-tuctbe7f8ef_1693348719_1693348720_CNawjgYQuLpcGNHcy5ukMSADKAEwODib4wlAgYoQSNqc2gNQ____________AVgAYABo8Yjmp8nnrMKLAXAA&ui=dc6418d1-ff1a-4e90-99df-3f556d0fb1dd-tuctbe7f8ef&pi=/smj&wi=-8323673355417702064&pt=text&vi=1693348720209&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1693348720315%7D&tim=00%3A38%3A40.316&id=8241&llvl=2&cv=20230829-7-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 29 Aug 2023 22:38:40 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/palmate-lihkg/log/2/ Frame 718F 0
89 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-lihkg/log/2/debug?tim=00%3A38%3A40.328&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=8715&cv=20230829-7-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Tue, 29 Aug 2023 22:38:40 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15402

GET
H2 200 f498ba5bd6f04bc888e9f258ea48550e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 718F 6 KB
7 KB 6ms
6ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f498ba5bd6f04bc888e9f258ea48550e.jpg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ba0f85e1ea446943ab6a8d652e5c00228cd06402263dc6e10687a61d57b7533c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 29 Aug 2023 22:38:40 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f498ba5bd6f04bc888e9f258ea48550e.jpg
age: 2469709
edge-cache-tag: 586015311461799713573492966267005842837,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 586015311461799713573492966267005842837,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 214
expiration: expiry-date="Fri, 04 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.weser-kurier.de/
content-length: 6186
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100146-IAD, cache-iad-kcgs7200033-IAD, cache-sna10747-LGB, cache-iad-kcgs7200067-IAD, cache-fra-eddf8230067-FRA
last-modified: Tue, 04 Jul 2023 09:10:13 GMT
server: nginx
x-timer: S1693348720.332918,VS0,VE0
etag: "c430ffc725e6b48dab91758ef0877338"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 27, 4

GET
H2 200 f498ba5bd6f04bc888e9f258ea48550e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 718F 6 KB
6 KB 9ms
9ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f498ba5bd6f04bc888e9f258ea48550e.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ba0f85e1ea446943ab6a8d652e5c00228cd06402263dc6e10687a61d57b7533c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 29 Aug 2023 22:38:40 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f498ba5bd6f04bc888e9f258ea48550e.jpg
age: 2469709
edge-cache-tag: 586015311461799713573492966267005842837,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 586015311461799713573492966267005842837,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 214
expiration: expiry-date="Fri, 04 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.weser-kurier.de/
content-length: 6186
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100146-IAD, cache-iad-kcgs7200033-IAD, cache-sna10747-LGB, cache-iad-kcgs7200067-IAD, cache-fra-eddf8230067-FRA
last-modified: Tue, 04 Jul 2023 09:10:13 GMT
server: nginx
x-timer: S1693348720.342585,VS0,VE0
etag: "c430ffc725e6b48dab91758ef0877338"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 27, 5

POST
H2 204 visible Show response
trc.taboola.com/palmate-lihkg/log/3/ Frame D897 0
316 B 15ms
14ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-lihkg/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 8
date: Tue, 29 Aug 2023 22:38:40 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7346
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230067-FRA
pragma: no-cache
server: nginx
x-timer: S1693348721.843780,VS0,VE8
content-type: image/gif
access-control-allow-origin: https://pb.lihkg.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 bulk Show response
trc.taboola.com/palmate-lihkg/log/3/ Frame D897 0
75 B 15ms
15ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-lihkg/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
date: Tue, 29 Aug 2023 22:38:40 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7553
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v2
x-served-by: cache-fra-eddf8230067-FRA
pragma: no-cache
server: nginx
x-timer: S1693348721.844451,VS0,VE9
content-type: image/gif
access-control-allow-origin: https://pb.lihkg.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 bulk Show response
trc.taboola.com/palmate-lihkg/log/3/ Frame 3686 0
68 B 23ms
23ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-lihkg/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 17
date: Tue, 29 Aug 2023 22:38:40 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7778
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230067-FRA
pragma: no-cache
server: nginx
x-timer: S1693348721.859806,VS0,VE17
content-type: image/gif
access-control-allow-origin: https://pb.lihkg.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame D897 254 B
738 B 7ms
7ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Tue, 29 Aug 2023 22:38:40 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 683
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230067-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1693348721.883589,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 67
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 129

POST
H2 204 bulk Show response
trc.taboola.com/palmate-lihkg/log/3/ Frame BAAB 0
300 B 16ms
15ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-lihkg/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
date: Tue, 29 Aug 2023 22:38:40 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7518
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230067-FRA
pragma: no-cache
server: nginx
x-timer: S1693348721.959589,VS0,VE9
content-type: image/gif
access-control-allow-origin: https://pb.lihkg.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d818f04afbd9ebdf62c6bd52b4c16f69.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0da4a3b0915734a131522ad9f339e97820928784dcec1e647f158d016d1714b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 29 Aug 2023 22:38:40 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_200%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d818f04afbd9ebdf62c6bd52b4c16f69.jpeg
age: 34711
edge-cache-tag: 549071134709539405522177109416881562895,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
cache-tag: 549071134709539405522177109416881562895,409727528766170011329604497963433340809,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 378
req-referer: https://www.lefigaro.fr/actualite-france/un-multirecidiviste-de-paroles-de-haine-rachel-khan-sort-du-silence-apres-les-dires-de-medine-qualifies-d-antisemites-20230828
content-length: 8704
x-request-id: f7e893224b4dca4d7c079bf02122b704
x-backend-name: LA_nlb201
x-served-by: cache-iad-kcgs7200159-IAD, cache-iad-kiad7000062-IAD, cache-sna10749-LGB, cache-iad-kjyo7100150-IAD, cache-fra-eddf8230067-FRA
last-modified: Mon, 28 Aug 2023 17:07:50 GMT
server: nginx
x-timer: S1693348721.968820,VS0,VE0
etag: "3ea07a5781db7ab7becf362caa287075"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 2

POST
H2 204 bulk Show response
trc.taboola.com/palmate-lihkg/log/3/ Frame 718F 0
339 B 15ms
15ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-lihkg/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
date: Tue, 29 Aug 2023 22:38:41 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7502
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230067-FRA
pragma: no-cache
server: nginx
x-timer: S1693348721.325899,VS0,VE9
content-type: image/gif
access-control-allow-origin: https://pb.lihkg.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame D897 3 KB
2 KB 7ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Tue, 29 Aug 2023 22:38:41 GMT
x-amz-request-id: 1V3JN4Z08BWJNCK3
age: 3162
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by: cache-fra-eddf8230067-FRA
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1693348722.798648,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 80
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 6439

GET
H2 200 / Show response
pips.taboola.com/ Frame D897 64 B
99 B 39ms
7ms XHR
text/plain 2a04:4e42::300

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 -, , ASN (),
Reverse DNS
Software: Varnish /
Resource Hash: 5b0143573d10639a93b9448b1ebfe1379a49e885accd47b37b3cdd14db2e468b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230056-FRA
date: Tue, 29 Aug 2023 22:38:41 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://pb.lihkg.com
cache-control: no-store
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame 3686 3 KB
1 KB 7ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Tue, 29 Aug 2023 22:38:41 GMT
x-amz-request-id: 1V3JN4Z08BWJNCK3
age: 3162
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by: cache-fra-eddf8230067-FRA
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1693348722.825875,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 37
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 6440

GET
H2 200 / Show response
pips.taboola.com/ Frame 3686 64 B
243 B 10ms
6ms XHR
text/plain 2a04:4e42::300

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 -, , ASN (),
Reverse DNS
Software: Varnish /
Resource Hash: 5b0143573d10639a93b9448b1ebfe1379a49e885accd47b37b3cdd14db2e468b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230056-FRA
date: Tue, 29 Aug 2023 22:38:41 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://pb.lihkg.com
cache-control: no-store
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ Frame 3686 0
82 B 286ms
89ms XHR
text/plain 141.226.224.32

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=dc6418d1-ff1a-4e90-99df-3f556d0fb1dd-tuctbe7f8ef&uad=c6670ba74f4332547bf31bf9937a31573a81a16e7f1ccc10b8d7c86ff5ce6e2f&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 29 Aug 2023 22:38:42 GMT
cache-control: no-store
server: nginx

GET
H2 204 / Show response
cds.taboola.com/ Frame D897 0
82 B 587ms
101ms XHR
text/plain 141.226.224.32

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=b1e454ff-1667-4d89-8a25-18d9fb835f4d-tuctbe7f8ef&uad=c6670ba74f4332547bf31bf9937a31573a81a16e7f1ccc10b8d7c86ff5ce6e2f&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 29 Aug 2023 22:38:42 GMT
cache-control: no-store
server: nginx

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame BAAB 3 KB
1 KB 8ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Tue, 29 Aug 2023 22:38:41 GMT
x-amz-request-id: 1V3JN4Z08BWJNCK3
age: 3162
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by: cache-fra-eddf8230067-FRA
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1693348722.948355,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 83
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 6442

GET
H2 200 ifs.js Show response
cdn.taboola.com/scripts/ Frame BAAB 2 KB
1 KB 8ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/ifs.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e17075cf2f747253cb3c737891be0f417b8f4330ddab9d53013bdd4ebca568ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: hHYTz8VC1WtMBCSsI42K1YQZ3IXPhs3V
content-encoding: gzip
via: 1.1 varnish
date: Tue, 29 Aug 2023 22:38:41 GMT
x-amz-request-id: KKZE0W22J1Q7ZPPB
age: 27682
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 988
x-amz-id-2: F3ExyTtzzLXbbwz7WQILBmBt6cjE6RenLxc+8NkWagS7KTru7zRUQmU5Zesa1HFzMZoAEXa9Ges=
x-served-by: cache-fra-eddf8230067-FRA
last-modified: Sun, 12 Mar 2023 12:23:45 GMT
server: AmazonS3
x-timer: S1693348722.948331,VS0,VE0
etag: "93d5bb91c9a48c4edbc164a65354b00c"
vary: Accept-Encoding
content-type: application/javascript
abp: 86
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 21362

GET
H2 200 cwc.es5.js Show response
cdn.taboola.com/scripts/ Frame BAAB 743 B
724 B 8ms
8ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cwc.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 019490d9fcabbdcba7d3ffa9bf83e2769915d0a516b617558172297b9fc437f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: IYbtgS7TGj76rfUv8k6SvppRdu.fLwnH
content-encoding: gzip
via: 1.1 varnish
date: Tue, 29 Aug 2023 22:38:41 GMT
x-amz-request-id: 6F9CVK5C8W7H262W
age: 5
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 405
x-amz-id-2: bYmU3EUXu+5HUNVe9DmRLL+ljjq7NCqn56rZ5XuNqNAB9lG/BJh2wPScThMy4K3jxPpNQz2JoZw=
x-served-by: cache-fra-eddf8230067-FRA
last-modified: Mon, 18 Jul 2022 11:56:22 GMT
server: AmazonS3
x-timer: S1693348722.948427,VS0,VE0
etag: "c7297e1aade4377754403b305af75d61"
vary: Accept-Encoding
content-type: application/javascript
abp: 0
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 5

GET
H2 200 / Show response
pips.taboola.com/ Frame BAAB 64 B
99 B 7ms
6ms XHR
text/plain 2a04:4e42::300

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 -, , ASN (),
Reverse DNS
Software: Varnish /
Resource Hash: 5b0143573d10639a93b9448b1ebfe1379a49e885accd47b37b3cdd14db2e468b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230056-FRA
date: Tue, 29 Aug 2023 22:38:41 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://pb.lihkg.com
cache-control: no-store
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H2 200 / Show response
tsdtocl.com/ Frame 1650 786 B
1 KB 37ms
6ms Document
text/html 151.101.65.44

General

Check archive.org

Show headers Download Go to

Full URL: https://tsdtocl.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/ifs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c30f0f816ada3a1410045d740a98e4d2faf07fc74ffc0430678b21abbd05138

Request headers

Referer: https://pb.lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1511
content-length: 786
content-type: text/html
date: Tue, 29 Aug 2023 22:38:41 GMT
etag: "fb5a4594b9ffef704d61bb6e6f80f145"
last-modified: Wed, 05 Jan 2022 19:36:57 GMT
server: AmazonS3
via: 1.1 varnish
x-amz-id-2: j+S9y/AskIf0AU324ogEYR/qYD5SZFoGeSO6dw70LYM37rt07/TSUnMMnsWEammvKyqMjZT7mIU=
x-amz-replication-status: COMPLETED
x-amz-request-id: NAYQ7SJKHQHFDE93
x-amz-version-id: Qk4nobcRRphLiqVWi0NeSs0dand8kap0
x-cache: HIT
x-cache-hits: 378
x-served-by: cache-fra-eddf8230108-FRA
x-timer: S1693348722.995665,VS0,VE0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame BAAB 254 B
629 B 9ms
6ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Tue, 29 Aug 2023 22:38:41 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 684
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230067-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1693348722.967124,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 54
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 130

GET /
cds.taboola.com/ Frame BAAB 0
0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame 718F 3 KB
2 KB 7ms
6ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230829-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Tue, 29 Aug 2023 22:38:42 GMT
x-amz-request-id: 1V3JN4Z08BWJNCK3
age: 3163
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by: cache-fra-eddf8230067-FRA
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1693348722.315533,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 1
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 6444

GET
H2 200 / Show response
pips.taboola.com/ Frame 718F 64 B
122 B 6ms
6ms XHR
text/plain 2a04:4e42::300

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::300 -, , ASN (),
Reverse DNS
Software: Varnish /
Resource Hash: 5b0143573d10639a93b9448b1ebfe1379a49e885accd47b37b3cdd14db2e468b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230056-FRA
date: Tue, 29 Aug 2023 22:38:42 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://pb.lihkg.com
cache-control: no-store
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ Frame 718F 0
82 B 371ms
90ms XHR
text/plain 141.226.224.32

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=dc6418d1-ff1a-4e90-99df-3f556d0fb1dd-tuctbe7f8ef&uad=c6670ba74f4332547bf31bf9937a31573a81a16e7f1ccc10b8d7c86ff5ce6e2f&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 29 Aug 2023 22:38:42 GMT
cache-control: no-store
server: nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gocm.c.appier.net
URL: https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid

Domain: gocm.c.appier.net
URL: https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid

Domain: gocm.c.appier.net
URL: https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid

Domain: gocm.c.appier.net
URL: https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid

Domain: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=K6wExK0eDRGYtgyUanPuZA

Domain: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/v1/prebid/bid

Domain: cds.taboola.com
URL: https://cds.taboola.com/?uid=dc6418d1-ff1a-4e90-99df-3f556d0fb1dd-tuctbe7f8ef&uad=c6670ba74f4332547bf31bf9937a31573a81a16e7f1ccc10b8d7c86ff5ce6e2f&mbl=ZmFsc2U=

Verdicts & Comments Add Verdict or Comment

68 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lihkg.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 2q3bdkr4d15t037oceudqk6uak
.lihkg.com/	1969-12-31 23:59:59	Name: __cfruid Value: 41934b66c0b93db237ff0f664fa33faf35e1fd99-1693348712
lihkg.com/	1970-01-20 15:05:40	Name: _pbjs_userid_consent_data Value: 3524755945110770
adv.lihkg.com/	1969-12-31 23:59:59	Name: OAGEO Value: 2%7CDE%7CEU%7C1%7CFrankfurt+am+Main%7C60326%7C50.1049%7C8.6295%7C100%7CEurope%2FBerlin%7C%7CHE%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
.lihkg.com/	1970-01-20 14:22:30	Name: __cf_bm Value: Uu7s.s3seMQPed50DRbP96xKjlJQGoxRcxkv8R6ttkU-1693348712-0-Aaufdx7Wl/hl+jMco3lm/P5y4rAbheA0Jv8nKdyUpfGMfYBBVoMSC/0NgsNOtkUrljxDt+SMWuSZh1kI0oe+ZWs=
.lihkg.com/	1969-12-31 23:59:59	Name: _cfuvid Value: r5ZasXyD8Km1KTKOtiQhtT8n8xwcqGtrJPDNRlGUNnQ-1693348712539-0-604800000
.lihkg.com/	1970-01-20 23:08:04	Name: cf_clearance Value: rtrd1odiBwP11IQS1yAmeAYod7nsRnSCGzpVMhgserg-1693348712-0-1-618b7bda.7d697fba.adfd96a5-0.2.1693348712
.lihkg.com/	1970-01-20 23:58:28	Name: _ga Value: GA1.1.544351479.1693348713
.lihkg.com/	1970-01-20 23:58:28	Name: _ga_PPY9Z37CCJ Value: GS1.1.1693348713.1.0.1693348713.60.0.0
.lihkg.com/	1970-01-20 23:58:28	Name: _ga_L8WS4GS6YR Value: GS1.1.1693348713.1.0.1693348713.0.0.0
.criteo.com/	1970-01-20 23:44:04	Name: uid Value: cef379b8-1e8d-4826-b7ef-88c2d1f5838a
pb.lihkg.com/	1970-01-20 15:05:40	Name: _pbjs_userid_consent_data Value: 3524755945110770
.lihkg.com/	1970-01-20 23:44:04	Name: cto_bundle Value: rVFw_l9pcklqQVYlMkIwYWVtMzJmJTJGN3dRaFkzd1dRTXB3VDI3Q3VCaFdoeGtlZUQzbFA1RVJTZW45UmFzU0hmS3J6OHBVUmxDRW5YZFl1SHBiTkt1T3VQWTJwQUN0TWtiJTJGaUFnWTd6bVJyUkdMODhuU3AlMkJtOXBnNDVna1glMkYlMkYzN1ZvQzJHNHZFSlN1a2lkcHBaamdMZWpkaG56UnclM0QlM0Q
.lihkg.com/	1970-01-20 23:44:04	Name: __gads Value: ID=e123d43f24286d94-22b145375fde0095:T=1693348713:RT=1693348713:S=ALNI_MYqYyrh2pTRgpwB6EyzVBsX-CJRjg
.lihkg.com/	1970-01-20 23:44:04	Name: __gpi Value: UID=00000c6b6653fc71:T=1693348713:RT=1693348713:S=ALNI_MbO0EUtbWIyk8_dqEE-5bGx5Gpudg
adv.lihkg.com/	1970-01-20 23:08:04	Name: OAID Value: 62919e694e0bc387f5f0c57f686b5d6b
.c.appier.net/	1970-01-20 23:08:04	Name: _auid Value: K6wExK0eDRGYtgyUanPuZA
.lijit.com/	1970-01-20 23:08:04	Name: ljt_reader Value: HO_OpGZHCwEuDwomSOqE4Pnj
.ctnsnet.com/	1970-01-20 23:08:04	Name: gid_CAESELBsTht4AKMC4EgjmTEFTGU Value: 1
.3lift.com/	1970-01-20 16:32:04	Name: tluid Value: 2463362946608089645765
.adform.net/	1970-01-20 15:07:07	Name: C Value: 1
.1rx.io/	1970-01-20 23:08:04	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-294a25be-2f74-4765-893e-27e2436947c7-003%22%7D
.adform.net/	1970-01-20 15:48:52	Name: uid Value: 769530768005849119
.doubleclick.net/	1970-01-20 23:44:04	Name: IDE Value: AHWqTUmUBc6jtFZVCBgJMu3t99MCZmooQDnFXcUUewuBIcKwGzO_muWMQD9YaLZQrFE
.casalemedia.com/	1970-01-20 23:08:04	Name: CMID Value: ZO5za30adzWI0I6hG1ja.QAA
.casalemedia.com/	1970-01-20 16:32:04	Name: CMPS Value: 1215
.casalemedia.com/	1970-01-20 16:32:04	Name: CMPRO Value: 1215
.targeting.unrulymedia.com/	1970-01-20 23:08:04	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-294a25be-2f74-4765-893e-27e2436947c7-003%22%7D
.yahoo.com/	1970-01-20 23:08:26	Name: A3 Value: d=AQABBGtz7mQCEJCfK8LY5Qy30jpUuQgHo0AFEgEBAQHE72T4ZAAAAAAA_eMAAA&S=AQAAAqp7Ni1NUqn6yA3tM0Pu4ho
.mathtag.com/	1970-01-20 15:05:40	Name: mt_mop Value: 4:1693348716
.pubmatic.com/	1970-01-20 14:23:55	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 23:08:04	Name: KADUSERCOOKIE Value: 8E63F2C5-65D2-4884-9E22-33CBABA1F2D4
.ctnsnet.com/	1970-01-20 23:08:04	Name: gid_CAESEH4pOds-qWOQr8q1oOgL7cA Value: 1
.ctnsnet.com/	1970-01-20 23:08:04	Name: cid Value: b7bb36a68e6e4b14806637b930d8df52
.awin1.com/	1970-01-20 14:26:47	Name: awpv11354 Value: 412871\|1693348716\|cac1f990-46bc-11ee-898e-223287d3f473
.doubleclick.net/	1970-01-20 18:41:40	Name: APC Value: AfxxVi57uAjePkeXsi-B5YKj9WgJd3RBsDwuoz6cOW1vbQmXS3zYQA
www.conrad.de/	1970-01-20 14:26:47	Name: CEAffHA Value: YD
www.conrad.de/	1970-01-20 14:26:47	Name: HTLP_timestamp Value: 1693348716566
.www.conrad.de/	1970-01-20 14:22:30	Name: __cf_bm Value: f.P8WGvxefMDM5tTGg7lIAc6ot2j7n1MfZ0j8MzIM_4-1693348716-0-ARBmO/QlFNeJzmjpDXi75fMiAY/sWmmPKmkep9lxwFtgWl90OT0h25posVPnUEe83K1vCv/o80s63Ox0vujAUO8=
.awin1.com/	1970-01-20 14:25:21	Name: awpv16798 Value: 412871\|1693348716\|cad2e980-46bc-11ee-b98b-2233369fc7ee
.awin1.com/	1970-01-20 14:26:47	Name: awpv19228 Value: 412871\|1693348716\|cace55a1-46bc-11ee-b98b-2233369fc7ee
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 388274:2629118
.blau.de/	1970-01-20 14:32:33	Name: nscQ486 Value: V
.blau.de/	1970-01-20 14:32:33	Name: nscT486 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY5MzM0ODcxNnZsZWExZGUyMDIzMDgzMDAwMzgzNjg4NDAyNDE3ODcxWDExMzc1MlYxMjI1MTMxMTA2TVN2aWV3b25laWQ5TTFTTWZLTXR4RXBTS0hCSDJ0N3RycnFzd1RtVHhWY2RvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTNfQmxhY2tGcmlkYXlQdXNoMTEzNzUy
.blau.de/	1970-01-20 14:32:33	Name: webShopPV Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2023083000383688402417871X113752V1225131106MSviewoneid9M1SMfKMtxEpSKHBH2t7trrqswTmTxVcdoneid__suite_Netmix_Reach13_BlackFridayPush&wfid=113752&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY5MzM0ODcxNnZsZWExZGUyMDIzMDgzMDAwMzgzNjg4NDAyNDE3ODcxWDExMzc1MlYxMjI1MTMxMTA2T
.o2online.de/	1970-01-20 14:32:33	Name: nscQ485 Value: V
.o2online.de/	1970-01-20 14:32:33	Name: nscT485 Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY5MzM0ODcxNnZsZWExZGUyMDIzMDgzMDAwMzgzNjg4NDAyNDE3ODc3WDEyMDIxMVYxMjI2MTMyNzAyTVN2aWV3b25laWRZWDFIcmYxNXNwQnBIVkg5SGV0UXRSUjhjQVQxVDZtSHJvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTNfQmxhY2tGcmlkYXlQdXNoMTIwMjEx
.o2online.de/	1970-01-20 14:32:33	Name: webShopPV Value: ?partnerId=O2_AFF_POV_EXA_15008&mediacode=AFF_la_120211_-HTLP&utm_term=AFF_la_120211_-HTLP&utm_content=O2_AFF_POV_EXA_15008&spid=2023083000383688402417877X120211V1226132702MSviewoneidYX1Hrf15spBpHVH9HetQtRR8cAT1T6mHroneid__suite_Netmix_Reach13_BlackFridayPush&wfid=120211&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMwMDAwMDAwMDA2MTY5MzM0ODcxNnZsZWExZGUyMDIzMDgzMDAwMzgzNjg4NDAyNDE3ODc3WDEyMDIxMVYxMjI2MTMyNzAyT
.aralego.com/	1970-01-20 23:08:04	Name: gdpr Value: 1
.aralego.com/	1970-01-20 23:08:04	Name: sspid Value: 181996a0-fbd7-3ee6-ba3e-8943f99f69ec
pb.lihkg.com/	1970-01-20 23:08:04	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3Ddc6418d1-ff1a-4e90-99df-3f556d0fb1dd-tuctbe7f8ef

27 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
network	error	URL: https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kzf3n0yrhd7nw96m6wanxj2rdq4dw5m2wscbv701e5jcr01j339wcxzrtdfpyse1t0egn1esqkmsgejaqkbssnbpxnkekzff80bhpjtg75d77x1jckem516tz7tjvmtqd2gm6r1ah3x630tgn88bh4523dzx57s48y9z59271wkdpycaerkatde0g7z08fmvpxzn1kxx4wkak4gz9420x7knjx51gs0wvkh2p941zb93c4mbhf6jmxdc373er6010v0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gq9gbpfs27a7pf7pcxq8tf18bw1cbp230wh6hjkcq09w5g52as8zzanb7xh6vh17emwn6j85gdh9j7pzh1j21chwc0fhx3e4jzjmze006thzmd445hcpez3vn3hxqx3s19w4vw5vmkkhy7jg57m53j6r3tyss334n9jq8c357m0revv9xqzz5w1f1x6jpg9t86ca69hxxdakjt4pjgv0y45crqnx94r9zjxy9s2t10bdjjyhtr96dnxfc5zwjcys1z396wkt9h2f4f9kffg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCuT1ra3PuZPWpCNWI-cAP2vCToAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3gFP0DQmdCM2ZUlm2ERh7WYrD7lgiE3OYwNXyi41h9cd3E2pMTiYysBTo3i_pv0g92bNIAF5owKZsdnoYlohKlYGNDTl6GjZRM1n3En3VutujhibdwkCz8RdEtIwIzbXwhmETNM1BoPV6TJzZ5cK4w9FhTE8Mkvj0mwn5ljgFxwCdrzWYEjyqSzag6tnxmMVhoDpueNhwhsxNbZsCfQWIT8Q183748XqpU2h5hGqrYCq2dO1AE8exKvNk7slIdEu8EeHMXiff4QeJ14uosC7wP-qXdVp8jYMSpdTTSCsZIiABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1ESmalc1dOrVwX_rwKIqaL4aMlDw%252526client%25253Dca-pub-1983042674979462%252526adurl%25253D&clickref=oneidApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9oneid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7oneid__suite_Netmix_Reach13_BlackFridayPush Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://track.webgains.com/link.html?wglinkid=4314458&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1kb6w4dqz9eda4qd2tksc1cx5q1qt7dhvp9bzmzt6v53hkze73ppdd270p1dan263a4f0914qyg95fap64gjrxb0ad2r278cn25ende92dsqkd5g9e5ee7gb80a0rd0q26kfsvjn93epewb0st8p15re56y1pnztyr0s0rqv19ptbhnmbz9v3fbeeeg7qqqnr76245z0ssrj3g252tctpxdh0qefv2mv1vm39sn1xzqye7xrhq74eq3msj9wf0xr11x0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1gq9gbpfs27a7pf7pcxq8tf18bw1cbp230wh6hjkcq09w5g52as8zzanb7xh6vh17emwn6j85gdh9j7pzh1j21chwc0fhx3e4jzjmze006thzmd445hcpez3vn3hxqx3s19w4vw5vmkkhy7jg57m53j6r3tyss334n9jq8c357m0revv9xqzz5w1f1x6jpg9t86ca69hxxdakjt4pjgv0y45crqnx94r9zjxy9s2t10bdjjyhtr96dnxfc5zwjcys1z396wkt9h2f4f9kffg%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCuT1ra3PuZPWpCNWI-cAP2vCToAeQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3gFP0DQmdCM2ZUlm2ERh7WYrD7lgiE3OYwNXyi41h9cd3E2pMTiYysBTo3i_pv0g92bNIAF5owKZsdnoYlohKlYGNDTl6GjZRM1n3En3VutujhibdwkCz8RdEtIwIzbXwhmETNM1BoPV6TJzZ5cK4w9FhTE8Mkvj0mwn5ljgFxwCdrzWYEjyqSzag6tnxmMVhoDpueNhwhsxNbZsCfQWIT8Q183748XqpU2h5hGqrYCq2dO1AE8exKvNk7slIdEu8EeHMXiff4QeJ14uosC7wP-qXdVp8jYMSpdTTSCsZIiABq20_5ik46TPIqAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_1ESmalc1dOrVwX_rwKIqaL4aMlDw%252526client%25253Dca-pub-1983042674979462%252526adurl%25253D&clickref=oneidg8pu8fqYSEkzdHPHbH8txC72pRUdTQTZDceoneid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidwDgUdfpXc7Dz3fEHRH2tXt2zDJTKTATKbC5oneid__suite_Netmix_Reach13_BlackFridayPush Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://track.webgains.com/link.html?wglinkid=3098581&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1hrj44eqe7y31sn4wb6q5qgn3rd72kq7wv9qzxab7zj4kz9jr3z4d6gare3pjxvndwfaz5tvbmend9cx27gva2pt50zjqj65r1sx5122be0vzpw5bgebf6nh6tjr52vw1g5k0bbh96mta4f66fg3gfa559r3q15b69enmdrgdnwxr0964qfddrrtvzegb08ypbyvh8ntvs55hf9a41v0bjsazc8qgst0vexezkg8s6erab4teb56q9yqzd7p0szg0aetj%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1kacxyv5nsc00e1ndha0tfn4rknpqpv5nkg3nahqnvp0pmwdvs3f20qmza3sj4ge161m27ac7a64rfp56hvwyqs3wx3mhyass9pdts5wx7v80m970mzj1kdhddj5j51apqvk7s7bks9f2hbfxag6t9ht8f8n5mqbv02gm3v35xa46qyjn2dhres76bbj39dn71gya6bm0rg66hnh8c5cmn42d3z7e7v3dzhmmyts3kdzx7n5fngvr3za4nxb0eb1dc52kxa76vhnafa23bj0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCX0bza3PuZITiBd_C7_UPiLW40AOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0BhiQUyYHXsMU1j-WWRdHkIrizi_jAgXIJP6xwQ6TQqEd8FX0lbkNoJoqX1lIupWcTnl8aC4T29zqRNpltJzLKXUahpYkk3jRLwdFjjNlYpfYkpyaKUcWo_oUsI8i0Fu5ZNoqtZVZfbpMIqhDAW_UK_Kj8L8-mdchn3eO1B63QKXF89T4qH0hvKHsYHONlCNQkCwxQd6azTjFEjHJ0c8M1EtLWJLGuRLcDyrCPmuR9HOF68EcoOFW0vFkCqm62LVEIxaFvSzXbEZb0idnacdhAIPWsQTyLHvkoKYXpekgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_1ZnbQiymMXsTJwgcJAxwP0EgBLiQ%252526client%25253Dca-pub-1983042674979462%252526adurl%25253D&clickref=oneidApEhYf9mu2MwBHAHRH4tMCepgGF7T4T1Ec9oneid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidEbGSDfqQSEergfzHAHjt4tqG2bcqTVT1dc7oneid__suite_Netmix_Reach13_BlackFridayPush Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://track.webgains.com/link.html?wglinkid=2370525&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1htm847ybjgmkdz8vgx9pqvg8zgyed29kehb6p5n95f03vt21k17ed6v5q9fxj0r9kr5yw5h00yabwqx2rhnsnp710ef5wc9vzcgp3qhtk1e194zqq55fkgpkqd72srr7b250q74f4rbhgxahx35aff17bahbxa1jn9gjej3qyscn0fk6r866a2rccp367cexj5xvd2dh3a5x29semz05qz413p1nne90taqrb7w152r0bfy1rab58qnvf2z2dz6w4%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1hfjb1da8xmmdst5tm9qgxccyraggqhq0afn17ex4zk26w8ab1y243q2m327ar1dr9fxvjmc9mvbe0z8cnpywyv3zf57zggt9ff59yj9dash4wgwd9dtwpbcsf94aqkgthj0k2nthge7x5ytax8pe36nr1f4c61ac4wqnba8gfbqctn0c712f71dcsjpcpx9s57b9qxzqkass2chexzmt4bj3f104kg0skbbt55ddvcja9avrt0a1my59k2hne34hcrt308pkpvq5tve1ya0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCLDzea3PuZI7gCp-YxdwP2-an0AaQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0xOTgzMDQyNjc0OTc5NDYyyAEJqQJDMNQMKTqyPqgDAcgDAqoE3wFP0IR8I2Q-Z8MyTwW55mx7cPUmWcnlZZPirvQUMDTD3tPGUz6_GA1nlmVZiNndbVLlnRurvlzGnDLyNGIHkGwrOEUVzcHVF0fQqQAa6AztGkVKAk4t3PLsQ30ymfpjc-Uiz_zDVEHsqgQ4zeNRbEQIFK4JdOqdFwCB9E_A-Khkbx8VThM6iXK61u4vJpwIwBL0HIB51Y3L3X9C27qsTOvmBOd3BjjESPLZBhI8CgF6xvNNh30tMF2EhfMNz8MCEGlv06JlA3ae079r5ROupdYFDPNxdyaVCmt8txf-WVRQgAattP-YpOOkzyKgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%252526num%25253D1%252526sig%25253DAOD64_3F8qu1S6wIX00PXxQ27p5QNX3tTg%252526client%25253Dca-pub-1983042674979462%252526adurl%25253D&clickref=oneidxDwUQfgPSE3rjCPHdHztDCREmaJT6T8ZsAoneid__suite_Netmix_Reach13_BlackFridayPush&viewref=oneidj83uEfZeSqPQAFYHEH2t6tRe4aKTzTxJc9oneid__suite_Netmix_Reach13_BlackFridayPush Message: Failed to load resource: the server responded with a status of 429 ()
network	error	URL: https://cds.taboola.com/?uid=dc6418d1-ff1a-4e90-99df-3f556d0fb1dd-tuctbe7f8ef&uad=c6670ba74f4332547bf31bf9937a31573a81a16e7f1ccc10b8d7c86ff5ce6e2f&mbl=ZmFsc2U= Message: Failed to load resource: net::ERR_HTTP2_SERVER_REFUSED_STREAM

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad.sitemaji.com
ad2.apx.appier.net
ad4m.at
ads.yap.yahoo.com
adv.lihkg.com
am-trc-events.taboola.com
analytics.webgains.io
ap.lijit.com
api.webgains.io
as.ad4m.at
assets.ad4m.at
c1.adform.net
cdn.jsdelivr.net
cdn.lihkg.com
cdn.taboola.com
cdn.track.production.webgains.team
cds.taboola.com
cm.g.doubleclick.net
cpm.bidmyqps.xyz
csi.gstatic.com
dclk-match.dotomi.com
dis.criteo.com
eb2.3lift.com
fonts.googleapis.com
gcm.ctnsnet.com
geo.yahoo.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
hb.aralego.com
image6.pubmatic.com
images.taboola.com
lihkg.com
match.360yield.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.blau.de
partner.googleadservices.com
partner.o2online.de
pb.lihkg.com
pips.taboola.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.ad.smaato.net
prod-rtb.ad4mat.net
region1.analytics.google.com
region1.google-analytics.com
rtb.openx.net
s.ad.smaato.net
s.yimg.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync.1rx.io
sync.aralego.com
sync.mathtag.com
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
track.webgains.com
trc.taboola.com
tsdtocl.com
ups.analytics.yahoo.com
videos.taboola.com
www.awin1.com
www.conrad.de
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.telefonica-partner.de
x.bidswitch.net
ad2.apx.appier.net
cds.taboola.com
gocm.c.appier.net
104.64.118.247
108.128.215.42
13.248.245.213
141.226.224.32
141.226.228.48
142.250.186.70
142.250.186.98
151.101.129.44
151.101.65.44
162.210.196.208
167.233.13.224
172.64.148.101
178.250.7.11
178.250.7.13
18.66.147.120
185.29.132.241
185.64.190.78
185.86.139.94
192.96.203.13
2.16.97.41
2001:4860:4802:32::36
216.52.2.91
2600:1901:0:76b9::
2600:9000:211e:3800:1b:5138:8a40:93a1
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700::6810:3965
2606:4700::6810:5914
2606:4700::6810:c0cb
2606:4700::6811:d5c1
2a00:1288:110:c204::b000
2a00:1288:80:807::1
2a00:1450:4001:806::2002
2a00:1450:4001:809::2002
2a00:1450:4001:811::2008
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2001
2a00:1450:4001:829::2003
2a00:1450:4001:831::2002
2a00:1450:400c:c07::9c
2a00:1450:400f:804::2003
2a02:2638:3::3
2a02:2638:3::c
2a02:fa8:8806:13::1400
2a04:4e42::300
2a05:d018:d29:3602:5341:747:cc9:c512
3.10.47.90
3.75.62.37
35.179.59.129
35.186.193.173
35.186.215.140
35.227.252.103
37.157.2.234
46.228.174.117
51.89.9.253
52.50.63.74
52.57.100.136
69.173.144.165
77.245.57.72
84.200.5.215
87.248.100.137
99.86.4.94
019490d9fcabbdcba7d3ffa9bf83e2769915d0a516b617558172297b9fc437f6
028565858aca93c3b487996eb5af450fa2671990023c0a38f485a16513d26013
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
08db44d1b93268a2f3b72a2af31bcf207d87714f0f766792c49ed4ccdd2a0e80
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
0ae6d5e96fc82e373137e8cd555d4c272430f6752b033f5a7e797c11cfe3881e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cd8ed767fc6b46b1261f9394cca7c3fcae1b16f8cf21e4fdc9a5d5ca86ee8e3
0da4a3b0915734a131522ad9f339e97820928784dcec1e647f158d016d1714b4
0fc31ae56768311960d7d5f2d67d853598c06f1982017f1091a01a5e099840ca
107500f3386888e9450215c938aeee00d53bc3296d79960cd11c963d9c536fbe
12d9750b602556f48a93c29b9426af52636fe30cada207db200ae52339ddfb28
145f7a61eb0eac3f11c0923b932ad778e7fda85505d341bfb9140c080e791674
14b4caf239342334bf7b8280605e60f67c33c589762047b8bd67c0552fdb80a6
15140244740d8e22709b7dbe59a3b01c1b5fb96b8b52d18374faeb3c5d7c92f0
15cc42ec2a3a08dc0566d2f71a13e462fa764a4390c7d96870b71fd2cf6ff513
17c4a472fcd08fb337fb6a574f60891ce91af06251dbf5d0137d2414316c11b1
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1d533fa3a32a5a67dc45519a85bc430007e3c68bde21d01c5e67c2c8b3d4d2cf
1e9e9483dc8972e01d5f55bbade4cb00f0ad629dc73e7cfd1224ed2496108cc6
229e5a0cf38692aadb68fe1ab6ea1e26a0a3b26fbb4e731f33ad807a50ef1227
234b2aaf46d739732c3a5ac9f9c3dceff6580cf2e083fd2f3da9336e1f4ea028
26d998f38eaf43c5df862c319ce7a21a81fccab9f0bc2922f748cff9ecbee9d2
2a461002f77d83338ab9aafd8bfd8cb6275f8f6af2ea6a4f8c040d2aad2130f9
2ab05fd9f1991b8e36d079cb9cf92ee9bc1293ce4aca3c20b0da064bda729c19
2ba3ad2978cfbe37713407a5ec2670fe381f17106a313cbb1d00b9632f9db59e
2cfad31e954fbffb335d93c5ec79e1ed99cc805e6b17727be6312445a653d04a
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ed2a584ee1368ea53d5ad19adcf8bd9aa9d260d1489a41f9ddcac11db82a4bb
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3040f08e08f34fe75c925eb3b2f85fb62b27d374deba100b3ec4eb8ae8b92a3d
3101f75821bd640ea6a402a7fc91ce796a14c3301dae27977ef7e498493d2478
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d2f53435546ca87cf708c1fc720332bd198252986678d8c1c5cd6077e9df6c
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32eae5ac37a6fa422532679db09a5ba09e1fb0559d191208ff1babbc1be1fe7a
359bfb2022da71c6c1768306f0a10086680344c0d15bd563cd13e112e7e881f3
36399503dcdbdb234112a7da5fd5e7c7505a0eac217836e01fa91224f77f1f8a
363d0f434386e451eeda529f507afc653925d1e39143c76b68af0aa6a338ce3c
37300dadca033aeefdaf45704f904544037e79fb0ebe0d4e5b9fe02c16fae234
38f00d6938a8f2a9b7e0d6d8005a5b6be5cb0b1c5c51822119118d95ccd73879
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
3aaebb44fa7aff9f07c039c9678ca52b7a5277c15af947834950663fa31b5da5
3c30f0f816ada3a1410045d740a98e4d2faf07fc74ffc0430678b21abbd05138
3c3e4c95c37e68d5d3dfdb24b429218752f19e46fc7bb97a345bbceb4971a11d
3d4f0f7bb1f66ca7fb98c64114528a54eded29040c5f08cd9ebfd0540a0e72fc
3e01af62b9dc3c41009730d55f56c30722924655dff7ff7b5d6704c62ec417dc
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
40df2b78182e4ea8c29b45c73a0e7bef10dc5ab61798ce22238d039d2bd81b92
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
43c969dd91796954ee5b0d995fddf5dc9b008844db541a4103c1d95b28ef2f74
483c10547e425f2938264825ed7b2a007fee84094dd9df349bd1a39becd4eb00
48544d39ceaebb01d8e31886a19c82330f02125740397558bb0baa16b81b8c6f
490f98c1546f8b02490bd5705e5b6e328698766b64fa67d2999b79171119b02d
4911d1cc42e734d7ff839ebecc749804c1fb675f2bd496074c87c32429e17b3e
49410c74fab6de2717d7f1318a0f1c6e388d528b08bbdfaaf30917b93e38e5b0
4a8c55e2a65ab16a22b95904c1e8853cc86c6794f55bb398b58b0cdb42f7d7e8
4b1a46106fd1a1ddf039f102e746861c90f6da3b4065aa901362503654335467
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fb66cda8a7f6b544f761bba57abfdadd810eece869cc49f5c4fdb97eda7271c
508ecc51e1ebdc0798b41ab754e78fcfb51c0f573fd1a72195fee5020785841b
53c31afb6037395b532b8ba67c8d63d467893e5d4d57521ea21d5899e7f9faeb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
585ea68c86cccd4420ed9f71aa876c153f4ef8cb8bd42dd9629b867ccc290695
5ac6e96b3f3196fc83048e084cf465b4feaa72d55fd8d66df91abdce75a64105
5b0143573d10639a93b9448b1ebfe1379a49e885accd47b37b3cdd14db2e468b
5b1f6750b46c0fd1393db6e6f571ef836a29fd11b2d6e9c32e65b784e3b06ea5
5b452aa9b2bd42bbf203cb979b7bee28d229bade135412663f01c1b673b9c6d1
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5efba36f91a59dcc9918f2cf796410873bb4013b539b8b98e51210e621f2964c
613d6d344a52373768d6919e8e0478c25d59d9b61075d005cc80c7cc41c6b455
61bc3a9b2e94aceaa784247231cf757d22fc27da6b413eb9f21f03311c4a7a21
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
635925b575f30146336036d3916c2f6f099258d421963732a49e394184cf5381
64d691fbc4a15bf9eee152d458c1d4b3be611a57727dfde3194fa5443cc5e2dd
65ded88113cbcb48c6bb2d842e5ff567e268950c28d1febd84250861259f05a8
6812a4b6f30e6c3cb730dd4cfe01d6c67f680b6c3fb5b294ed89db790e83e759
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b22bd988460b49f00b4eaf0cd7671c7e3bf23ce1e3d015e5163fdc8de80073d
6d2cf79989a25b94d2694569e8a8372c34b3cfac8caf3f7c2ae6d97f7e9d02ae
7070cc69aecbe66c96c6c26692c7a952e77202f0e1016c04b8e7523fe01644f3
70c5e7e43dad82d88eb37e5a682b9c71b689b7efb05f9e58e9cebd4e5e4ba94b
723ca45bc19fb07fbebe56f38e0f52626fca12b1f701ba1eefa33bf41b23efca
750ef554ccd3ec1442639c002f8b5d7e0ff3037f1177ec5774d1120a60b1d6fc
76967d830f6aef06f336d8b7323d7d8a07e08b56080a1b3c8b9ada0b5e7ead26
7cf274200b414178ec3bc7a872a478e20bb3c890df8420f617c777df1c9e1ab5
80049bc10543e0e2fe1fc1b66570855de11c11da2023d5a914c57330d0188ff1
846ab283855ddafc646f26a469d6c6c1b5a1f59f5d90ca195001e6a9ba943a43
8543eee7ce49564643fa813ae7f87accf93f9a845c8c14aa0eb75c93ec0174bb
885bd0b0ae7034a353e2f41a8187ee50fb4a389885530b500e6ac7ba79a3bcfd
89dfeda2c2d29d75b9199adce9c0b1f960a0d0baefaf6b398363f56110d1e814
8af31ee98d04f1808aa03e29c89b1b9e12c99a2f1860c58d1b55e27206047c3f
8f03b94344821d98d8d849415345f53de7c9eb39fe0e5b4862eb1067332d7d79
9238b43cdc071efcc3f09db1454c889c86904ce11fb8761dc09e8169b2c2ef48
94e2294df57e775b3da8a4dfeaf427c81efa2a05f808229fcdd4f12646d8a2c7
94f54661c81da124054968cf2555b727cd2f6df9db1fed49aa8314df0e6b1362
9565c2b62e4360360bbcdb71948add07b16345599cfd7d7b6b2f352a97ff81be
9586082d2429022157beddd5f9de6a3c714ce987ad520ae63a8836125e311b61
962fc717f6b467dd04e28f51faf37b6c927283f1d04c0a211230c42033adb714
975c355858c5c4d64a42bf2c3fba8a8ce0b73c6dab15a7a6b533114105aae998
97fb2299b75200fb946cb3995dbce86e17bf10e9e0f766d3c85515b553c0d425
981088256f014e7875ee262982ad1eb7f0c802533d95c307a1b30008b60dc5d7
99442ffdcbca472f9dd7c91b57bd872e32eea3c50761a8370c02d9ab4102387e
99e35cbed2b286df1349bb0ffe71fa354c8a7a3c97f97f341ab4581a428c19bc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bbeb17cdfb305edaf4ff7dce9dd9b6957bbdca3ed8f42272d876c5dfebc913b
9ce9c23100cc0681764ebe98b2e39ca86dcf292de1d7615037d34ba84d0d270b
9dfe1f819bb2abd9663550cec9005dc0ed81151f85f2efa7a8a9b1b33aa64f40
a2071a6dd4e4dc556c647ef2614dca9d7bb5c5aa37cf13e5c23bfb0dc468e849
a35a904ed0404b45c2d6d12069d7b567c88ca3287531385af5872c629f67b467
a40bc7c42a924ebfb7c0bc286872aca8d62d090c27977c8f216306a521369828
a58d5e5e3303d8769288e632f884dd5240fff7d0c93e9f4a6dc952dc73ab8712
a623b36160eec683995e0ba001f6fea1e614d561ce98cc7a9ef27ce747b3ebd3
a6cfeb3b267b8d15890ad258fe4204e6c250d2469f55f1c98af30d52a5bb143b
a9fe05682e0c0cc50e80b740cc4b65e85d51176d2d422cdc3062228b820f3030
abbebeb42b4b1bf0628e815118ea3a73c6d538c4ec781b98dffc75665489b488
ad5513f114fa6f9a574cc64554a2a333f22fdc2067ac18832361974809345b5f
af880809ebc3490a493fdf0fe3bd2fe3372f37480bfb48cdbbfe0d040dbf605d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b79061721d5bff6017244edfae8d759856428814d3e0a5c96ddf81c62fc1a778
ba0f85e1ea446943ab6a8d652e5c00228cd06402263dc6e10687a61d57b7533c
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bb4d609b5c3a5aec790f8937ce65e69f35303ddbe39cf3588af7bed8ed2a437e
bdbe17f58d2111986091a711b33375f9b92b8ca1411a56d9a81617da4f74c764
bf34fcb41e470195d5c2f43fbe6f2ee5be108dc6cf3ceab9924b0fe6c6d3d475
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c25d5a361bff658ecdce364861744ffa447830da7d5fed134b43158fe456b04f
c6d0dad8519f74a265dcc20c75b83a198bcf7cbdd383a12a7c935483a3d97983
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cdd553ca03bf2b7460d539109d35522f2bdf86b84ab1f91d29ba79791f83e878
cea7ae02e7840360a93a404591b9bc1e443000c0ac24f125382ef9ef74e9b7d4
cf21e8408ed4dac6172cc3050b496ca227f133e7c75e38beccaafe52160bf224
d18956c21464cd32c3ce93f61bbb47b3e24d58ca2680702c7c84a37cdbacc54e
d2deaeb14a239457f7147b9b222c8bd89615e7de9b4c61558214ee8b4bb1fa50
d2ebf6b894adb91b35cd1135329e9390d36768d4430b538a2df087a4f5bc31b7
d531ee353b2e628d0735cacda425a3000ab2da5481ea441980a576896e6bd427
d8b009a457899d38051b66550fef78790dc412c6ee13553f4f00f49a03eb8bbb
d9365df793afdf41433275bf106dc6ff8b656cf507455fc2d3b8428c83f6fa8e
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dcdf6025d6bcac09db1f1eadd9e358c76436bb294df0b7d7f1263c865af74ffe
dda217d7f8a0cfb768ad013a4d67aef679efc905a8cd70f624d5a6a113355c29
ddd76cd708e1ed8dd6092703d72990e1494a8b1f3ee09bf29b99a288b5dbe844
deb23b71b7aebe4ff504f8df4215ba417469dc6b8cf40f8755f1ad9657f5d43e
e17075cf2f747253cb3c737891be0f417b8f4330ddab9d53013bdd4ebca568ee
e1f1298767e4be7239cf28bb31eaada9d1750fbf45f29b2294fcfd4add302bdd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ab36501f4ae276141d10ba8b8b63c3f42f426f8ee3c9f3247ea4e3a2ac67d6
e4b8cd0d6d8c57ef39e1bb5cff8557261b3b2f640656680a72e421471032d841
e64391beb64b40e6e8dd6e808711202e4b4d425a1f1e32ae5f95bb2c5802e2f7
e883a277132916576be85df21d216a2689dbc586d66ab57c479fcc0e155612ba
e992acf8af7de27497c44cca7f3758d64d10946bebd1b17319287c0d8f83b29c
eb571b8f4828305b030d4da6f20f71a09e3654ef7e87179e2b5345a847f737a2
ebda714b0960b486684f8e18052d2eb1a7afb14dd5d1d87ebf705c1c4af06eb2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0c9d7ae47a3839ab6438558fed00c5cd5911eecbde1816bffce20151a045673
f4919e111d5453492f753dbfc05ae3d54ac325eb91cb917b923ad475f781b276
f59796638c7e20f2670b48291fa640999399d26df98e745266819d09a2d3382a
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f8c80e2a3d4e5844fa8db23543a469b72dc3a0c279ffce2b7d2a762536793cd5
f8ceec7a5e4e717902b65087aadda13d0aeaa99a91f5676fb788870d782023b0
fa73429ad9c13bcb586a8eeee0f5c74c47038842e110f9e956bd6dc330345712
fdb2305afd6b4ca92f8b8b65479237a388d5ae327a706f7dd749566cd19df7ff
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

lihkg.com Open in urlscan Pro 2606:4700::6811:d5c1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

435 Requests

91 %HTTPS

43 %IPv6

52 Domains

79 Subdomains

51 IPs

11 Countries

8831 kBTransfer

21164 kBSize

51 Cookies

8 Outgoing links

Redirected requests

435 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lihkg.com Open in urlscan Pro
2606:4700::6811:d5c1 Public Scan

Screenshot
Live screenshot

Full Image

435
Requests

91 %
HTTPS

43 %
IPv6

52
Domains

79
Subdomains

51
IPs

11
Countries

8831 kB
Transfer

21164 kB
Size

51
Cookies

435 HTTP transactions
6 data transactions