lihkg.com Open in urlscan Pro
2606:4700::6811:d6c1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://lihkg.com/thread/3257982/page/1?ref=web&post=1
Submission: On July 29 via api (July 29th 2023, 7:05:23 am UTC) from HK — Scanned from DE

Summary HTTP 135 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 34 IPs in 6 countries across 31 domains to perform 135 HTTP transactions. The main IP is 2606:4700::6811:d6c1, located in United States and belongs to CLOUDFLARENET, US. The main domain is lihkg.com. The Cisco Umbrella rank of the primary domain is 97953.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 14th 2023. Valid for: a year.

This is the only time lihkg.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 39	2606:4700::68... 2606:4700::6811:d6c1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	77.245.57.72 77.245.57.72	36057 (WEBAIR-IN...) (WEBAIR-INTERNET-MTL)
2	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
4	54.216.69.247 54.216.69.247	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
3	87.248.100.136 87.248.100.136	34010 (YAHOO-IRD) (YAHOO-IRD)
3	2a00:1288:110... 2a00:1288:110:c204::b000	34010 (YAHOO-IRD) (YAHOO-IRD)
3	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
2	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
5	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	() ()
3 4	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
3 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	138.201.63.145 138.201.63.145	24940 (HETZNER-AS) (HETZNER-AS)
1 2	159.69.70.9 159.69.70.9	() ()
1	2a0b:4d07:102::1 2a0b:4d07:102::1	() ()
1	3.9.91.156 3.9.91.156	() ()
1	92.123.148.9 92.123.148.9	() ()
135	34

39 2606:4700::6811:d6c1 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

lihkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.lihkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adv.lihkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pb.lihkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)

cpm.bidmyqps.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.210.196.208 (Ashburn, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

hb.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.216.69.247 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-69-247.eu-west-1.compute.amazonaws.com

prebid.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 87.248.100.136 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o1.ycpi.vip.ir2.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:110:c204::b000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (None, )

ASN- ()

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.52 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.63.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.145.63.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.69.70.9 (None, ) 1 redirects

ASN- ()

hal900017.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (None, )

ASN- ()

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.9.91.156 (None, )

ASN- ()

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.123.148.9 (None, )

ASN- ()

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	lihkg.com 1 redirects lihkg.com — Cisco Umbrella Rank: 97953 cdn.lihkg.com — Cisco Umbrella Rank: 117027 adv.lihkg.com — Cisco Umbrella Rank: 135304 pb.lihkg.com — Cisco Umbrella Rank: 130973	1 MB
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 130 tpc.googlesyndication.com — Cisco Umbrella Rank: 155	546 KB
13	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 204 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 239	181 KB
6	yahoo.com ads.yap.yahoo.com — Cisco Umbrella Rank: 13862 geo.yahoo.com — Cisco Umbrella Rank: 1344	2 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 624	4 KB
5	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 861	421 KB
4	smaato.net prebid.ad.smaato.net — Cisco Umbrella Rank: 6094	1 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	193 KB
3	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 43992 hal900017.redintelligence.net	9 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 245	2 KB
3	google.com www.google.com — Cisco Umbrella Rank: 3	2 KB
3	yimg.com s.yimg.com — Cisco Umbrella Rank: 561	89 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 417 mug.criteo.com — Cisco Umbrella Rank: 2490	7 KB
2	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 96246	13 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1196	701 B
2	aralego.com hb.aralego.com — Cisco Umbrella Rank: 26832	345 B
2	bidmyqps.xyz cpm.bidmyqps.xyz — Cisco Umbrella Rank: 69992	515 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 1914	304 B
1	awin1.com www.awin1.com	702 B
1	webgains.com track.webgains.com	2 KB
1	office-partner.de adv.office-partner.de	931 B
1	googletagservices.com www.googletagservices.com	57 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 599	13 KB
1	youtube.com img.youtube.com — Cisco Umbrella Rank: 3574	36 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 79	917 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 372	2 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1186	7 KB
0	webgains.team Failed cdn.track.production.webgains.team Failed
0	webgains.io Failed analytics.webgains.io Failed
0	medialead.de Failed pv.medialead.de Failed
0	appier.net Failed gocm.c.appier.net Failed
135	31

	Domain	Requested by
22	cdn.lihkg.com	lihkg.com cdn.lihkg.com
20	pagead2.googlesyndication.com	lihkg.com cdn.lihkg.com pagead2.googlesyndication.com tpc.googlesyndication.com pb.lihkg.com googleads.g.doubleclick.net
10	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
8	lihkg.com	1 redirects cdn.lihkg.com static.cloudflareinsights.com lihkg.com
7	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
6	pb.lihkg.com	cdn.lihkg.com pb.lihkg.com pagead2.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	cdn.taboola.com	ad.sitemaji.com cdn.taboola.com pb.lihkg.com
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	prebid.ad.smaato.net	cdn.lihkg.com pb.lihkg.com
4	www.googletagmanager.com	lihkg.com www.googletagmanager.com adv.office-partner.de
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
3	geo.yahoo.com	pb.lihkg.com s.yimg.com
3	ads.yap.yahoo.com	s.yimg.com
3	s.yimg.com	pb.lihkg.com ad.sitemaji.com
3	adv.lihkg.com	lihkg.com adv.lihkg.com
2	hal900017.redintelligence.net	1 redirects googleads.g.doubleclick.net
2	ad.sitemaji.com	pb.lihkg.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	gum.criteo.com	1 redirects static.criteo.net
2	hb.aralego.com	cdn.lihkg.com pb.lihkg.com
2	cpm.bidmyqps.xyz	cdn.lihkg.com pb.lihkg.com
2	region1.google-analytics.com	www.googletagmanager.com
2	securepubads.g.doubleclick.net	lihkg.com securepubads.g.doubleclick.net
1	www.awin1.com	hal900017.redintelligence.net
1	track.webgains.com	lihkg.com
1	adv.office-partner.de	hal900017.redintelligence.net
1	hal9000.redintelligence.net	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	mug.criteo.com
1	static.criteo.net	securepubads.g.doubleclick.net
1	img.youtube.com
1	fonts.googleapis.com	cdn.lihkg.com
1	cdn.jsdelivr.net	cdn.lihkg.com
1	static.cloudflareinsights.com	lihkg.com
0	cdn.track.production.webgains.team Failed	googleads.g.doubleclick.net
0	analytics.webgains.io Failed	track.webgains.com
0	pv.medialead.de Failed	hal900017.redintelligence.net
0	gocm.c.appier.net Failed
135	40

This site contains links to these domains. Also see Links.

Domain
youtu.be
www.instagram.com
lih.kg
na.cx
itunes.apple.com
market.android.com
fb.me
instagr.am
twitter.com
help.lihkg.com

Subject Issuer	Validity	Valid
lihkg.com Cloudflare Inc ECC CA-3	`2023-05-14` - `2024-05-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-10` - `2024-04-09`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
bidmyqps.xyz R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
smaato.net Sectigo ECC Domain Validation Secure Server CA	`2022-09-19` - `2023-09-19`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-27` - `2023-08-27`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-03` - `2023-08-23`	2 months	crt.sh
yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-02` - `2023-10-25`	6 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-10` - `2023-10-02`	3 months	crt.sh
feebee.com.tw R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
redintelligence.net R3	`2023-06-09` - `2023-09-07`	3 months	crt.sh
adv.office-partner.de R3	`2023-06-30` - `2023-09-28`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-10` - `2024-03-09`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://lihkg.com/thread/3257982/page/1?ref=web&post=1
Frame ID: CE71F68F6D2017440942972EA18A8059
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html
Frame ID: FB42A47A18C9A0BDDD1F7BBD434F12B5
Requests: 1 HTTP requests in this frame

Frame: https://lihkg.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/11b725eb/invisible.js
Frame ID: ECDAA3AF5C0C1C017D21F65902413BF9
Requests: 2 HTTP requests in this frame

Frame: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=5
Frame ID: D43021C35E76AAE27C92CD3E1B0D0371
Requests: 13 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=lihkg.com
Frame ID: FBC813CB04887EE64CC6866486E02E4E
Requests: 2 HTTP requests in this frame

Frame: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
Frame ID: E0FD7A68AA71CEFBD3BACF503EB6DE6D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3240616428100660&output=html&h=250&slotname=9808563034&adk=532204820&adf=681505122&pi=t.ma~as.9808563034&w=320&lmt=1690614319&format=320x250&url=https%3A%2F%2Flihkg.com%2Fthread%2F3257982%2Fpage%2F1&region=16906143193221800&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690614319379&bpp=1&bdt=1530&idt=216&shv=r20230726&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&correlator=7414122691268&frm=20&pv=2&ga_vid=1416592483.1690614319&ga_sid=1690614320&ga_hid=1344543899&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076088%2C31076482%2C31076543%2C44788442%2C44797784&oid=2&pvsid=1218557576067882&tmod=846911435&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=SoYq2pIZW1&p=https%3A//lihkg.com&dtd=220
Frame ID: 725114102ECE2EA6D55CC350DEF8EA81
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&adk=1812271804&adf=3025194257&lmt=1690614319&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x945_r&format=0x0&url=https%3A%2F%2Flihkg.com%2Fthread%2F3257982%2Fpage%2F1&ea=0&region=16906143193214434&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690614319391&bpp=1&bdt=1543&idt=235&shv=r20230726&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250&nras=1&correlator=7414122691268&frm=20&pv=1&ga_vid=1416592483.1690614319&ga_sid=1690614320&ga_hid=1344543899&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076088%2C31076482%2C31076543%2C44788442%2C44797784&oid=2&pvsid=1218557576067882&tmod=846911435&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=255
Frame ID: 6817847759C4BEFD37B06CDFBA4DCF4E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7C906C32AFE22C6713442FE895C4B575
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B2B10DEAFF43E2F914D3BC3A3F257199
Requests: 2 HTTP requests in this frame

Frame: https://pb.lihkg.com/smj?theme=light&passback=1&platform=mobile-web&is_mobile=1
Frame ID: 22B5C7870BA52F009B59D317507238E4
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1690614320639&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690614320840&bpp=3&bdt=1422&idt=244&shv=r20230726&mjsv=m202307270201&ptt=9&saldr=aa&cookie=ID%3D90006be0ff5ee646-22b82cd402e30039%3AT%3D1690614319%3ART%3D1690614319%3AS%3DALNI_Mbtt5_Bju-QC21UG9SMj_yn-BIh7g&gpic=UID%3D00000d2a2423f995%3AT%3D1690614319%3ART%3D1690614319%3AS%3DALNI_MbG6jYjK_MV8XlEnZfoQjCL9_FFkw&correlator=2361311590456&frm=24&ife=1&pv=2&ga_vid=1416592483.1690614319&ga_sid=1690614321&ga_hid=1393956451&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=2503316152&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759842%2C44759875%2C31076481%2C31076576%2C44788442&oid=2&pvsid=3028226912030831&tmod=1624674545&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.gt3e0rlw9fri&fsb=1&dtd=261
Frame ID: 5A67992320C63296AF325BE1C1D3EF04
Requests: 20 HTTP requests in this frame

Frame: https://pb.lihkg.com/smj?theme=light&is_mobile=1
Frame ID: 064ADAE0CF2120543930F31780CE790E
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 993EDF936571D9E61F0CDAF7599E3169
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 631295DC0AAF36383A499498B7E9AE54
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNURvAzI0FLHu996St7X85QZFenjDsnZjv99nIKwyf6FdYD4TXaAl3XljK7H0M3Icb3SwHap1nkD0ZYGyiRIAfmtfJHSbCXRF8aJFEYVAiRInMZ9sBuf6BlCoUfthXsySsHeS1pOIgwau9mJSo6OSTmqWeEZh4wa-CUqlhpv-uo0x5pQBSo
Frame ID: C44FFE2761AAA9943DFC79FAB7397B6F
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1F76234FB60963C8B7EADECE30E09D0F
Requests: 3 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: F72C7BC4A1B030ECFBF1747C214F8FAA
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=70673400020256804444994012400017&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: EE2D8DDA09B894271443C29F6FBB03E9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

英王查理斯三世發表在任首個聖誕文告，你聽咗未？ | LIHKG

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

135
Requests

90 %
HTTPS

58 %
IPv6

31
Domains

40
Subdomains

34
IPs

6
Countries

2693 kB
Transfer

9255 kB
Size

23
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://youtu.be/H7N-SmsJVe8
Title: https://youtu.be/H7N-SmsJVe8

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/CmmaSZcrteB/
Title: https://www.instagram.com/p/CmmaSZcrteB/

Search URL Search Domain Scan URL

URL: https://lih.kg/iQyCPT
Title: https://lih.kg/iQyCPT

Search URL Search Domain Scan URL

URL: https://lih.kg/xGRGMCX
Title: https://lih.kg/xGRGMCX

Search URL Search Domain Scan URL

URL: https://na.cx/i/GqqmMKk.png

Search URL Search Domain Scan URL

URL: https://lih.kg/btJtwpV
Title: https://lih.kg/btJtwpV

Search URL Search Domain Scan URL

URL: https://na.cx/i/MPLq9w7.png

Search URL Search Domain Scan URL

URL: https://lih.kg/jrDzwT
Title: https://lih.kg/jrDzwT

Search URL Search Domain Scan URL

URL: https://na.cx/i/2nS66o6.png

Search URL Search Domain Scan URL

URL: https://itunes.apple.com/hk/app/id1178373396

Search URL Search Domain Scan URL

URL: https://market.android.com/details?id=com.lihkg.app

Search URL Search Domain Scan URL

URL: https://fb.me/lihkg.forum

Search URL Search Domain Scan URL

URL: https://instagr.am/lihkg.forum

Search URL Search Domain Scan URL

URL: https://twitter.com/lihkg_forum

Search URL Search Domain Scan URL

URL: https://help.lihkg.com/tnc
Title: 使用條款及免責聲明

Search URL Search Domain Scan URL

URL: https://help.lihkg.com/privacy/policy/
Title: 私隱政策

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://lihkg.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
https://lihkg.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/11b725eb/invisible.js

Request Chain 36

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid

Request Chain 55

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=250&slotname=9106605872%2F5521398132&adk=3524170298&adf=1413308163&pi=t.ma~as.9106605872%2F55213981_&w=320&lmt=1690614319&format=320x250&url=https%3A%2F%2Flihkg.com%2Fthread%2F3257982%2Fpage%2F1&region=16906143193214434&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690614319376&bpp=3&bdt=1527&idt=195&shv=r20230726&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&correlator=7414122691268&frm=20&pv=2&ga_vid=1416592483.1690614319&ga_sid=1690614320&ga_hid=1344543899&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=627&ady=1492&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076088%2C31076482%2C31076543%2C44788442%2C44797784&oid=2&pvsid=1218557576067882&tmod=846911435&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=1gdRS8OVSH&p=https%3A//lihkg.com&dtd=209 HTTP 302
https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

Request Chain 58

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid

Request Chain 64

https://gum.criteo.com/sid/json?origin=publishertagids&domain=lihkg.com&sn=ChromeSyncframe&so=0&topUrl=lihkg.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=S-sU1HxFbEltNGZJeXBUY24zdHpPNS9CbjZrZWRNalRERUdaYnRVek1RWGZHQWNiMTdoL1J4NmhsZ2xaeXRoVTlxbWNucHZQMjZ0ZkphaTJxOW1xZU1aQVdDSGg2OGFXQzhOblJielNlNXVwTFFXWjM4dnFZNm5Hc1gyY0hJZnZoNW9USWt5Ym5GWUlIemJPa1U3Q2JhOW4rL0laeWEveTRYcit3UDloQW9va1V1TnNmSmpHeTM4Szg5dTV4OFZzS3ZWeFV5RjBtcmR6c0NUVXlXc2JnM1lMYmdiem8vbThLckVYS3drbFhuTmhyMVV2elZ1UnJzdkF3TEpmbnNIOFk3T1doZHk4MGZoV2ROd2UyZVZoanJIRlI5UT09fA&cppv=2

Request Chain 111

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMpvsBMVZ2bRKuQWi6qdfF4&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMpvsBMVZ2bRKuQWi6qdfF4&google_cver=1&C=1

Request Chain 112

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMS6MugFoGQXSGsLUyMowQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMpvsBMVZ2bRKuQWi6qdfF4&google_cver=1

Request Chain 113

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMPNs81EXk72yVW_YZQ5nGU&google_cver=1

Request Chain 114

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU2MTAxNzg2NDI4ODg2NjAyNw%3D%3D

Request Chain 123

https://hal900017.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=a01ab4be45&subid=&uid=20a60d8606c8352d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx5PKMbrEZPLlEJKkkwPJiazQCKblvaBpvZOcp8kP8C4QASD-rZZQYJWyn4KwB8gBCakC5SMmYnF7sj6oAwHIA5sEqgT_AU_QtdLwXhFE049w7lfCBe1fKsQ9ytWjktQhE-rQlVcZ6nZBX-jOqNP5xPmyDF5eTs_MrRsLHbCvWYQKDaHaJcnnXI7hJPvEtltyZsWANcx9EQ7tswaxNzeVXCCMR7dl94FFNHs6gLGmiyDwIUtfyqUnjwVACctM-o1nfbHTYuueUOcrJIPMlChrXASyJfV_jGI2EfIWADlvTmNl9O9ME9f-jfLSZ29_cK0QadHZ19DGxuF42avib8VEtLEsStmC4xk4QPeikr6hcbslTSmgEyd4dJbCe-4YDz6R5bRziY_qB3lWnhAl_cu2T5m2spDOIEeP10CQDIwyoawckdOB3MAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWROCpX4nRjz69-J86dG4OiL-bdl2sqhFQhDEZjNhr_c_R3LX3LANR0EI23LrX5mfLmofBYSJXRxgB%26sig%3DAOD64_2weDBOYi2KpGxXBBv6FJwcVdEQWg%26client%3Dca-pub-1983042674979462%26dbm_c%3DAKAmf-CfXjMeSVWMs_Sb-Q3ITMBKc3gwN7pATlFqYSBorRd1fmfC-OkoQO_orS6ax1nrMLj5OCa6ITkY8_F4q-Abk5sgkw7R6xiFsk7jbL-bKvT_ol1g377SGLZsyKPl5Wl7K7wPC00thyQdRJrnYEdEdnasHjSMTj7_5SN1De4WStnR_Hx8xqc%26cry%3D1%26dbm_d%3DAKAmf-Anzbp2l4dHRIYYjUxc675-tfWMK_qLd-hfaVNOXBs6rhSW7YXyke5THG7avfHbo1_GHzCzxtrbdSdcWqxGeRytzUSajW4It_5t391IlOJ2OLXTuog2xqjQO3j0DPL8ooTinvJJ0B_EdMVJ6_KBBFMXV7BSXMya-8jfubiN9D3TV-EcUVp9O4OoIu7XIzK2h8Czpp9Q4n0HesRS4mX1a5FLtBatJzwQMBzGY37rw5Idm1yaOiJ56qGXphJpnKsgXLBSCka5EcaAb9sKkbcyDdv-7rDnborT2jiufZ2klZgkqtZR6mjsCKnp4Ipm-gSWT4daynuN4S_k-fVdLk8H6kuAzcowDtgIm4aHQPZaNVG1CU1vfxp1HNPR8KGnhCch2qTfxeva3d0glregpnhObUVG1IfIw3xnEBGzRvZ9d1I54V8-Swem5f0MmxNJ51wjIJUei04E8Cm9XOVWp0MY-ioG23XL-GITQzPRqu0rgv_9naEWu5vKkDVwtcaf1ouYOyInU9_f5z2ldAZfL-nRxDTqr5zp-Z4fLMJRPHaQvpbhpPk6AlU%26adurl%3D&documentReferer=https%3A%2F%2Fpb.lihkg.com%2F&ancestorOrigins=https%3A%2F%2Fpb.lihkg.com%2Chttps%3A%2F%2Flihkg.com&random=6642668692102&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900017.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=a01ab4be45&subid=&uid=20a60d8606c8352d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx5PKMbrEZPLlEJKkkwPJiazQCKblvaBpvZOcp8kP8C4QASD-rZZQYJWyn4KwB8gBCakC5SMmYnF7sj6oAwHIA5sEqgT_AU_QtdLwXhFE049w7lfCBe1fKsQ9ytWjktQhE-rQlVcZ6nZBX-jOqNP5xPmyDF5eTs_MrRsLHbCvWYQKDaHaJcnnXI7hJPvEtltyZsWANcx9EQ7tswaxNzeVXCCMR7dl94FFNHs6gLGmiyDwIUtfyqUnjwVACctM-o1nfbHTYuueUOcrJIPMlChrXASyJfV_jGI2EfIWADlvTmNl9O9ME9f-jfLSZ29_cK0QadHZ19DGxuF42avib8VEtLEsStmC4xk4QPeikr6hcbslTSmgEyd4dJbCe-4YDz6R5bRziY_qB3lWnhAl_cu2T5m2spDOIEeP10CQDIwyoawckdOB3MAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWROCpX4nRjz69-J86dG4OiL-bdl2sqhFQhDEZjNhr_c_R3LX3LANR0EI23LrX5mfLmofBYSJXRxgB%26sig%3DAOD64_2weDBOYi2KpGxXBBv6FJwcVdEQWg%26client%3Dca-pub-1983042674979462%26dbm_c%3DAKAmf-CfXjMeSVWMs_Sb-Q3ITMBKc3gwN7pATlFqYSBorRd1fmfC-OkoQO_orS6ax1nrMLj5OCa6ITkY8_F4q-Abk5sgkw7R6xiFsk7jbL-bKvT_ol1g377SGLZsyKPl5Wl7K7wPC00thyQdRJrnYEdEdnasHjSMTj7_5SN1De4WStnR_Hx8xqc%26cry%3D1%26dbm_d%3DAKAmf-Anzbp2l4dHRIYYjUxc675-tfWMK_qLd-hfaVNOXBs6rhSW7YXyke5THG7avfHbo1_GHzCzxtrbdSdcWqxGeRytzUSajW4It_5t391IlOJ2OLXTuog2xqjQO3j0DPL8ooTinvJJ0B_EdMVJ6_KBBFMXV7BSXMya-8jfubiN9D3TV-EcUVp9O4OoIu7XIzK2h8Czpp9Q4n0HesRS4mX1a5FLtBatJzwQMBzGY37rw5Idm1yaOiJ56qGXphJpnKsgXLBSCka5EcaAb9sKkbcyDdv-7rDnborT2jiufZ2klZgkqtZR6mjsCKnp4Ipm-gSWT4daynuN4S_k-fVdLk8H6kuAzcowDtgIm4aHQPZaNVG1CU1vfxp1HNPR8KGnhCch2qTfxeva3d0glregpnhObUVG1IfIw3xnEBGzRvZ9d1I54V8-Swem5f0MmxNJ51wjIJUei04E8Cm9XOVWp0MY-ioG23XL-GITQzPRqu0rgv_9naEWu5vKkDVwtcaf1ouYOyInU9_f5z2ldAZfL-nRxDTqr5zp-Z4fLMJRPHaQvpbhpPk6AlU%26adurl%3D&documentReferer=https%3A%2F%2Fpb.lihkg.com%2F&ancestorOrigins=https%3A%2F%2Fpb.lihkg.com%2Chttps%3A%2F%2Flihkg.com&random=6642668692102&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

135 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 1 Show response
lihkg.com/thread/3257982/page/ 4 KB
3 KB 267ms
225ms Document
text/html 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lihkg.com/thread/3257982/page/1?ref=web&post=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72795186d79266a416eec36df560ccb20892d2b66f8f051ff9f3b3307b72f4bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 7ee3833c1e3418c7-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 29 Jul 2023 07:05:17 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

GET
H2 200 style.css
cdn.lihkg.com/assets/web/ 5 KB
1 KB 61ms
40ms Stylesheet
text/css 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lihkg.com/assets/web/style.css?ver=13032023

Requested by

Host: lihkg.com
URL: https://lihkg.com/thread/3257982/page/1?ref=web&post=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80049bc10543e0e2fe1fc1b66570855de11c11da2023d5a914c57330d0188ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2231464
cf-polished: origSize=6395
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 13 Mar 2023 10:32:06 GMT
server: cloudflare
etag: W/"640efba6-18fb"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ee3833eb99718c7-FRA
expires: Sun, 28 Jul 2024 07:05:17 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 166ms
115ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: lihkg.com
URL: https://lihkg.com/thread/3257982/page/1?ref=web&post=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9489aa651161142fcb3c34ba6bbd9afd3be3a7ed0f7d576e6747808b435d912

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27716
x-xss-protection: 0
server: cafe
etag: 552 / 19567 / m202307250102 / config-hash: 5693953215715342715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 07:05:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 166ms
116ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: lihkg.com
URL: https://lihkg.com/thread/3257982/page/1?ref=web&post=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02a0b6400997740d58c56092b87da7db00fe4a88b9edbd0c4269b79aa3a1f8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50697
x-xss-protection: 0
server: cafe
etag: 5160686802516747715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 07:05:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 212 KB
75 KB 92ms
41ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PPY9Z37CCJ

Requested by

Host: lihkg.com
URL: https://lihkg.com/thread/3257982/page/1?ref=web&post=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

52d464416aeccece2ae987f18fec263f17e9c8fa42c998941032e1cfd955c1e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76844
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 29 Jul 2023 07:05:17 GMT

GET
H2 200 prebid7.51.0.js Show response
cdn.lihkg.com/assets/js/ 251 KB
78 KB 69ms
49ms Script
application/javascript 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lihkg.com/assets/js/prebid7.51.0.js

Requested by

Host: lihkg.com
URL: https://lihkg.com/thread/3257982/page/1?ref=web&post=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e9e9483dc8972e01d5f55bbade4cb00f0ad629dc73e7cfd1224ed2496108cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1892442
cf-polished: origSize=257341
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 26 May 2023 11:40:42 GMT
server: cloudflare
etag: W/"64709aba-3ed3d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=43200
cf-ray: 7ee3833eb99b18c7-FRA
expires: Sat, 29 Jul 2023 19:05:17 GMT

GET
H2 200 asyncjs.php Show response
adv.lihkg.com/www/delivery/ 4 KB
2 KB 244ms
234ms Script
text/javascript 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adv.lihkg.com/www/delivery/asyncjs.php

Requested by

Host: lihkg.com
URL: https://lihkg.com/thread/3257982/page/1?ref=web&post=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d533fa3a32a5a67dc45519a85bc430007e3c68bde21d01c5e67c2c8b3d4d2cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://lihkg.com
content-type: text/javascript;charset=UTF-8
cache-control: private, max-age=3600
x-turbo-charged-by: LiteSpeed
expire: Sat, 29 Jul 2023 08:05:17 GMT
cf-ray: 7ee3833eb98b18c7-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 misc.js Show response
cdn.lihkg.com/static/2307045067-knk8z/js/ 3 KB
1 KB 69ms
48ms Script
application/javascript 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lihkg.com/static/2307045067-knk8z/js/misc.js

Requested by

Host: lihkg.com
URL: https://lihkg.com/thread/3257982/page/1?ref=web&post=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ebda714b0960b486684f8e18052d2eb1a7afb14dd5d1d87ebf705c1c4af06eb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2144115
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 04 Jul 2023 11:18:14 GMT
server: cloudflare
etag: W/"64a3fff6-a61"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ee3833eb99a18c7-FRA
expires: Sun, 28 Jul 2024 07:05:17 GMT

GET
H2 200 styles.chunk.js Show response
cdn.lihkg.com/static/2307045067-knk8z/js/ 27 KB
16 KB 64ms
44ms Script
application/javascript 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lihkg.com/static/2307045067-knk8z/js/styles.chunk.js

Requested by

Host: lihkg.com
URL: https://lihkg.com/thread/3257982/page/1?ref=web&post=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a461002f77d83338ab9aafd8bfd8cb6275f8f6af2ea6a4f8c040d2aad2130f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2144115
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 04 Jul 2023 11:18:14 GMT
server: cloudflare
etag: W/"64a3fff6-6a36"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ee3833eb99918c7-FRA
expires: Sun, 28 Jul 2024 07:05:17 GMT

GET
H2 200 main.js Show response
cdn.lihkg.com/static/2307045067-knk8z/js/ 3 MB
784 KB 106ms
86ms Script
application/javascript 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js

Requested by

Host: lihkg.com
URL: https://lihkg.com/thread/3257982/page/1?ref=web&post=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08db44d1b93268a2f3b72a2af31bcf207d87714f0f766792c49ed4ccdd2a0e80

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2144115
cf-polished: origSize=2870133
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 04 Jul 2023 11:18:14 GMT
server: cloudflare
etag: W/"64a3fff6-2bcb75"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ee3833eb99818c7-FRA
expires: Sun, 28 Jul 2024 07:05:17 GMT

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 137ms
84ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: lihkg.com
URL: https://lihkg.com/thread/3257982/page/1?ref=web&post=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://lihkg.com/
Origin: https://lihkg.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:17 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7ee3833f0e1d3a88-FRA

GET
H2 200 styles.css
cdn.lihkg.com/static/2307045067-knk8z/css/ 179 KB
40 KB 87ms
86ms Stylesheet
text/css 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lihkg.com/static/2307045067-knk8z/css/styles.css

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/misc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4911d1cc42e734d7ff839ebecc749804c1fb675f2bd496074c87c32429e17b3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2144115
cf-polished: origSize=184017
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 04 Jul 2023 11:18:14 GMT
server: cloudflare
etag: W/"64a3fff6-2ced1"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ee3833f3a2518c7-FRA
expires: Sun, 28 Jul 2024 07:05:17 GMT

GET
H2 200 latest.json Show response
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 2 KB
2 KB 88ms
26ms XHR
application/json 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230729

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/assets/js/prebid7.51.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc608108001d4eb8499652edebc39a136bc140a9cff991a00b2587014ec28ced

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 29 Jul 2023 07:05:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 11068
x-jsd-version: 1.0.1765
content-encoding: br
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA, cache-jnb7022-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"639-H4SR4wjv3NShitCQ9/xz2bUE1wg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h8wdprOpOS5Qrt5Pot4lKL2%2BCe1YAeCFwHwG13vIPJdI6P6qiVJ5gW%2FX90Em9Lw8J4m9AObcnB49LMTJH5LQy3nEZJ8NnK6mvXSgjWTOq%2FnCoEFRhzFZoZHVVAm0eijVwEwR4TUatMJZYSXLPzo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7ee383403b3b6922-FRA

GET
H2 200 css
fonts.googleapis.com/ 2 KB
917 B 94ms
37ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu+Mono

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/css/styles.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

904a56dd8ea11f7ff3aee2ccb4200f2a6ff362ff646eca70b2a973dbfeec9821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 29 Jul 2023 07:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 29 Jul 2023 06:27:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 29 Jul 2023 07:05:18 GMT

GET
H2 200 pubads_impl_fy2012.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/ 386 KB
123 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl_fy2012.js?cb=31076166

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 17:35:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48582
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125535
x-xss-protection: 0
server: cafe
etag: 10403599952857238940
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sat, 27 Jul 2024 17:35:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/ Frame FB42 10 KB
5 KB 58ms
13ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230726/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 75625
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 10:04:53 GMT
etag: 12368291122986407432
expires: Fri, 11 Aug 2023 10:04:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 property Show response
lihkg.com/api_v2/system/ 51 KB
3 KB 284ms
280ms XHR
application/json 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lihkg.com/api_v2/system/property

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e829836e814d8fa0aad73ced4c6c3032c47b92e6312631d35d2ef94229a9ab3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
X-LI-LOAD-TIME: 5.14534872
Referer: https://lihkg.com/thread/3257982/page/1?ref=web&post=1
accept-language: de-DE,de;q=0.9
X-LI-DEVICE-TYPE: browser
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
X-LI-DEVICE: 951eb2de40ed9209db3483fd14a5a2640c445cd5

Response headers

date: Sat, 29 Jul 2023 07:05:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json;charset=utf-8
li-node: AWS8
cf-ray: 7ee38341aefd9bc8-FRA
alt-svc: h3=":443"; ma=86400

GET
H3

200

invisible.js Show response
lihkg.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/11b725eb/ Frame ECDA
Redirect Chain

https://lihkg.com/cdn-cgi/challenge-platform/scripts/invisible.js
https://lihkg.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/11b725eb/invisible.js

7 KB
3 KB

35ms
34ms

Script
application/javascript

2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lihkg.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/11b725eb/invisible.js

Protocol

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a16c8535955ecab958f2479011fe6d736d69c415fca0f045c1ab5f6defb39cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 7ee38341bf189bc8-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 29 Jul 2023 07:05:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
vary: accept-encoding
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/11b725eb/invisible.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 7ee383418ee29bc8-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 204 rum Show response
lihkg.com/cdn-cgi/ 0
137 B 18ms
18ms XHR
text/plain 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lihkg.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://lihkg.com/thread/3257982/page/1?ref=web&post=1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
content-type: application/json

Response headers

date: Sat, 29 Jul 2023 07:05:18 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://lihkg.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7ee38341bf179bc8-FRA

POST
H3 200 7ee3833c1e3418c7 Show response
lihkg.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame ECDA 0
283 B 44ms
41ms XHR
text/plain 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lihkg.com/cdn-cgi/challenge-platform/h/b/cv/result/7ee3833c1e3418c7

Requested by

Host: lihkg.com
URL: https://lihkg.com/cdn-cgi/challenge-platform/scripts/invisible.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 29 Jul 2023 07:05:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
content-type: text/plain; charset=UTF-8
cf-ray: 7ee38342a8779bc8-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 11.chunk.js Show response
cdn.lihkg.com/static/2307045067-knk8z/js/ 29 KB
9 KB 53ms
51ms Script
application/javascript 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lihkg.com/static/2307045067-knk8z/js/11.chunk.js

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb4d609b5c3a5aec790f8937ce65e69f35303ddbe39cf3588af7bed8ed2a437e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2144395
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 04 Jul 2023 11:18:14 GMT
server: cloudflare
etag: W/"64a3fff6-758d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ee3834329389bc8-FRA
expires: Sun, 28 Jul 2024 07:05:18 GMT

GET
H3 200 21.chunk.js Show response
cdn.lihkg.com/static/2307045067-knk8z/js/ 32 KB
11 KB 57ms
57ms Script
application/javascript 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lihkg.com/static/2307045067-knk8z/js/21.chunk.js

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b79061721d5bff6017244edfae8d759856428814d3e0a5c96ddf81c62fc1a778

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2144395
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 04 Jul 2023 11:18:14 GMT
server: cloudflare
etag: W/"64a3fff6-813d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ee3834329439bc8-FRA
expires: Sun, 28 Jul 2024 07:05:18 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 114ms
113ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b15446e3681c3d6823e15277d551ae72cbe039cabfd9b3fe7566385d6949a4d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50683
x-xss-protection: 0
server: cafe
etag: 16536046703168695621
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 07:05:18 GMT

GET
H3 200 8.chunk.js Show response
cdn.lihkg.com/static/2307045067-knk8z/js/ 3 KB
1 KB 65ms
64ms Script
application/javascript 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lihkg.com/static/2307045067-knk8z/js/8.chunk.js

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94e2294df57e775b3da8a4dfeaf427c81efa2a05f808229fcdd4f12646d8a2c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 2142862
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 04 Jul 2023 11:18:14 GMT
server: cloudflare
etag: W/"64a3fff6-b00"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7ee3834339679bc8-FRA
expires: Sun, 28 Jul 2024 07:05:18 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a40bc7c42a924ebfb7c0bc286872aca8d62d090c27977c8f216306a521369828

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 licon.woff2
cdn.lihkg.com/assets/web/fonts/ 14 KB
14 KB 143ms
52ms Font
application/octet-stream 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lihkg.com/assets/web/fonts/licon.woff2?2spcxh

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/assets/web/style.css?ver=13032023

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b1a46106fd1a1ddf039f102e746861c90f6da3b4065aa901362503654335467

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.lihkg.com/assets/web/style.css?ver=13032023
Origin: https://lihkg.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:18 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
accept-language: bytes
age: 2228904
alt-svc: h3=":443"; ma=86400
content-length: 13916
last-modified: Mon, 13 Mar 2023 10:32:06 GMT
server: cloudflare
etag: "640efba6-365c"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7ee38343d84e2c6d-FRA
expires: Sun, 28 Jul 2024 07:05:18 GMT

GET
H3 200 1 Show response
lihkg.com/api_v2/thread/3257982/page/ 15 KB
3 KB 649ms
649ms XHR
application/json 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lihkg.com/api_v2/thread/3257982/page/1?order=reply_time

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54e7b1cc4755ea6a4fa765be965f7ed7c57e490d78d539a1f09f82f073e08618

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
X-LI-LOAD-TIME: 4.3131465
Referer: https://lihkg.com/thread/3257982/page/1?ref=web&post=1
accept-language: de-DE,de;q=0.9
X-LI-DEVICE-TYPE: browser
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
X-LI-DEVICE: 951eb2de40ed9209db3483fd14a5a2640c445cd5

Response headers

date: Sat, 29 Jul 2023 07:05:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json;charset=utf-8
li-node: AWS7
cf-ray: 7ee3834379b29bc8-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 272ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PPY9Z37CCJ&gtm=45je37q0&_p=1344543899&cid=1416592483.1690614319&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690614319&sct=1&seg=0&dl=https%3A%2F%2Flihkg.com%2Fthread%2F3257982%2Fpage%2F1%3Fref%3Dweb%26post%3D1&dt=%E8%BC%89%E5%85%A5%E4%B8%AD...%20%7C%20LIHKG&en=exception&_fv=1&_nsi=1&_ss=1&_ee=1&ep.description=Get_Push_Notification_Token_Error&ep.fatal=false&upn.darkMode=1&upn.splitMode=1&upn.staticIcons=0&upn.limitContainerSize=1&upn.isLoggedIn=0&upn.officeMode=0&upn.fakeOfficeMode=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PPY9Z37CCJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 07:05:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lihkg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prebid Show response
pb.lihkg.com/ Frame D430 5 KB
2 KB 65ms
44ms Document
text/html 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=5

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e442e12133be70b81aac4a5d9b8591cd53961725377aeddf150303fd09a5380

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 431
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=1800
cf-cache-status: HIT
cf-ray: 7ee38347fb9d18c7-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 29 Jul 2023 07:05:19 GMT
expires: Sat, 29 Jul 2023 07:35:19 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 hqdefault.jpg
img.youtube.com/vi/H7N-SmsJVe8/ 35 KB
36 KB 124ms
20ms Image
image/jpeg 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/H7N-SmsJVe8/hqdefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2c77a12e95f74162527f4457cd7348d4ed8533be5409222473bc7b74fd15a28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 05:15:36 GMT
x-content-type-options: nosniff
age: 6583
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36035
x-xss-protection: 0
server: sffe
etag: "1672311024"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 29 Jul 2023 07:15:36 GMT

GET
H3 200 youtube-play.png
cdn.lihkg.com/static/2307045067-knk8z/media/ 4 KB
5 KB 45ms
45ms Image
image/webp 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.lihkg.com/static/2307045067-knk8z/media/youtube-play.png

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fa8aec37baab1861e13ee19ef1e8f379572ed567a42cbc25af45cafd1c6a374

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.lihkg.com/static/2307045067-knk8z/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1845735
cf-polished: origFmt=png, origSize=5201
content-disposition: inline; filename="youtube-play.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4530
cf-bgj: imgq:100,h2pri
last-modified: Tue, 04 Jul 2023 11:18:14 GMT
server: cloudflare
etag: "64a3fff6-1451"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7ee38347df1b9bc8-FRA
expires: Mon, 28 Aug 2023 07:05:19 GMT

GET
H3 200 f5-sprite.png
cdn.lihkg.com/static/2307045067-knk8z/media/ 10 KB
11 KB 44ms
44ms Image
image/webp 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.lihkg.com/static/2307045067-knk8z/media/f5-sprite.png

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f03b94344821d98d8d849415345f53de7c9eb39fe0e5b4862eb1067332d7d79

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.lihkg.com/static/2307045067-knk8z/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2144395
cf-polished: origFmt=png, origSize=11433
content-disposition: inline; filename="f5-sprite.webp"
alt-svc: h3=":443"; ma=86400
content-length: 10656
cf-bgj: imgq:100,h2pri
last-modified: Tue, 04 Jul 2023 11:18:14 GMT
server: cloudflare
etag: "64a3fff6-2ca9"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7ee38347df239bc8-FRA
expires: Mon, 28 Aug 2023 07:05:19 GMT

GET
H3 200 f5bouncer.png
cdn.lihkg.com/static/2307045067-knk8z/media/ 10 KB
10 KB 59ms
58ms Image
image/webp 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.lihkg.com/static/2307045067-knk8z/media/f5bouncer.png

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/css/styles.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d18956c21464cd32c3ce93f61bbb47b3e24d58ca2680702c7c84a37cdbacc54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.lihkg.com/static/2307045067-knk8z/css/styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2144395
cf-polished: origFmt=png, origSize=11486
content-disposition: inline; filename="f5bouncer.webp"
alt-svc: h3=":443"; ma=86400
content-length: 9858
cf-bgj: imgq:100,h2pri
last-modified: Tue, 04 Jul 2023 11:18:14 GMT
server: cloudflare
etag: "64a3fff6-2cde"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7ee38347ef269bc8-FRA
expires: Mon, 28 Aug 2023 07:05:19 GMT

POST
H/1.1 204
No Content hb Show response
cpm.bidmyqps.xyz/ 0
256 B 128ms
37ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.bidmyqps.xyz/hb?zone=195139&v=1.6
Requested by: Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/assets/js/prebid7.51.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 29 Jul 2023 07:05:19 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://lihkg.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ 0
171 B 443ms
118ms XHR
text/plain 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-772A2EBB6B843764FB988777722AD229&tdid=&schain=&gpid=%2F244621734%2Fprebid-post&eids=&pubcid=9f0feda0-f9b5-4f6d-92a5-13c50f166ae2&u=https%3A%2F%2Flihkg.com%2Fthread%2F3257982%2Fpage%2F1%3Fref%3Dweb%26post%3D1&host=lihkg.com&w=336&h=280
Requested by: Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/assets/js/prebid7.51.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://lihkg.com
date: Sat, 29 Jul 2023 07:05:19 GMT
access-control-allow-credentials: true
connection: close

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
321 B 151ms
49ms XHR
text/plain 54.216.69.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/assets/js/prebid7.51.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.216.69.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-69-247.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 29 Jul 2023 07:05:19 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin: https://lihkg.com
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: eba2e288-1e05-e558-4b71-ee01b27ea193

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ 0
323 B 150ms
49ms XHR
text/plain 54.216.69.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/assets/js/prebid7.51.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.216.69.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-69-247.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 29 Jul 2023 07:05:19 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin: https://lihkg.com
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: af27ec06-4c6b-607d-4c99-ef1b60b1b309

POST

apnet
gocm.c.appier.net/
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid

0
0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307260101/ 361 KB
124 KB 93ms
92ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=lihkg.com&bust=31076543

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f631f231bee6defede8a2a442513beb65b14f35295c56bcaec1ef1a5a173b28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126406
x-xss-protection: 0
server: cafe
etag: 551864416525218734
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 07:05:19 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 202 KB
73 KB 32ms
31ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=G-L8WS4GS6YR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PPY9Z37CCJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd9c4d4223ef299450bd46051c276889c4f1ac0ea3e509358f431102bb34f069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74207
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 29 Jul 2023 07:05:19 GMT

GET
H3 200 lihkg2.gif
cdn.lihkg.com/assets/faces/tigerxm/ 8 KB
9 KB 42ms
41ms Image
image/gif 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.lihkg.com/assets/faces/tigerxm/lihkg2.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b3502df02b06b781c53f30f27391d732f6b5e93503eb0c82fb986d5b0490dcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6458
cf-polished: origSize=20558, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 8685
cf-bgj: imgq:100,h2pri
last-modified: Thu, 01 Dec 2022 07:54:50 GMT
server: cloudflare
etag: "63885dca-504e"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7ee383483fa19bc8-FRA
expires: Mon, 28 Aug 2023 07:05:19 GMT

GET
H3 200 agree.gif
cdn.lihkg.com/assets/faces/xm/ 1 KB
2 KB 49ms
47ms Image
image/webp 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.lihkg.com/assets/faces/xm/agree.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2baf9a25c22e89a196e42843c0d547ad3cc326a2c1101c99d437817b831ef0b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6458
cf-polished: origFmt=gif, origSize=1586
content-disposition: inline; filename="agree.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1404
cf-bgj: imgq:100,h2pri
last-modified: Wed, 13 Jul 2022 10:56:19 GMT
server: cloudflare
etag: "62cea4d3-632"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7ee383483fa39bc8-FRA
expires: Mon, 28 Aug 2023 07:05:19 GMT

GET
H3 200 clown.gif
cdn.lihkg.com/assets/faces/normal/ 179 B
479 B 47ms
46ms Image
image/gif 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.lihkg.com/assets/faces/normal/clown.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ed2a584ee1368ea53d5ad19adcf8bd9aa9d260d1489a41f9ddcac11db82a4bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
accept-language: bytes
age: 129091
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 179
cf-bgj: imgq:100,h2pri
last-modified: Wed, 13 Jul 2022 10:56:19 GMT
server: cloudflare
etag: "62cea4d3-b3"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7ee383483fa49bc8-FRA
expires: Mon, 28 Aug 2023 07:05:19 GMT

GET
H3 200 frown.gif
cdn.lihkg.com/assets/faces/normal/ 160 B
488 B 48ms
46ms Image
image/webp 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.lihkg.com/assets/faces/normal/frown.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e37efbbd9c8163c656be2228f1ae4bd48e55425ad6f399c8fbea9c3c85630aba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2388179
cf-polished: origFmt=gif, origSize=173
content-disposition: inline; filename="frown.webp"
alt-svc: h3=":443"; ma=86400
content-length: 160
cf-bgj: imgq:100,h2pri
last-modified: Wed, 13 Jul 2022 10:56:19 GMT
server: cloudflare
etag: "62cea4d3-ad"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7ee383483fa69bc8-FRA
expires: Mon, 28 Aug 2023 07:05:19 GMT

GET
H3 200 smile.gif
cdn.lihkg.com/assets/faces/normal/ 141 B
445 B 45ms
44ms Image
image/gif 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.lihkg.com/assets/faces/normal/smile.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

466d53eb08c836732a59053a7b6f8a8bb1c9e8993f7c59547b9fa3fdd7f1e725

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1536201
cf-polished: origSize=168, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 141
cf-bgj: imgq:100,h2pri
last-modified: Wed, 13 Jul 2022 10:56:19 GMT
server: cloudflare
etag: "62cea4d3-a8"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7ee383483fa79bc8-FRA
expires: Mon, 28 Aug 2023 07:05:19 GMT

GET
H3 200 sosad.gif
cdn.lihkg.com/assets/faces/normal/ 1 KB
2 KB 48ms
47ms Image
image/gif 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.lihkg.com/assets/faces/normal/sosad.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb102dd118baa664f3e341180820bf8daaf721a447a37b765d161fc54becf112

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 993424
cf-polished: origSize=1531, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 1525
cf-bgj: imgq:100,h2pri
last-modified: Wed, 13 Jul 2022 10:56:19 GMT
server: cloudflare
etag: "62cea4d3-5fb"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7ee383483fa99bc8-FRA
expires: Mon, 28 Aug 2023 07:05:19 GMT

GET
H3 200 sosad.gif
cdn.lihkg.com/assets/faces/big/ 3 KB
4 KB 49ms
47ms Image
image/webp 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.lihkg.com/assets/faces/big/sosad.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

762bcbf05290682af932b29ee3c54d675e80830af07d80f5ca365730ba318086

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 927651
cf-polished: origFmt=gif, origSize=5654
content-disposition: inline; filename="sosad.webp"
alt-svc: h3=":443"; ma=86400
content-length: 3384
cf-bgj: imgq:100,h2pri
last-modified: Wed, 13 Jul 2022 10:56:19 GMT
server: cloudflare
etag: "62cea4d3-1616"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7ee383483faa9bc8-FRA
expires: Mon, 28 Aug 2023 07:05:19 GMT

GET
H3 200 agree.gif
cdn.lihkg.com/assets/faces/normal/ 875 B
1 KB 45ms
44ms Image
image/gif 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.lihkg.com/assets/faces/normal/agree.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0cd8ed767fc6b46b1261f9394cca7c3fcae1b16f8cf21e4fdc9a5d5ca86ee8e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 991526
cf-polished: origSize=881, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 875
cf-bgj: imgq:100,h2pri
last-modified: Wed, 13 Jul 2022 10:56:19 GMT
server: cloudflare
etag: "62cea4d3-371"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7ee383483fad9bc8-FRA
expires: Mon, 28 Aug 2023 07:05:19 GMT

GET
H3 200 good.gif
cdn.lihkg.com/assets/faces/normal/ 139 B
432 B 48ms
47ms Image
image/gif 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.lihkg.com/assets/faces/normal/good.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb576e03eb610d3af28916b86aa93125748dd242d8449878ac22c61fe7dd9f4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
age: 191722
cf-polished: status=not_needed
alt-svc: h3=":443"; ma=86400
content-length: 139
cf-bgj: imgq:100,h2pri
last-modified: Wed, 13 Jul 2022 10:56:19 GMT
server: cloudflare
etag: "62cea4d3-8b"
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
cf-ray: 7ee383483fae9bc8-FRA
expires: Mon, 28 Aug 2023 07:05:19 GMT

GET
H3 200 category Show response
lihkg.com/api_v2/thread/ 74 KB
11 KB 321ms
321ms XHR
application/json 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://lihkg.com/api_v2/thread/category?cat_id=5&page=1&count=60

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cee916756cf22f66a662991d92ffe638736ba18fc64a137c64ea88ba15435e9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/plain, */*
X-LI-LOAD-TIME: 7.0191219
Referer: https://lihkg.com/thread/3257982/page/1?ref=web&post=1
accept-language: de-DE,de;q=0.9
X-LI-DEVICE-TYPE: browser
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
X-LI-DEVICE: 951eb2de40ed9209db3483fd14a5a2640c445cd5

Response headers

date: Sat, 29 Jul 2023 07:05:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json;charset=utf-8
li-node: AWS9
cf-ray: 7ee383484fb19bc8-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 141ms
74ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307250102/pubads_impl_fy2012.js?cb=31076166

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Jul 2023 13:25:47 GMT
server: nginx
etag: W/"64ad585b-a980"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 30 Jul 2023 07:05:19 GMT

GET
H3 200 asyncspc.php Show response
adv.lihkg.com/www/delivery/ 417 B
616 B 518ms
517ms XHR
application/json 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://adv.lihkg.com/www/delivery/asyncspc.php?zones=9&prefix=revive-0-&target=_blank&prebid=1&platform=web&theme=light&cat-id=5&sub-cat-id=0&hot=0&adu=0&member=0&loc=https%3A%2F%2Flihkg.com%2Fthread%2F3257982%2Fpage%2F1

Requested by

Host: adv.lihkg.com
URL: https://adv.lihkg.com/www/delivery/asyncjs.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d8175a51150550ffadbc8f026e26b4d8f72a87cab9db27392e989fce4da662e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 07:05:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://lihkg.com
content-type: application/json
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 7ee383486fd79bc8-FRA
alt-svc: h3=":443"; ma=86400
expires: 0

GET
H3 200 prebid7.51.0.js Show response
pb.lihkg.com/js/ Frame D430 251 KB
78 KB 38ms
38ms Script
application/javascript 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/js/prebid7.51.0.js

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e9e9483dc8972e01d5f55bbade4cb00f0ad629dc73e7cfd1224ed2496108cc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 5519271
cf-polished: origSize=257341
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 26 May 2023 09:44:34 GMT
server: cloudflare
etag: W/"3ed3d-18857721436"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=2592000
cf-ray: 7ee383486fe39bc8-FRA
expires: Mon, 28 Aug 2023 07:05:19 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 25ms
24ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-L8WS4GS6YR&gtm=45je37q0&_p=1344543899&cid=1416592483.1690614319&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dp=%2Fthread%2F3257982%2F&sid=1690614319&sct=1&seg=0&dl=https%3A%2F%2Flihkg.com%2Fthread%2F3257982%2Fpage%2F1&dt=%233257982%23%E8%8B%B1%E7%8E%8B%E6%9F%A5%E7%90%86%E6%96%AF%E4%B8%89%E4%B8%96%E7%99%BC%E8%A1%A8%E5%9C%A8%E4%BB%BB%E9%A6%96%E5%80%8B%E8%81%96%E8%AA%95%E6%96%87%E5%91%8A%EF%BC%8C%E4%BD%A0%E8%81%BD%E5%92%97%E6%9C%AA%EF%BC%9F&en=page_view&_fv=1&_ss=1&_ee=1&upn.darkMode=1&upn.splitMode=1&upn.staticIcons=0&upn.limitContainerSize=1&upn.isLoggedIn=0&upn.officeMode=0&upn.fakeOfficeMode=0&up.cat_id_5_thread_id=3257982&up.thread_id=3257982
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-L8WS4GS6YR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 07:05:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lihkg.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame FBC8 15 KB
6 KB 91ms
32ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=lihkg.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 07:05:19 GMT
server: Kestrel
server-processing-duration-in-ticks: 253615
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 385 B
601 B 107ms
54ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=lihkg.com&callback=_gfp_s_&client=ca-pub-1983042674979462

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=lihkg.com&bust=31076543

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8840205721bb9d6fc72feac61276d5d4a1534a5c6cd379f8bb499172b7295ba0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H3

200

flurry Show response
pb.lihkg.com/ Frame E0FD
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=250&slotname=9106605872%2F5521398132&adk=3524170298&adf=1413308163&pi=t.ma~as.9106605872%2F55213981_&w=32...
https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

1 KB
793 B

33ms
32ms

Document
text/html

2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fb66cda8a7f6b544f761bba57abfdadd810eece869cc49f5c4fdb97eda7271c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 360
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=1800
cf-cache-status: HIT
cf-ray: 7ee3834c7d489bc8-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 29 Jul 2023 07:05:20 GMT
expires: Sat, 29 Jul 2023 07:35:20 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 07:05:19 GMT
location: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 139ms
74ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230726&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26dcad3ada09565d9d93453a45a22709b058f2939f2c4f04b49695e4fa7c27f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11733
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7251 430 B
398 B 271ms
271ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3240616428100660&output=html&h=250&slotname=9808563034&adk=532204820&adf=681505122&pi=t.ma~as.9808563034&w=320&lmt=1690614319&format=320x250&url=https%3A%2F%2Flihkg.com%2Fthread%2F3257982%2Fpage%2F1&region=16906143193221800&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690614319379&bpp=1&bdt=1530&idt=216&shv=r20230726&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&correlator=7414122691268&frm=20&pv=2&ga_vid=1416592483.1690614319&ga_sid=1690614320&ga_hid=1344543899&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1037&ady=2685&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076088%2C31076482%2C31076543%2C44788442%2C44797784&oid=2&pvsid=1218557576067882&tmod=846911435&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&btvi=2&fsb=1&xpc=SoYq2pIZW1&p=https%3A//lihkg.com&dtd=220

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf600bccf97c9bb7ba13a4f0c6f12acb1c7974cb8d8eee6a18e3ec10b424b4cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 07:05:19 GMT
expires: Sat, 29 Jul 2023 07:05:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST

apnet
gocm.c.appier.net/ Frame D430
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid

0
0

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame D430 0
174 B 335ms
126ms XHR
text/plain 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-772A2EBB6B843764FB988777722AD229&tdid=&schain=&fp=0.03&eids=&pubcid=f1d0f3d4-f6e9-4530-afa8-7d0231a53765&u=https%3A%2F%2Flihkg.com%2F&host=lihkg.com&ao=https%3A%2F%2Flihkg.com&w=336&h=280
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://pb.lihkg.com
date: Sat, 29 Jul 2023 07:05:19 GMT
access-control-allow-credentials: true
connection: close

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ Frame D430 0
324 B 54ms
53ms XHR
text/plain 54.216.69.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.216.69.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-69-247.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 29 Jul 2023 07:05:19 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin: https://pb.lihkg.com
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: 4bede324-4453-a955-78ae-b6bba4572be9

POST
H2 400 prebid Show response
prebid.ad.smaato.net/oapi/ Frame D430 0
324 B 54ms
54ms XHR
text/plain 54.216.69.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.ad.smaato.net/oapi/prebid
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.216.69.247 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-69-247.eu-west-1.compute.amazonaws.com
Software: SOMA /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 29 Jul 2023 07:05:19 GMT
server: SOMA
x-smt-message: GDPR inventory not enabled for Application. Please contact your Account Manager.
access-control-allow-origin: https://pb.lihkg.com
access-control-expose-headers: X-SMT-DivId,X-SMT-SessionId,X-SMT-ADTYPE,X-SMT-Impression-Measurement,X-SMT-MESSAGE,X-SMT-Expires
access-control-allow-credentials: true
content-length: 0
x-smt-sessionid: 5605a028-713d-238c-c8c8-5e8d90f42f0c

POST
H/1.1 204
No Content hb Show response
cpm.bidmyqps.xyz/ Frame D430 0
259 B 342ms
28ms XHR
text/plain 77.245.57.72
WEBAIR-INTERNET-MTL

General

Check archive.org

Show headers Download Go to

Full URL: https://cpm.bidmyqps.xyz/hb?zone=195139&v=1.6
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/js/prebid7.51.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pb.lihkg.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sat, 29 Jul 2023 07:05:19 GMT
Server: nginx
Age: 0
Access-Control-Allow-Origin: https://pb.lihkg.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6817 0
180 B 37ms
37ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&adk=1812271804&adf=3025194257&lmt=1690614319&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=140x1080_l%7C140x945_r&format=0x0&url=https%3A%2F%2Flihkg.com%2Fthread%2F3257982%2Fpage%2F1&ea=0&region=16906143193214434&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690614319391&bpp=1&bdt=1543&idt=235&shv=r20230726&mjsv=m202307260101&ptt=9&saldr=aa&abxe=1&prev_fmts=320x250&nras=1&correlator=7414122691268&frm=20&pv=1&ga_vid=1416592483.1690614319&ga_sid=1690614320&ga_hid=1344543899&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759837%2C44759875%2C31076088%2C31076482%2C31076543%2C44788442%2C44797784&oid=2&pvsid=1218557576067882&tmod=846911435&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=255

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 07:05:19 GMT
expires: Sat, 29 Jul 2023 07:05:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame FBC8
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=lihkg.com&sn=ChromeSyncframe&so=0&topUrl=lihkg.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=S-sU1HxFbEltNGZJeXBUY24zdHpPNS9CbjZrZWRNalRERUdaYnRVek1RWGZHQWNiMTdoL1J4NmhsZ2xaeXRoVTlxbWNucHZQMjZ0ZkphaTJxOW1xZU1aQVdDSGg2OGFXQzhOblJielNlNXVwTFFXWjM4dnFZNm5Hc1gyY0...

417 B
650 B

86ms
27ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=S-sU1HxFbEltNGZJeXBUY24zdHpPNS9CbjZrZWRNalRERUdaYnRVek1RWGZHQWNiMTdoL1J4NmhsZ2xaeXRoVTlxbWNucHZQMjZ0ZkphaTJxOW1xZU1aQVdDSGg2OGFXQzhOblJielNlNXVwTFFXWjM4dnFZNm5Hc1gyY0hJZnZoNW9USWt5Ym5GWUlIemJPa1U3Q2JhOW4rL0laeWEveTRYcit3UDloQW9va1V1TnNmSmpHeTM4Szg5dTV4OFZzS3ZWeFV5RjBtcmR6c0NUVXlXc2JnM1lMYmdiem8vbThLckVYS3drbFhuTmhyMVV2elZ1UnJzdkF3TEpmbnNIOFk3T1doZHk4MGZoV2ROd2UyZVZoanJIRlI5UT09fA&cppv=2

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

570042377e4281fd5ac99894af8c69866b1ce3063ea5263669f45df8d75a3d50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 07:05:18 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1115900
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 07:05:18 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=S-sU1HxFbEltNGZJeXBUY24zdHpPNS9CbjZrZWRNalRERUdaYnRVek1RWGZHQWNiMTdoL1J4NmhsZ2xaeXRoVTlxbWNucHZQMjZ0ZkphaTJxOW1xZU1aQVdDSGg2OGFXQzhOblJielNlNXVwTFFXWjM4dnFZNm5Hc1gyY0hJZnZoNW9USWt5Ym5GWUlIemJPa1U3Q2JhOW4rL0laeWEveTRYcit3UDloQW9va1V1TnNmSmpHeTM4Szg5dTV4OFZzS3ZWeFV5RjBtcmR6c0NUVXlXc2JnM1lMYmdiem8vbThLckVYS3drbFhuTmhyMVV2elZ1UnJzdkF3TEpmbnNIOFk3T1doZHk4MGZoV2ROd2UyZVZoanJIRlI5UT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 264616
content-length: 0
expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 297ms
31ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 07:05:20 GMT

GET
H3 200 lg.php
adv.lihkg.com/www/delivery/ 43 B
363 B 233ms
233ms Image
image/gif 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adv.lihkg.com/www/delivery/lg.php?bannerid=0&campaignid=0&zoneid=9&loc=https%3A%2F%2Flihkg.com%2Fthread%2F3257982%2Fpage%2F1&cb=e98f1a3638

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 07:05:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cf-ray: 7ee3834bac349bc8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

GET
H3 200 flurry6.css
pb.lihkg.com/css/ Frame E0FD 2 KB
950 B 33ms
32ms Stylesheet
text/css 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/css/flurry6.css?v=5

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8543eee7ce49564643fa813ae7f87accf93f9a845c8c14aa0eb75c93ec0174bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1376696
cf-polished: origSize=2441
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 26 May 2023 10:34:44 GMT
server: cloudflare
etag: W/"989-18857a00520"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=2592000
cf-ray: 7ee3834cbd979bc8-FRA
expires: Mon, 28 Aug 2023 07:05:20 GMT

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame E0FD 80 KB
30 KB 126ms
38ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 06:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 96Z7ME8GQNHF630V
age: 587
x-amz-server-side-encryption: AES256
x-amz-id-2: 8uEBT48VAgg56h+8YVYUEcYtBbvLVQhE3fdFMZ3r4vSeUaEpEb8vy6ygA0WXAE+YysrFfN76vtE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame E0FD 239 B
568 B 223ms
66ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=af0df10b-65bf-42ae-9b7f-1a1dc9396bb1&apiKey=3HZV7WJSJ82YGVYV89M4&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fpb.lihkg.com%2Fflurry&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

3aaebb44fa7aff9f07c039c9678ca52b7a5277c15af947834950663fa31b5da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Sat, 29 Jul 2023 07:05:20 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 6
x-xss-protection: 1; mode=block
x-request-id: 58c86201-639c-4f50-8ac6-e6037eef8e58

GET
H2 200 b
geo.yahoo.com/ Frame E0FD 43 B
96 B 895ms
65ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 07:05:21 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7C90 13 KB
5 KB 39ms
34ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 74412
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 10:25:08 GMT
expires: Sat, 27 Jul 2024 10:25:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B2B1 783 B
1 KB 183ms
38ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4da135a3863894c4e002bb2564dc96a454bc043081333239cdeb5d7f72252fa9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-U5m6izzh4vHgm65-0p904w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-U5m6izzh4vHgm65-0p904w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 07:05:20 GMT
expires: Sat, 29 Jul 2023 07:05:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame 7C90 37 KB
14 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 22:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jul 2024 22:08:10 GMT

GET
H3 200 smj Show response
pb.lihkg.com/ Frame 22B5 1021 B
652 B 43ms
42ms Document
text/html 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/smj?theme=light&passback=1&platform=mobile-web&is_mobile=1

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a40fc44931813ecfe54e364b4796515e500588bb85397524efc745cc1859eba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://pb.lihkg.com/flurry?theme=light&platform=mobile-web&is_mobile=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 356
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=1800
cf-cache-status: HIT
cf-ray: 7ee3834f98fd9bc8-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 29 Jul 2023 07:05:20 GMT
expires: Sat, 29 Jul 2023 07:35:20 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 ysm_lihkg.js Show response
ad.sitemaji.com/ Frame 22B5 21 KB
7 KB 212ms
39ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_lihkg.js
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/smj?theme=light&passback=1&platform=mobile-web&is_mobile=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 05b2def23d36dec3b886f467a18f87326b5765e287d9b483f0b9b6812fa31bf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:47:38 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 06 Jan 2023 08:51:28 GMT
server: nginx/1.12.1 (Ubuntu)
age: 40662
etag: W/"63b7e110-52d7"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6707
expires: Sat, 29 Jul 2023 19:47:38 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame D430 145 KB
50 KB 107ms
107ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/prebid?theme=light&passback=1&is_mobile=1&platform=web&category_id=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

637551b631d826463bf8048da378ca46f55452b18fa5a94c4e33002c9789232d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50669
x-xss-protection: 0
server: cafe
etag: 2658154533886922222
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 07:05:20 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7C90 0
10 B 27ms
26ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?PKfN3w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B2B1 0
0 60ms
60ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230726&jk=1218557576067882&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270201/ Frame D430 364 KB
125 KB 94ms
94ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=pb.lihkg.com&bust=31076576

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee098897df3c6f95792830ecb2d723738f4f397aa5ca3695468330bfae26e9b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127861
x-xss-protection: 0
server: cafe
etag: 9643719988911164315
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 07:05:20 GMT

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame 22B5 80 KB
30 KB 46ms
43ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_lihkg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 06:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 96Z7ME8GQNHF630V
age: 587
x-amz-server-side-encryption: AES256
x-amz-id-2: 8uEBT48VAgg56h+8YVYUEcYtBbvLVQhE3fdFMZ3r4vSeUaEpEb8vy6ygA0WXAE+YysrFfN76vtE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
H2 200 b
geo.yahoo.com/ Frame 22B5 43 B
366 B 173ms
65ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 07:05:21 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 22B5 298 B
364 B 64ms
63ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=22c87bdb-f382-4ab8-b1fd-a16065b11ad0&apiKey=8Z7TZ5MDPJ4WQK8Y68JB&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fsunflyday.com%2F&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

d531ee353b2e628d0735cacda425a3000ab2da5481ea441980a576896e6bd427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Sat, 29 Jul 2023 07:05:20 GMT
server: ATS
age: 1
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 12
x-xss-protection: 1; mode=block
x-request-id: e0ab72ab-0e08-4451-bb9e-fd84864b712b

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame D430 12 B
100 B 34ms
33ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=pb.lihkg.com&callback=_gfp_s_&client=ca-pub-1983042674979462&cookie=ID%3D90006be0ff5ee646-22b82cd402e30039%3AT%3D1690614319%3ART%3D1690614319%3AS%3DALNI_Mbtt5_Bju-QC21UG9SMj_yn-BIh7g&gpic=UID%3D00000d2a2423f995%3AT%3D1690614319%3ART%3D1690614319%3AS%3DALNI_MbG6jYjK_MV8XlEnZfoQjCL9_FFkw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307270201/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1983042674979462&plah=pb.lihkg.com&bust=31076576

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5A67 27 KB
12 KB 688ms
681ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1690614320639&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690614320840&bpp=3&bdt=1422&idt=244&shv=r20230726&mjsv=m202307270201&ptt=9&saldr=aa&cookie=ID%3D90006be0ff5ee646-22b82cd402e30039%3AT%3D1690614319%3ART%3D1690614319%3AS%3DALNI_Mbtt5_Bju-QC21UG9SMj_yn-BIh7g&gpic=UID%3D00000d2a2423f995%3AT%3D1690614319%3ART%3D1690614319%3AS%3DALNI_MbG6jYjK_MV8XlEnZfoQjCL9_FFkw&correlator=2361311590456&frm=24&ife=1&pv=2&ga_vid=1416592483.1690614319&ga_sid=1690614321&ga_hid=1393956451&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=2503316152&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759842%2C44759875%2C31076481%2C31076576%2C44788442&oid=2&pvsid=3028226912030831&tmod=1624674545&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.gt3e0rlw9fri&fsb=1&dtd=261

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1e20d8f7e3ff4ac88bd039eca6b140ccfad3510688f02d77301b7f29ad6110e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pb.lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 12751
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 07:05:21 GMT
expires: Sat, 29 Jul 2023 07:05:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D430 15 KB
11 KB 78ms
78ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230726&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cdafe1bee6bd0dd0553a6bf2ae3bd42b96df231a0a8caaa4dbf44a20d721a833

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11674
x-xss-protection: 0

GET
H3 200 smj Show response
pb.lihkg.com/ Frame 064A 1021 B
652 B 56ms
53ms Document
text/html 2606:4700::6811:d6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.lihkg.com/smj?theme=light&is_mobile=1

Requested by

Host: cdn.lihkg.com
URL: https://cdn.lihkg.com/static/2307045067-knk8z/js/main.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:d6c1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a40fc44931813ecfe54e364b4796515e500588bb85397524efc745cc1859eba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 361
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=1800
cf-cache-status: HIT
cf-ray: 7ee383537d7c9bc8-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 29 Jul 2023 07:05:21 GMT
expires: Sat, 29 Jul 2023 07:35:21 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-lihkg/ Frame 22B5 262 KB
47 KB 76ms
22ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_lihkg.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 945c70f5db956c7ad2b1ac095c2b9367bd455ce0f8c78af7acec31e4db7b0b59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: ZTHObRK.6rWKUJRNknLBE8lKaX_jGMFO
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 07:05:21 GMT
x-amz-request-id: YB1108HXYXK897S6
age: 9305
x-amz-server-side-encryption: AES256
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 7
x-amz-replication-status: FAILED
content-length: 47222
x-amz-id-2: WU/y/EKvosoNE82Mu9N3zwnUM9Bz7gZDndpKf0UMsj9cWqkCs7nYX2gF7qUXK7Yl8CC4kO2g4O0=
x-served-by: cache-fra-eddf8230044-FRA
last-modified: Thu, 27 Jul 2023 15:09:38 UTC
server: nginx
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690614321.232938,VS0,VE1
etag: "2058cb383336d2e727963b7725c8b36f77373f38"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 25
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D430 17 KB
6 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 29 Jul 2023 07:05:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 993E 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://pb.lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 74413
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 28 Jul 2023 10:25:08 GMT
expires: Sat, 27 Jul 2024 10:25:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6312 783 B
763 B 32ms
31ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0542027378b29bc1e3370b034352034b92460928fae4561033227b0dea2d7d04

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-grpQv-UGAQLyVVWw3IFNqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://pb.lihkg.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-grpQv-UGAQLyVVWw3IFNqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 07:05:21 GMT
expires: Sat, 29 Jul 2023 07:05:21 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ysm_lihkg.js Show response
ad.sitemaji.com/ Frame 064A 21 KB
7 KB 42ms
42ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_lihkg.js
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/smj?theme=light&is_mobile=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 05b2def23d36dec3b886f467a18f87326b5765e287d9b483f0b9b6812fa31bf9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 19:47:38 GMT
content-encoding: br
via: 1.1 google
last-modified: Fri, 06 Jan 2023 08:51:28 GMT
server: nginx/1.12.1 (Ubuntu)
age: 40663
etag: W/"63b7e110-52d7"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6707
expires: Sat, 29 Jul 2023 19:47:38 GMT

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame 993E 37 KB
14 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 22:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32231
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jul 2024 22:08:10 GMT

GET
H2 200 impl.20230725-8-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 22B5 789 KB
164 KB 50ms
43ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230725-8-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 242b29a5976f86e5ee41348b262c1f227c542ab41b4d328058b2519dfe08c9ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: aSi0Av9y6RLWG7xt3mu4M6fFU7LdZjdV
content-encoding: br
via: 1.1 varnish
date: Sat, 29 Jul 2023 07:05:21 GMT
x-amz-request-id: DT8YSJ1T7AS6739Q
age: 17384
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 167103
x-amz-id-2: OSIor9XRIvb1WO2FoKKjanEQdIzMimI8JUJFVULsT2xT3qrE9k192+wREx8iQLn0WwsIOb9GlI0=
x-served-by: cache-fra-eddf8230044-FRA
last-modified: Tue, 25 Jul 2023 10:15:35 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690614321.331068,VS0,VE0
etag: "a66304c39a0eb25e365a2c7a3735838e"
vary: Accept-Encoding
content-type: application/javascript
abp: 44
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1797

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame 064A 80 KB
30 KB 61ms
61ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_lihkg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 06:55:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: 96Z7ME8GQNHF630V
age: 588
x-amz-server-side-encryption: AES256
x-amz-id-2: 8uEBT48VAgg56h+8YVYUEcYtBbvLVQhE3fdFMZ3r4vSeUaEpEb8vy6ygA0WXAE+YysrFfN76vtE=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6312 0
0 79ms
79ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230726&jk=3028226912030831&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 73ms
72ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230726&jk=1218557576067882&bg=!e3ileCzNAAZGOVy5Zjk7ADkAdvg8Wv5LYfCf-HGM4SSkQVo_qwZ7YUyFo1z4WOdVOHJJNxBZnWogczQIA39jDdsgjRDgxKvpsXoCAAAA1FIAAAAIaAEHmQKgOHpMWhUhAC8-1LmSCv9QHpTlseXn12AAfk2MEGcxXel5m0lLlFKCKAM0uzhH-z6HEqgJMitD30_7c_52FtBBPvaPqfUx3xKR-QC5S94S_DJyobrIZxQENtOrugjFsL80t7JXrJrX_PQWmrWFnI1fHda5vp2le8H9x3Lpm04JSBORKMtSmgVtdIh6m0Q3mI365B2rejhDVT_OD_MeTbGXEo2Q0raDiaqbJN_b1j0gnrEbRIj2YuvW8rhOqIKsbcfH2fhC7DzDD2MXGd1sfrQRhgKbY67uH4QO1JE8Maq4xftxWkd3Eq-epoKX7h36u24OnuE95UC1fFAP6xpvoOkoCGSA_PjViMsjO8wOJ67LVV5FP0plABqaTjKA4-kqXNNqpqCbk3F5jIyxQ7k75kAPhXQPh6IFcOziV34rYO-gFL6MZgJmyMPpZBG-ZvCSuF8Z4_F6IoHLEHJ8MQCilfWKBWTAvtSF5U98G4Z9TBmV390DUlG9Z6O9CEhG6Bu5sU48v6mdgqDBOWTLzIp9h7xHjOFQVDDc1QfYuJMeXZZJE9GHO0njslEhFdQ1aL21rapJLDOrsnkfK9OXurSdB2N7drC5NMnCwt3U3z3z5Qex9tKCOLj5fHJyKtYyEUYrEwKz0uYjadIaggzHlmIYCvY-BIVbkUWkRrvXVdYZ5drrey7P8CsV0Ku7JKLjjuwZDUFAyTXr_lei-AC_Ig-FTVifLHG7qZlC353thI59UO7EEGJyZldKulETJDGn7KcDYU0wWPmycYro9lmWMpY803c0FBDmzQB_shxiFsXKU32dCDzHs8ew34BrIRBoPfdT9MVEemR0YG7vJ1t1Eirk7p0gByiFl-LRJfaFsCr9JPzuS3OS2w7N-VQDVfDGlFJ_v7cw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 993E 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hdrTow
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:21 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 064A 298 B
394 B 65ms
64ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

d531ee353b2e628d0735cacda425a3000ab2da5481ea441980a576896e6bd427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Sat, 29 Jul 2023 07:05:21 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 11
x-xss-protection: 1; mode=block
x-request-id: c4890759-094a-4927-a4d4-d8c11d63efc9

GET
H2 200 b
geo.yahoo.com/ Frame 064A 43 B
72 B 55ms
55ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: pb.lihkg.com
URL: https://pb.lihkg.com/smj?theme=light&is_mobile=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 07:05:21 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 1
content-length: 43

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-lihkg/ Frame 064A 262 KB
47 KB 31ms
31ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_lihkg.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a58f822cee1ab4f7b39fae5dae406d8ee6e29c6b3da17bffb038a2fb7e9388f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: ZTHObRK.6rWKUJRNknLBE8lKaX_jGMFO
content-encoding: gzip
via: 1.1 varnish
date: Sat, 29 Jul 2023 07:05:21 GMT
x-amz-request-id: JCG5VJGC92VC1XPC
age: 7221
x-amz-server-side-encryption: AES256
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 6
x-amz-replication-status: FAILED
content-length: 47430
x-amz-id-2: vblXBS15R1BoqlmuA1YtmJ+8pP8ynudK+PzPjFzUm1hDIZq1e48KfIboPSs6Qg3CmIr/To6Zbns=
x-served-by: cache-fra-eddf8230044-FRA
last-modified: Thu, 27 Jul 2023 15:38:24 UTC
server: nginx
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690614322.542234,VS0,VE1
etag: "bb5f04b123ced28ac9f15662fbe0831925962bd4"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 3
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 tr5
cdn.taboola.com/libtrc/ Frame 064A 3 B
79 B 22ms
22ms Image
text/html 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=cta_maxwidth2_var
Requested by: Host: pb.lihkg.com
URL: https://pb.lihkg.com/smj?theme=light&is_mobile=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230044-FRA
date: Sat, 29 Jul 2023 07:05:21 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1690614322.577296,VS0,VE0
x-cache: HIT
content-type: text/html
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H2 200 impl.20230727-6_b6-PR-59095-DEV-139861-cta-should-have-maxwidth-and-remove-itself-in-case-of-branding-o-35b7e9b98b3.js Show response
cdn.taboola.com/libtrc/ Frame 064A 791 KB
164 KB 34ms
33ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230727-6_b6-PR-59095-DEV-139861-cta-should-have-maxwidth-and-remove-itself-in-case-of-branding-o-35b7e9b98b3.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-lihkg/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 1e91d94290d21c9d51d2312b29960fea194b5f9b00464735e0b888fbce02bfdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-amz-version-id: DYcjvC1p5wo9CgM2ibpctLSlJcSScTqA
content-encoding: br
via: 1.1 varnish
date: Sat, 29 Jul 2023 07:05:21 GMT
x-amz-request-id: 7FN3XRKP8A0H8TJ4
age: 394
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 167606
x-amz-id-2: HyleTFAN9iqC6sqBXLdsTqXH+z9tcn2O2N0WfqG+47RlviD8KVh3jyOVJ8sDCKAPa5WyTRycTY0=
x-served-by: cache-fra-eddf8230044-FRA
last-modified: Thu, 27 Jul 2023 14:45:39 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690614322.578037,VS0,VE0
etag: "ccc9d7f791a4ac424d05a3ed441baae3"
vary: Accept-Encoding
content-type: application/javascript
abp: 85
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 29

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A67 42 B
63 B 69ms
69ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CSG2xXHWt5AgzCzI5OG9w-JWrZJmt0qTs_TDQG5eyx35GK7VktUyMEljRFoMuA3IRJtPVJKSym9UcSHhj-w7Qt4hfOy75blAZWgUhENJzaWUDsRuo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1690614320639&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690614320840&bpp=3&bdt=1422&idt=244&shv=r20230726&mjsv=m202307270201&ptt=9&saldr=aa&cookie=ID%3D90006be0ff5ee646-22b82cd402e30039%3AT%3D1690614319%3ART%3D1690614319%3AS%3DALNI_Mbtt5_Bju-QC21UG9SMj_yn-BIh7g&gpic=UID%3D00000d2a2423f995%3AT%3D1690614319%3ART%3D1690614319%3AS%3DALNI_MbG6jYjK_MV8XlEnZfoQjCL9_FFkw&correlator=2361311590456&frm=24&ife=1&pv=2&ga_vid=1416592483.1690614319&ga_sid=1690614321&ga_hid=1393956451&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=2503316152&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759842%2C44759875%2C31076481%2C31076576%2C44788442&oid=2&pvsid=3028226912030831&tmod=1624674545&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.gt3e0rlw9fri&fsb=1&dtd=261

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 07:05:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A67 0
20 B 68ms
68ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4711587023837794084&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 07:05:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5A67 85 KB
29 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29781
x-xss-protection: 0
server: cafe
etag: 4315658989838864570
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 29 Jul 2023 07:05:21 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 5A67 3 KB
1 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 21:10:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35688
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Aug 2023 21:10:33 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/ Frame 5A67 20 KB
8 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230726/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 03:48:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8293
x-xss-protection: 0
server: cafe
etag: 11502554701003060455
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 12 Aug 2023 03:48:30 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5A67 0
0 31ms
29ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSZRAgOQKgl9AuCrUxGUiMaAp9rxrgtb73uLwlZTYhUzwkdEEjhpi1yr1Fqx_96txSNMJCzRKzv8MGsK3OMb5C_J8DfeA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1690614320639&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690614320840&bpp=3&bdt=1422&idt=244&shv=r20230726&mjsv=m202307270201&ptt=9&saldr=aa&cookie=ID%3D90006be0ff5ee646-22b82cd402e30039%3AT%3D1690614319%3ART%3D1690614319%3AS%3DALNI_Mbtt5_Bju-QC21UG9SMj_yn-BIh7g&gpic=UID%3D00000d2a2423f995%3AT%3D1690614319%3ART%3D1690614319%3AS%3DALNI_MbG6jYjK_MV8XlEnZfoQjCL9_FFkw&correlator=2361311590456&frm=24&ife=1&pv=2&ga_vid=1416592483.1690614319&ga_sid=1690614321&ga_hid=1393956451&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=2503316152&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759842%2C44759875%2C31076481%2C31076576%2C44788442&oid=2&pvsid=3028226912030831&tmod=1624674545&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.gt3e0rlw9fri&fsb=1&dtd=261
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5A67 179 KB
57 KB 369ms
46ms Script
text/javascript 2a00:1450:4001:80b::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57355
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1690371356542162"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 Jul 2023 07:05:22 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C44F 624 B
242 B 60ms
58ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNURvAzI0FLHu996St7X85QZFenjDsnZjv99nIKwyf6FdYD4TXaAl3XljK7H0M3Icb3SwHap1nkD0ZYGyiRIAfmtfJHSbCXRF8aJFEYVAiRInMZ9sBuf6BlCoUfthXsySsHeS1pOIgwau9mJSo6OSTmqWeEZh4wa-CUqlhpv-uo0x5pQBSo

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1690614320639&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690614320840&bpp=3&bdt=1422&idt=244&shv=r20230726&mjsv=m202307270201&ptt=9&saldr=aa&cookie=ID%3D90006be0ff5ee646-22b82cd402e30039%3AT%3D1690614319%3ART%3D1690614319%3AS%3DALNI_Mbtt5_Bju-QC21UG9SMj_yn-BIh7g&gpic=UID%3D00000d2a2423f995%3AT%3D1690614319%3ART%3D1690614319%3AS%3DALNI_MbG6jYjK_MV8XlEnZfoQjCL9_FFkw&correlator=2361311590456&frm=24&ife=1&pv=2&ga_vid=1416592483.1690614319&ga_sid=1690614321&ga_hid=1393956451&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=2503316152&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759842%2C44759875%2C31076481%2C31076576%2C44788442&oid=2&pvsid=3028226912030831&tmod=1624674545&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.gt3e0rlw9fri&fsb=1&dtd=261
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 29 Jul 2023 07:05:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C44F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMpvsBMVZ2bRKuQWi6qdfF4&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMpvsBMVZ2bRKuQWi6qdfF4&google_cver=1&C=1

43 B
632 B

26ms
26ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMpvsBMVZ2bRKuQWi6qdfF4&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNURvAzI0FLHu996St7X85QZFenjDsnZjv99nIKwyf6FdYD4TXaAl3XljK7H0M3Icb3SwHap1nkD0ZYGyiRIAfmtfJHSbCXRF8aJFEYVAiRInMZ9sBuf6BlCoUfthXsySsHeS1pOIgwau9mJSo6OSTmqWeEZh4wa-CUqlhpv-uo0x5pQBSo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Jul 2023 07:05:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Sat, 29 Jul 2023 07:05:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEMpvsBMVZ2bRKuQWi6qdfF4&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C44F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZMS6MugFoGQXSGsLUyMowQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMpvsBMVZ2bRKuQWi6qdfF4&google_cver=1

43 B
632 B

36ms
35ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMpvsBMVZ2bRKuQWi6qdfF4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNURvAzI0FLHu996St7X85QZFenjDsnZjv99nIKwyf6FdYD4TXaAl3XljK7H0M3Icb3SwHap1nkD0ZYGyiRIAfmtfJHSbCXRF8aJFEYVAiRInMZ9sBuf6BlCoUfthXsySsHeS1pOIgwau9mJSo6OSTmqWeEZh4wa-CUqlhpv-uo0x5pQBSo
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Jul 2023 07:05:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 07:05:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMpvsBMVZ2bRKuQWi6qdfF4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame C44F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMPNs81EXk72yVW_YZQ5nGU&google_cver=1

43 B
842 B

32ms
31ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEMPNs81EXk72yVW_YZQ5nGU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNURvAzI0FLHu996St7X85QZFenjDsnZjv99nIKwyf6FdYD4TXaAl3XljK7H0M3Icb3SwHap1nkD0ZYGyiRIAfmtfJHSbCXRF8aJFEYVAiRInMZ9sBuf6BlCoUfthXsySsHeS1pOIgwau9mJSo6OSTmqWeEZh4wa-CUqlhpv-uo0x5pQBSo

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 07:05:22 GMT
an-x-request-uuid: 62474e39-ba98-487b-8660-ab3b295572bc
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 37.58.58.251; 37.58.58.251; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 07:05:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEMPNs81EXk72yVW_YZQ5nGU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C44F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU2MTAxNzg2NDI4ODg2NjAyNw%3D%3D

170 B
243 B

28ms
27ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU2MTAxNzg2NDI4ODg2NjAyNw%3D%3D

Requested by

Protocol

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 07:05:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 29 Jul 2023 07:05:22 GMT
an-x-request-uuid: 050ead51-96c6-47e1-ab57-fc950b1ee0d1
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzU2MTAxNzg2NDI4ODg2NjAyNw%3D%3D
x-proxy-origin: 37.58.58.251; 37.58.58.251; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D430 0
0 63ms
63ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230726&jk=3028226912030831&bg=!wMOlw5fNAAZGOVy5Zjk7ADkAdvg8Wp69h92vdt7yPcB4LmmTxvd2ggfi_-eLsTcEhkjdXKw23VzJQvKMpqMZXmT0_mgpgLSkvYkCAAAAg1IAAAANaAEHmQK09kK0Ec7osJYLsG9JqZpci7NwdnkX35DID9dn8F2I65UeyylzE0-NWJyTV6BuynzJYXYEB6k6rxCorEgh1QOuQIvXbYY430dtHzaJe5hdeI6yu568TQ46eNI5LvddE7jZA2my76-unU_kBlf5Y6MsoNi_XCR66YtxPT2_X9rYuAO9I-cLo-QrlaWNqUOEoFuBhcyiuMGWAOfVxaeKwhi2Kbbi-6QsfJcmqjuPOqcytGTfGjZNuyD4pt_abFLVra9LN07jH4yjhEw6Z-NTS2g5_J_IOvsVKej0SrExN8JCuIIPthBxVOldS_X3d_nLMuel0-vuO4cpzD3tLs7U3KzfWJr17vnfGt8L7zVLAQamvXBIr9wurW-tZhlEPxakNZXJlfoX958ZZrZ7ma7nXUKnqBeBXPsq2RlItSabYeFOZKwKLhOO_Z9NtF2zWVEf0FMzv9lPZjQNPj53_tqncGXVMRq2P50k7BY7OgUimGyzx6exg8dUW6Z54J41t5jMtMk4jao3DAteLEKzaTjEsHx6eYRMydvBiNAbQujmKgLxVt72evT2QtjzA8McSHzDOA7Tx_QIN7NwZwW4xkddAiyajkXB26SExQZs98vLoGVns0FOI64ChJovOL9xHibIXK1Pg_WW6hZo3mo6lzeFiu_p0oo2yzXRpnBwtkEzKQDY1X0Vd7cz6pzJgb5UeAQ8X-ggx4zMuVWoPyPg7qHku0U7s_hzKJQDsWgNcf7Z5U-TB6nhElZ0U8Fvk5hU_hRdCsfwezMEX1PEThzQX9goSqgnEpmt7n-LKzf5bLumkOELVCzIlwj3tZLF1UlnRPcEQAeKbEKpdeXAYzIDuYjynWdeDuKyZo7Qx2fR9VSmLXo4Rr08loWzK43iVV2LO3mSeRB9ZlFQYLs2EdRP19GhFKlLpTLET6w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pb.lihkg.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A67 0
20 B 59ms
59ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9221078515724&version=m202306200101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 07:05:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5A67 0
20 B 58ms
57ms Ping
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9221078515724&version=m202306200101&ct=77&x=1&cor=4711587023837794000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 07:05:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 5A67 15 KB
11 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AxZ43UAW0Vl8j6Md-x0r06wwEMFZp_Ky6Fnr359oL-sTKLbm_xsWVZlpVutpqe153_DSlaq_R3WmgQqkd-PRfhaFp3ty7tf5RxTN3eZgCVRmhKjUtBwCD5M7lwiriWQ2yFpqaexNYlECzQirltUZlK7d_t3Bpkbg2Sbin9NSujy8QKDP8&cry=1&dbm_d=AKAmf-DF41CVi9ZJ_G8uCW36F37LuUZqA9iHtN2Z69AgmbFLlsUZ4aQVUO7PECZ7bRLnGbImhlIlSb5J7mCbx8d741UsFiQMyYCN9VE6-_tEtqBkPykICR1W5iuw_cabcjySTP6ItAkSGJ2IyaFj4A1M1UzcNBZCR67g6VjXtqe7o2h0ThMF3qqRph0MELVjhqT-CMSErjxPPuw44Zgk7uVEykdDP5wySAUR7_0B6ax61xk3JoLu7xpfS8rUjFKJOV-Q0TWGZoBLdXQP4DxN5JQ5vyCH8Ppc0fqBE1ivMB3ruOInxX6VnBRQWwjr0RrqqY6E6mvEqvbfEK3XUbmKiPgaEpgcpbZCUf7GBesVM24bec8gNIpH0BjKKoUKzCK1DFIKGHJlujl0ONhG621QV2J10e2gnsSLCN33hBLVz8wVC9_bJV4IW_Jcdwf6eCbgw9Kj0x_r8_5wsNlQCF97N85XZfYhoImv4zGK2oZN8ZpoOxhjYVco69I6dMiRM5D7LpqjU31W0NfmS-VMdPueuMi-jqjb4AmkW-G8BUrcT-nKr4a8NPOAYxqrU_9majf6Aa3_90ozj81uKP4NDXjCdk0v7Yavh_N9HqgN1qsEo16r5ck0HFBixKSF97SHKIJnRnx3EJDdGDbdK6AuCGK2QYHLY9nhTTNSl8NFm8UvY4VCruTYem_Zp6q7dEsdEHq0wIhU8Mk94TcgvZdRK1YuTe2RQBxO-2UlXRjkzzfa75wbJYClbGygJko4BYmMemra65lNFn7mjk6vmE3CEpXevMN7cSC0T5HWFsCMQ3zkLWLdLi4dz7rhVeVZ49P5VIfEguWagJ6NGkdZ2OHM4GCyCNGHu8ABhsBz-uff1cK4Ybq_hGK9enm5I529SOuAXUXVmPCs3n_5skbVvlq1-PS16mmiQU8_Bz0D8sCPomXtW986_7b9jKJ2J5-ROXklHLdtHsLxDb9VnqfvYGdI1iyehRFNqz2h_tuXuHXCDkbl53lBdpukHXWUFsIZpWnGoST6Kkuyqrg_cHSlMO21zkf-JqzbSWO483BztK7F-WfDTXCWUCeyrve8t7RWhwlmZfJwCYeRj5PrworJ7c2-xCt1CbcmxEx4LyGRwQksHD0f0ZDTru0eBThVXaGRRpFYty2mbZqRUnfW96A3BwpFrYZBiCm3_0t0VSyrolvlTxpZid0nuyXbP0A8Ct3IJw3MaQxPsf7w_w1_X5xdIxoxI76tLoPjNsGbgZF0P9ATqQltC_5fdeJXnbVTVnBPnX9WDxA9CEqwdlq7qIhCN3mjzf8o9LH9YNMvrSAtPiHV0udgVK0JT8lI_8wyuvCAz-QMgwdBfrebgtz6yM-frcFxcJysOTSXZFzMsaTdT-vud_LMAJXcN4ME1uePC5t293iVtIr0770HNedZFiGAwZBde3tftXpTrXX4UF94_93lLpqIOGZQ2a9f0C8ObgDM8OEZPEhrQYYRgJWneidozXQoQ5ScIAhpGk1o_ZeAs4YzBFEUIFAbTpQ9ozzXMJ4rA1YS6JuOADbEH31HE0YemH4jwd0YFA3Hg6ho4py14RbouhWDTPgI-TT4qnVh3ugcuqF3np2ykeUtSgzTQoVLXPKF8OJfvQ1rt28GSVF0okJWcX5evm_t79QL52gA5GwwRCpLfM-4CNhDZbSwpNfNg-UN3ZhAYxl-s5ElBLcxFCfWfWRBhJ8iLvd2ulLoU10qxzl7mpFksNPfaavf6QPhLsiywXak-HFtYNnm3XDBTIEIr7n_bV_h9A4ft1hWgMh5j_3ZKVVQxS5NQ4-BQXK6GBNhSoQeGXTBbnDGaEfsHCmZkMKyzkuMKDLpHBEaPGWtXCL5Vy3RN67BjOffJRyP34z9rnVb4dIi_fddEmPzJPnVcoac6oSYtPgMwawTNKyw5ZhBvAB9WJXyH6l7E89RD19JGQAgcw6ySUbEU2MjZRs9A_Y13AcuJjDKw334x9pS1I4zYZ6vzt-_5onST8ZUPTPDdI2cZtUzwcv7Dp3gA1M1iDbD3bLYlOqfT1pkTrd9EZwsy55ha_qtspN9OzJniC82qbt9ljPLqwZY8ifvcj4Zr3h-Vk0KEdn2nJQ4AMZHSBCUR_StAmdSrBvU5NZ-e4r_dFQ70SfuxrY2Ne6DDUxf1GW5op-B42aWEAaurnbyBYnpPOYj-w4hxQ02eFW0cueX8v7sWtsw9AHfOPF4i6F0btFP-oqidNnZ1JHtKm0JLiFQr_J9eG9Gtb0nojEm2iY8abrWIxE7JYDr1v4JVf6ptVZhNUseH9-vCur740WqoWUWYMo0bH9xu3Sy8MIplBJHZvjc701WhrkGJaKDOp6BXfINt3EX7_jCIjg-HJhX17snjXPysFCTxOWj4np_U8jzaoEFqLAcI35C0x4r7Rim7dtRk2YoCp928lzQVSYLwxWl6tyXcedrsXgN_6rzUNDV1o6wk8dA3OBuFSoqVa3NrbrDgWFbrhVECDqUiuF9naIMPAqSYglcrkn-cbWPvGIRZ19u_T_iXM02KhZdZ-zS6yvqKoxf0o2TLcbHy3PcbXn8Jf0p6fL0xAsvI3nxhHKROnJVsZWo2dJrj6spsWvqsmHF6Xc9UiawNjc95qvJC70dibcSuxQvVxCt5RAhOxisqqYaU5vvlJg-Rp5vdFjVffauUln84QU2la2iiP2NsRivq9NDM_25xXuH69_KGyFoi78L6CnWFaSl2D0dpNZrexCjCsUCyg-f1SyJ6voBqs4NOuglJ1cBMrY7SOllGWoq0NQDXZM5vDTrrxjMezPxyhPXcEzAPwy2gkXhqRPFi6I_vikHZfpZegQd33AffxDt_t9Obi54sdg7NpwrO0frlTXOuIcf6ExLLHQN1UUK55yQ1mzm-sBXPgmTwI4mQBj0V4P3P1c58dWsqyo6-gaTswGYpGn2v6-HlNJMzKRtMpPGNUNLU0wHKKWVSqt4U5NFMiL-NByLyYkLO2fUQ7IoBrQhDSt1XrYo6DnvFAqzlJnHawQN0MfXnNX_sWGQpeeHydYGCt9FMsPfb-iJG12ucvoQWszf-UKttUd2tKrGSp2CxV--YS9az-Sw2AEJlobi4Tvt5rKFNlF1B66445fEdyd18pu8VVjAbwXU6XlJp7Pa6d5nVTXPz-AJ9htbDCoO1Q7tftffrBIkgWNuI2cp04ySx9h-VYj0VXQ-3mgGmlfj2wINSxUZTX9_XF2YX-z-aGcGbJQ6ChxWZQCFnAGkcBY1o5hkmCNz2O5Z2s8huDCTdf1i9HS1f3MVPXox1VKvwdjZ2IdEcHHncITv2dR1tBFBPkhFeKjlYOCmNaBco71ho6MkNyKUdiHErccbDN9y0PpDuEYws-uAeAUFvY3xTibLPgsuZQZUxHFT-HfR58uGD2_SV2eYr1HqJIgjAZCyuQSszOsja_rARnKFL9eX3kKoWwGa2QK59Fo-d6IlGTtdWB6aGhDmSBWcFdJ4bhsrd6KSBJwrdgUJbAte_yOwuV8g1iZBgbPuNV1N4hPL84rHsOtnWbbWepBP7IbTY-c9gdUu-c0wMt4KWGb5gzxEeQ8OykPInRty21U0TKGvEoPYwLsn3uufD_StR38ZzJAs1dtqzL-iiNLpi_OPyHncdnZKolpXQCxaIOPULaAcaoz04SrUebDh3S3ShVjf&cid=CAQSPABpAlJWROCpX4nRjz69-J86dG4OiL-bdl2sqhFQhDEZjNhr_c_R3LX3LANR0EI23LrX5mfLmofBYSJXRxgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Flihkg.com&ds=l&xdt=1&iif=1&cor=4711587023837794000&adk=2124396030&idt=101&cac=0&dtd=14

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b6f81c31568843cd5a4ae37413b7b701390377b5e38c13028031b3d1a9e00a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1690614320639&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690614320840&bpp=3&bdt=1422&idt=244&shv=r20230726&mjsv=m202307270201&ptt=9&saldr=aa&cookie=ID%3D90006be0ff5ee646-22b82cd402e30039%3AT%3D1690614319%3ART%3D1690614319%3AS%3DALNI_Mbtt5_Bju-QC21UG9SMj_yn-BIh7g&gpic=UID%3D00000d2a2423f995%3AT%3D1690614319%3ART%3D1690614319%3AS%3DALNI_MbG6jYjK_MV8XlEnZfoQjCL9_FFkw&correlator=2361311590456&frm=24&ife=1&pv=2&ga_vid=1416592483.1690614319&ga_sid=1690614321&ga_hid=1393956451&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=2503316152&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759842%2C44759875%2C31076481%2C31076576%2C44788442&oid=2&pvsid=3028226912030831&tmod=1624674545&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.gt3e0rlw9fri&fsb=1&dtd=261
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 07:05:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11697
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5A67 41 KB
13 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AxZ43UAW0Vl8j6Md-x0r06wwEMFZp_Ky6Fnr359oL-sTKLbm_xsWVZlpVutpqe153_DSlaq_R3WmgQqkd-PRfhaFp3ty7tf5RxTN3eZgCVRmhKjUtBwCD5M7lwiriWQ2yFpqaexNYlECzQirltUZlK7d_t3Bpkbg2Sbin9NSujy8QKDP8&cry=1&dbm_d=AKAmf-DF41CVi9ZJ_G8uCW36F37LuUZqA9iHtN2Z69AgmbFLlsUZ4aQVUO7PECZ7bRLnGbImhlIlSb5J7mCbx8d741UsFiQMyYCN9VE6-_tEtqBkPykICR1W5iuw_cabcjySTP6ItAkSGJ2IyaFj4A1M1UzcNBZCR67g6VjXtqe7o2h0ThMF3qqRph0MELVjhqT-CMSErjxPPuw44Zgk7uVEykdDP5wySAUR7_0B6ax61xk3JoLu7xpfS8rUjFKJOV-Q0TWGZoBLdXQP4DxN5JQ5vyCH8Ppc0fqBE1ivMB3ruOInxX6VnBRQWwjr0RrqqY6E6mvEqvbfEK3XUbmKiPgaEpgcpbZCUf7GBesVM24bec8gNIpH0BjKKoUKzCK1DFIKGHJlujl0ONhG621QV2J10e2gnsSLCN33hBLVz8wVC9_bJV4IW_Jcdwf6eCbgw9Kj0x_r8_5wsNlQCF97N85XZfYhoImv4zGK2oZN8ZpoOxhjYVco69I6dMiRM5D7LpqjU31W0NfmS-VMdPueuMi-jqjb4AmkW-G8BUrcT-nKr4a8NPOAYxqrU_9majf6Aa3_90ozj81uKP4NDXjCdk0v7Yavh_N9HqgN1qsEo16r5ck0HFBixKSF97SHKIJnRnx3EJDdGDbdK6AuCGK2QYHLY9nhTTNSl8NFm8UvY4VCruTYem_Zp6q7dEsdEHq0wIhU8Mk94TcgvZdRK1YuTe2RQBxO-2UlXRjkzzfa75wbJYClbGygJko4BYmMemra65lNFn7mjk6vmE3CEpXevMN7cSC0T5HWFsCMQ3zkLWLdLi4dz7rhVeVZ49P5VIfEguWagJ6NGkdZ2OHM4GCyCNGHu8ABhsBz-uff1cK4Ybq_hGK9enm5I529SOuAXUXVmPCs3n_5skbVvlq1-PS16mmiQU8_Bz0D8sCPomXtW986_7b9jKJ2J5-ROXklHLdtHsLxDb9VnqfvYGdI1iyehRFNqz2h_tuXuHXCDkbl53lBdpukHXWUFsIZpWnGoST6Kkuyqrg_cHSlMO21zkf-JqzbSWO483BztK7F-WfDTXCWUCeyrve8t7RWhwlmZfJwCYeRj5PrworJ7c2-xCt1CbcmxEx4LyGRwQksHD0f0ZDTru0eBThVXaGRRpFYty2mbZqRUnfW96A3BwpFrYZBiCm3_0t0VSyrolvlTxpZid0nuyXbP0A8Ct3IJw3MaQxPsf7w_w1_X5xdIxoxI76tLoPjNsGbgZF0P9ATqQltC_5fdeJXnbVTVnBPnX9WDxA9CEqwdlq7qIhCN3mjzf8o9LH9YNMvrSAtPiHV0udgVK0JT8lI_8wyuvCAz-QMgwdBfrebgtz6yM-frcFxcJysOTSXZFzMsaTdT-vud_LMAJXcN4ME1uePC5t293iVtIr0770HNedZFiGAwZBde3tftXpTrXX4UF94_93lLpqIOGZQ2a9f0C8ObgDM8OEZPEhrQYYRgJWneidozXQoQ5ScIAhpGk1o_ZeAs4YzBFEUIFAbTpQ9ozzXMJ4rA1YS6JuOADbEH31HE0YemH4jwd0YFA3Hg6ho4py14RbouhWDTPgI-TT4qnVh3ugcuqF3np2ykeUtSgzTQoVLXPKF8OJfvQ1rt28GSVF0okJWcX5evm_t79QL52gA5GwwRCpLfM-4CNhDZbSwpNfNg-UN3ZhAYxl-s5ElBLcxFCfWfWRBhJ8iLvd2ulLoU10qxzl7mpFksNPfaavf6QPhLsiywXak-HFtYNnm3XDBTIEIr7n_bV_h9A4ft1hWgMh5j_3ZKVVQxS5NQ4-BQXK6GBNhSoQeGXTBbnDGaEfsHCmZkMKyzkuMKDLpHBEaPGWtXCL5Vy3RN67BjOffJRyP34z9rnVb4dIi_fddEmPzJPnVcoac6oSYtPgMwawTNKyw5ZhBvAB9WJXyH6l7E89RD19JGQAgcw6ySUbEU2MjZRs9A_Y13AcuJjDKw334x9pS1I4zYZ6vzt-_5onST8ZUPTPDdI2cZtUzwcv7Dp3gA1M1iDbD3bLYlOqfT1pkTrd9EZwsy55ha_qtspN9OzJniC82qbt9ljPLqwZY8ifvcj4Zr3h-Vk0KEdn2nJQ4AMZHSBCUR_StAmdSrBvU5NZ-e4r_dFQ70SfuxrY2Ne6DDUxf1GW5op-B42aWEAaurnbyBYnpPOYj-w4hxQ02eFW0cueX8v7sWtsw9AHfOPF4i6F0btFP-oqidNnZ1JHtKm0JLiFQr_J9eG9Gtb0nojEm2iY8abrWIxE7JYDr1v4JVf6ptVZhNUseH9-vCur740WqoWUWYMo0bH9xu3Sy8MIplBJHZvjc701WhrkGJaKDOp6BXfINt3EX7_jCIjg-HJhX17snjXPysFCTxOWj4np_U8jzaoEFqLAcI35C0x4r7Rim7dtRk2YoCp928lzQVSYLwxWl6tyXcedrsXgN_6rzUNDV1o6wk8dA3OBuFSoqVa3NrbrDgWFbrhVECDqUiuF9naIMPAqSYglcrkn-cbWPvGIRZ19u_T_iXM02KhZdZ-zS6yvqKoxf0o2TLcbHy3PcbXn8Jf0p6fL0xAsvI3nxhHKROnJVsZWo2dJrj6spsWvqsmHF6Xc9UiawNjc95qvJC70dibcSuxQvVxCt5RAhOxisqqYaU5vvlJg-Rp5vdFjVffauUln84QU2la2iiP2NsRivq9NDM_25xXuH69_KGyFoi78L6CnWFaSl2D0dpNZrexCjCsUCyg-f1SyJ6voBqs4NOuglJ1cBMrY7SOllGWoq0NQDXZM5vDTrrxjMezPxyhPXcEzAPwy2gkXhqRPFi6I_vikHZfpZegQd33AffxDt_t9Obi54sdg7NpwrO0frlTXOuIcf6ExLLHQN1UUK55yQ1mzm-sBXPgmTwI4mQBj0V4P3P1c58dWsqyo6-gaTswGYpGn2v6-HlNJMzKRtMpPGNUNLU0wHKKWVSqt4U5NFMiL-NByLyYkLO2fUQ7IoBrQhDSt1XrYo6DnvFAqzlJnHawQN0MfXnNX_sWGQpeeHydYGCt9FMsPfb-iJG12ucvoQWszf-UKttUd2tKrGSp2CxV--YS9az-Sw2AEJlobi4Tvt5rKFNlF1B66445fEdyd18pu8VVjAbwXU6XlJp7Pa6d5nVTXPz-AJ9htbDCoO1Q7tftffrBIkgWNuI2cp04ySx9h-VYj0VXQ-3mgGmlfj2wINSxUZTX9_XF2YX-z-aGcGbJQ6ChxWZQCFnAGkcBY1o5hkmCNz2O5Z2s8huDCTdf1i9HS1f3MVPXox1VKvwdjZ2IdEcHHncITv2dR1tBFBPkhFeKjlYOCmNaBco71ho6MkNyKUdiHErccbDN9y0PpDuEYws-uAeAUFvY3xTibLPgsuZQZUxHFT-HfR58uGD2_SV2eYr1HqJIgjAZCyuQSszOsja_rARnKFL9eX3kKoWwGa2QK59Fo-d6IlGTtdWB6aGhDmSBWcFdJ4bhsrd6KSBJwrdgUJbAte_yOwuV8g1iZBgbPuNV1N4hPL84rHsOtnWbbWepBP7IbTY-c9gdUu-c0wMt4KWGb5gzxEeQ8OykPInRty21U0TKGvEoPYwLsn3uufD_StR38ZzJAs1dtqzL-iiNLpi_OPyHncdnZKolpXQCxaIOPULaAcaoz04SrUebDh3S3ShVjf&cid=CAQSPABpAlJWROCpX4nRjz69-J86dG4OiL-bdl2sqhFQhDEZjNhr_c_R3LX3LANR0EI23LrX5mfLmofBYSJXRxgB&dv3_ver=m202306200101&rfl=https%3A%2F%2Flihkg.com&ds=l&xdt=1&iif=1&cor=4711587023837794000&adk=2124396030&idt=101&cac=0&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 05:44:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4834
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jul 2024 05:44:48 GMT

GET
H/1.1 200
OK wmoiqux43uzw Show response
hal9000.redintelligence.net/zone/ Frame 5A67 11 KB
4 KB 125ms
39ms Script
text/html 138.201.63.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1690614321275186&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx5PKMbrEZPLlEJKkkwPJiazQCKblvaBpvZOcp8kP8C4QASD-rZZQYJWyn4KwB8gBCakC5SMmYnF7sj6oAwHIA5sEqgT_AU_QtdLwXhFE049w7lfCBe1fKsQ9ytWjktQhE-rQlVcZ6nZBX-jOqNP5xPmyDF5eTs_MrRsLHbCvWYQKDaHaJcnnXI7hJPvEtltyZsWANcx9EQ7tswaxNzeVXCCMR7dl94FFNHs6gLGmiyDwIUtfyqUnjwVACctM-o1nfbHTYuueUOcrJIPMlChrXASyJfV_jGI2EfIWADlvTmNl9O9ME9f-jfLSZ29_cK0QadHZ19DGxuF42avib8VEtLEsStmC4xk4QPeikr6hcbslTSmgEyd4dJbCe-4YDz6R5bRziY_qB3lWnhAl_cu2T5m2spDOIEeP10CQDIwyoawckdOB3MAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWROCpX4nRjz69-J86dG4OiL-bdl2sqhFQhDEZjNhr_c_R3LX3LANR0EI23LrX5mfLmofBYSJXRxgB%26sig%3DAOD64_2weDBOYi2KpGxXBBv6FJwcVdEQWg%26client%3Dca-pub-1983042674979462%26dbm_c%3DAKAmf-CfXjMeSVWMs_Sb-Q3ITMBKc3gwN7pATlFqYSBorRd1fmfC-OkoQO_orS6ax1nrMLj5OCa6ITkY8_F4q-Abk5sgkw7R6xiFsk7jbL-bKvT_ol1g377SGLZsyKPl5Wl7K7wPC00thyQdRJrnYEdEdnasHjSMTj7_5SN1De4WStnR_Hx8xqc%26cry%3D1%26dbm_d%3DAKAmf-Anzbp2l4dHRIYYjUxc675-tfWMK_qLd-hfaVNOXBs6rhSW7YXyke5THG7avfHbo1_GHzCzxtrbdSdcWqxGeRytzUSajW4It_5t391IlOJ2OLXTuog2xqjQO3j0DPL8ooTinvJJ0B_EdMVJ6_KBBFMXV7BSXMya-8jfubiN9D3TV-EcUVp9O4OoIu7XIzK2h8Czpp9Q4n0HesRS4mX1a5FLtBatJzwQMBzGY37rw5Idm1yaOiJ56qGXphJpnKsgXLBSCka5EcaAb9sKkbcyDdv-7rDnborT2jiufZ2klZgkqtZR6mjsCKnp4Ipm-gSWT4daynuN4S_k-fVdLk8H6kuAzcowDtgIm4aHQPZaNVG1CU1vfxp1HNPR8KGnhCch2qTfxeva3d0glregpnhObUVG1IfIw3xnEBGzRvZ9d1I54V8-Swem5f0MmxNJ51wjIJUei04E8Cm9XOVWp0MY-ioG23XL-GITQzPRqu0rgv_9naEWu5vKkDVwtcaf1ouYOyInU9_f5z2ldAZfL-nRxDTqr5zp-Z4fLMJRPHaQvpbhpPk6AlU%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1690614320639&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690614320840&bpp=3&bdt=1422&idt=244&shv=r20230726&mjsv=m202307270201&ptt=9&saldr=aa&cookie=ID%3D90006be0ff5ee646-22b82cd402e30039%3AT%3D1690614319%3ART%3D1690614319%3AS%3DALNI_Mbtt5_Bju-QC21UG9SMj_yn-BIh7g&gpic=UID%3D00000d2a2423f995%3AT%3D1690614319%3ART%3D1690614319%3AS%3DALNI_MbG6jYjK_MV8XlEnZfoQjCL9_FFkw&correlator=2361311590456&frm=24&ife=1&pv=2&ga_vid=1416592483.1690614319&ga_sid=1690614321&ga_hid=1393956451&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=2503316152&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759842%2C44759875%2C31076481%2C31076576%2C44788442&oid=2&pvsid=3028226912030831&tmod=1624674545&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.gt3e0rlw9fri&fsb=1&dtd=261
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.145.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 1f8feb460ebd79b4e1d7333c978f7e18d339291cd73f86b361595fe807f2dd3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Date: Sat, 29 Jul 2023 07:05:22 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4130
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1F76 22 KB
8 KB 27ms
26ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 121803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 27 Jul 2023 21:15:19 GMT
expires: Fri, 26 Jul 2024 21:15:19 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F76 37 KB
14 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exXNUSsPja7e8iu35jrfljSpibGDl_1pyv4-G5NBtGM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Fri, 28 Jul 2023 22:08:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32232
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14592
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jul 2024 22:08:10 GMT

GET
H/1.1

200
OK

request.php Show response
hal900017.redintelligence.net/ Frame 5A67
Redirect Chain

https://hal900017.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=a01ab4be45&subid=&uid=20a60d8606c8352d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900017.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=a01ab4be45&subid=&uid=20a60d8606c8352d&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

406ms
96ms

Script
application/x-javascript

159.69.70.9

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=a01ab4be45&subid=&uid=20a60d8606c8352d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx5PKMbrEZPLlEJKkkwPJiazQCKblvaBpvZOcp8kP8C4QASD-rZZQYJWyn4KwB8gBCakC5SMmYnF7sj6oAwHIA5sEqgT_AU_QtdLwXhFE049w7lfCBe1fKsQ9ytWjktQhE-rQlVcZ6nZBX-jOqNP5xPmyDF5eTs_MrRsLHbCvWYQKDaHaJcnnXI7hJPvEtltyZsWANcx9EQ7tswaxNzeVXCCMR7dl94FFNHs6gLGmiyDwIUtfyqUnjwVACctM-o1nfbHTYuueUOcrJIPMlChrXASyJfV_jGI2EfIWADlvTmNl9O9ME9f-jfLSZ29_cK0QadHZ19DGxuF42avib8VEtLEsStmC4xk4QPeikr6hcbslTSmgEyd4dJbCe-4YDz6R5bRziY_qB3lWnhAl_cu2T5m2spDOIEeP10CQDIwyoawckdOB3MAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWROCpX4nRjz69-J86dG4OiL-bdl2sqhFQhDEZjNhr_c_R3LX3LANR0EI23LrX5mfLmofBYSJXRxgB%26sig%3DAOD64_2weDBOYi2KpGxXBBv6FJwcVdEQWg%26client%3Dca-pub-1983042674979462%26dbm_c%3DAKAmf-CfXjMeSVWMs_Sb-Q3ITMBKc3gwN7pATlFqYSBorRd1fmfC-OkoQO_orS6ax1nrMLj5OCa6ITkY8_F4q-Abk5sgkw7R6xiFsk7jbL-bKvT_ol1g377SGLZsyKPl5Wl7K7wPC00thyQdRJrnYEdEdnasHjSMTj7_5SN1De4WStnR_Hx8xqc%26cry%3D1%26dbm_d%3DAKAmf-Anzbp2l4dHRIYYjUxc675-tfWMK_qLd-hfaVNOXBs6rhSW7YXyke5THG7avfHbo1_GHzCzxtrbdSdcWqxGeRytzUSajW4It_5t391IlOJ2OLXTuog2xqjQO3j0DPL8ooTinvJJ0B_EdMVJ6_KBBFMXV7BSXMya-8jfubiN9D3TV-EcUVp9O4OoIu7XIzK2h8Czpp9Q4n0HesRS4mX1a5FLtBatJzwQMBzGY37rw5Idm1yaOiJ56qGXphJpnKsgXLBSCka5EcaAb9sKkbcyDdv-7rDnborT2jiufZ2klZgkqtZR6mjsCKnp4Ipm-gSWT4daynuN4S_k-fVdLk8H6kuAzcowDtgIm4aHQPZaNVG1CU1vfxp1HNPR8KGnhCch2qTfxeva3d0glregpnhObUVG1IfIw3xnEBGzRvZ9d1I54V8-Swem5f0MmxNJ51wjIJUei04E8Cm9XOVWp0MY-ioG23XL-GITQzPRqu0rgv_9naEWu5vKkDVwtcaf1ouYOyInU9_f5z2ldAZfL-nRxDTqr5zp-Z4fLMJRPHaQvpbhpPk6AlU%26adurl%3D&documentReferer=https%3A%2F%2Fpb.lihkg.com%2F&ancestorOrigins=https%3A%2F%2Fpb.lihkg.com%2Chttps%3A%2F%2Flihkg.com&random=6642668692102&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1983042674979462&output=html&h=280&slotname=9106605872%2F5521398132&adk=4228253406&adf=3279755399&pi=t.ma~as.9106605872%2F55213981_&w=336&format=336x280&url=https%3A%2F%2Flihkg.com%2F&ea=0&region=ad-1690614320639&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690614320840&bpp=3&bdt=1422&idt=244&shv=r20230726&mjsv=m202307270201&ptt=9&saldr=aa&cookie=ID%3D90006be0ff5ee646-22b82cd402e30039%3AT%3D1690614319%3ART%3D1690614319%3AS%3DALNI_Mbtt5_Bju-QC21UG9SMj_yn-BIh7g&gpic=UID%3D00000d2a2423f995%3AT%3D1690614319%3ART%3D1690614319%3AS%3DALNI_MbG6jYjK_MV8XlEnZfoQjCL9_FFkw&correlator=2361311590456&frm=24&ife=1&pv=2&ga_vid=1416592483.1690614319&ga_sid=1690614321&ga_hid=1393956451&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=288&ifk=2503316152&scr_x=-12245933&scr_y=-12245933&eid=44759926%2C44759842%2C44759875%2C31076481%2C31076576%2C44788442&oid=2&pvsid=3028226912030831&tmod=1624674545&uas=0&nvt=1&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C288&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.gt3e0rlw9fri&fsb=1&dtd=261
Protocol: HTTP/1.1
Server: 159.69.70.9 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 4ccd9349f5389b8a919b21b78a58b65ef25c20ec8be9b4b116e4fea03d8606b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Jul 2023 07:05:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 70673400020256804444994012400017
Connection: close
Content-Length: 1362
Expires: Sat, 29 Jul 2023 08:05:22 +0200

Redirect headers

Pragma: no-cache
Date: Sat, 29 Jul 2023 07:05:22 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=a01ab4be45&subid=&uid=20a60d8606c8352d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx5PKMbrEZPLlEJKkkwPJiazQCKblvaBpvZOcp8kP8C4QASD-rZZQYJWyn4KwB8gBCakC5SMmYnF7sj6oAwHIA5sEqgT_AU_QtdLwXhFE049w7lfCBe1fKsQ9ytWjktQhE-rQlVcZ6nZBX-jOqNP5xPmyDF5eTs_MrRsLHbCvWYQKDaHaJcnnXI7hJPvEtltyZsWANcx9EQ7tswaxNzeVXCCMR7dl94FFNHs6gLGmiyDwIUtfyqUnjwVACctM-o1nfbHTYuueUOcrJIPMlChrXASyJfV_jGI2EfIWADlvTmNl9O9ME9f-jfLSZ29_cK0QadHZ19DGxuF42avib8VEtLEsStmC4xk4QPeikr6hcbslTSmgEyd4dJbCe-4YDz6R5bRziY_qB3lWnhAl_cu2T5m2spDOIEeP10CQDIwyoawckdOB3MAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWROCpX4nRjz69-J86dG4OiL-bdl2sqhFQhDEZjNhr_c_R3LX3LANR0EI23LrX5mfLmofBYSJXRxgB%26sig%3DAOD64_2weDBOYi2KpGxXBBv6FJwcVdEQWg%26client%3Dca-pub-1983042674979462%26dbm_c%3DAKAmf-CfXjMeSVWMs_Sb-Q3ITMBKc3gwN7pATlFqYSBorRd1fmfC-OkoQO_orS6ax1nrMLj5OCa6ITkY8_F4q-Abk5sgkw7R6xiFsk7jbL-bKvT_ol1g377SGLZsyKPl5Wl7K7wPC00thyQdRJrnYEdEdnasHjSMTj7_5SN1De4WStnR_Hx8xqc%26cry%3D1%26dbm_d%3DAKAmf-Anzbp2l4dHRIYYjUxc675-tfWMK_qLd-hfaVNOXBs6rhSW7YXyke5THG7avfHbo1_GHzCzxtrbdSdcWqxGeRytzUSajW4It_5t391IlOJ2OLXTuog2xqjQO3j0DPL8ooTinvJJ0B_EdMVJ6_KBBFMXV7BSXMya-8jfubiN9D3TV-EcUVp9O4OoIu7XIzK2h8Czpp9Q4n0HesRS4mX1a5FLtBatJzwQMBzGY37rw5Idm1yaOiJ56qGXphJpnKsgXLBSCka5EcaAb9sKkbcyDdv-7rDnborT2jiufZ2klZgkqtZR6mjsCKnp4Ipm-gSWT4daynuN4S_k-fVdLk8H6kuAzcowDtgIm4aHQPZaNVG1CU1vfxp1HNPR8KGnhCch2qTfxeva3d0glregpnhObUVG1IfIw3xnEBGzRvZ9d1I54V8-Swem5f0MmxNJ51wjIJUei04E8Cm9XOVWp0MY-ioG23XL-GITQzPRqu0rgv_9naEWu5vKkDVwtcaf1ouYOyInU9_f5z2ldAZfL-nRxDTqr5zp-Z4fLMJRPHaQvpbhpPk6AlU%26adurl%3D&documentReferer=https%3A%2F%2Fpb.lihkg.com%2F&ancestorOrigins=https%3A%2F%2Fpb.lihkg.com%2Chttps%3A%2F%2Flihkg.com&random=6642668692102&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Sat, 29 Jul 2023 08:05:22 +0200

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F76 0
20 B 64ms
63ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfprtMrrEZK_SAc3QgQfUhp4oAAAAADgB4AQC&bg=!eXqlei7NAAZGOVy5Zjk7ADkAdvg8WlFQS1iDqNbFJu3_dvcZiIww9-egD-CnHd1mOAsLcy_74dk-1lgb6070QltAngG3cQzaF2oCAAAAUlIAAAAHaAEHCgBR2Ywj5oKNrumWcOI1Zwb1qtGz6sVbf2Lcrc466B2ZToLjh3MLD99XCU1HxpYF0Ju4CKyT-V6o7zPwfeS22k_gCccsPsudwYIoMsTKf0q8aTGImQLbAIW55BI_cuNGA89D8Qe8uwTZ1iD5-_BtShp_2LfOHy8w7H5v3E4aShyRVx61-5aGYATgjxr8XYdqb6gpXyks-PHhrxCnkV29nXzfFGF57crj1SoX3gPsnun4gjlw_ozti74fw1qWsJBeW9gOqtoIWCpqk-gBiBgShTosUZTPLCVWejaTFGaBxdgOkXQ4BKXjWGmQXxY4_lrZboHwXk1OA8cFaVWZBrSrrGKR-6Mpn_8_J5jLaqJy0MtYumb5yS9WX-HsNRTtq07LcNtwkRO73DJE5uBi5i9ctVUIc8NCqsKK0_qBghrDmSbOKIB19Fyj2n6CFIMarqj6V6gHHNGFm9TULN3yP1ZSWMJzV-p1O8BIRexbnKcc9gy0s_-tneIS9GijXjJhLM1aT4DDJvw5B54E8AkycP5u3ELl8SnbcA9tFX_BYTIUvYxRn4oM0YM2T7bxUq8LUeQx-RVCHCnKnCL2XZK2xxpQAhfao5WFQ-R83DUQFI9jMbcshkk6LIO3mzueDWtutlfVj9uSl-6nxH2jhcJQ9TqqL5ZmRqnJJR-k9izuRyzPIndHIwuVQAX16lnFzqQRD_Ht2XR0h9AQssYYUmYvv9-NpJW5vW-xvMybomn4J8lFbc0QPyK6_Yh0XDJVn2tDi0v6wanPpeVvDoImfbxTJFXOX3HjiTbO2U8iiz8zLqtrWCB7wRm5RsNx0bzr_EWtmYyRtDFzsz0U0oXd0QOk7FTVW7jGv-F_pfD4zfEGhriZeJDwov4l6ioGW8w3BjqkPFT0cqex90jE2kj-BWVUAJflnwbCcVhETZh7V4pgyAyxXydlOHbykNUiKlfC-XdySjpVrXFZizxaMvwe4i3Z6llEB0LbxzQrm9eqAAS1rCO8ozTAK213lYUDxbXLvvBdl7D7H0T6O_695shEktMT_xNhPpKDWuCM3gbbiWSkvopAbVtXdIFBojIlEWRQzSvun-3dqPI

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 29 Jul 2023 07:05:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adv.office-partner.de/ Frame F72C 930 B
931 B 95ms
18ms Document
text/html 2a0b:4d07:102::1

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=a01ab4be45&subid=&uid=20a60d8606c8352d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx5PKMbrEZPLlEJKkkwPJiazQCKblvaBpvZOcp8kP8C4QASD-rZZQYJWyn4KwB8gBCakC5SMmYnF7sj6oAwHIA5sEqgT_AU_QtdLwXhFE049w7lfCBe1fKsQ9ytWjktQhE-rQlVcZ6nZBX-jOqNP5xPmyDF5eTs_MrRsLHbCvWYQKDaHaJcnnXI7hJPvEtltyZsWANcx9EQ7tswaxNzeVXCCMR7dl94FFNHs6gLGmiyDwIUtfyqUnjwVACctM-o1nfbHTYuueUOcrJIPMlChrXASyJfV_jGI2EfIWADlvTmNl9O9ME9f-jfLSZ29_cK0QadHZ19DGxuF42avib8VEtLEsStmC4xk4QPeikr6hcbslTSmgEyd4dJbCe-4YDz6R5bRziY_qB3lWnhAl_cu2T5m2spDOIEeP10CQDIwyoawckdOB3MAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWROCpX4nRjz69-J86dG4OiL-bdl2sqhFQhDEZjNhr_c_R3LX3LANR0EI23LrX5mfLmofBYSJXRxgB%26sig%3DAOD64_2weDBOYi2KpGxXBBv6FJwcVdEQWg%26client%3Dca-pub-1983042674979462%26dbm_c%3DAKAmf-CfXjMeSVWMs_Sb-Q3ITMBKc3gwN7pATlFqYSBorRd1fmfC-OkoQO_orS6ax1nrMLj5OCa6ITkY8_F4q-Abk5sgkw7R6xiFsk7jbL-bKvT_ol1g377SGLZsyKPl5Wl7K7wPC00thyQdRJrnYEdEdnasHjSMTj7_5SN1De4WStnR_Hx8xqc%26cry%3D1%26dbm_d%3DAKAmf-Anzbp2l4dHRIYYjUxc675-tfWMK_qLd-hfaVNOXBs6rhSW7YXyke5THG7avfHbo1_GHzCzxtrbdSdcWqxGeRytzUSajW4It_5t391IlOJ2OLXTuog2xqjQO3j0DPL8ooTinvJJ0B_EdMVJ6_KBBFMXV7BSXMya-8jfubiN9D3TV-EcUVp9O4OoIu7XIzK2h8Czpp9Q4n0HesRS4mX1a5FLtBatJzwQMBzGY37rw5Idm1yaOiJ56qGXphJpnKsgXLBSCka5EcaAb9sKkbcyDdv-7rDnborT2jiufZ2klZgkqtZR6mjsCKnp4Ipm-gSWT4daynuN4S_k-fVdLk8H6kuAzcowDtgIm4aHQPZaNVG1CU1vfxp1HNPR8KGnhCch2qTfxeva3d0glregpnhObUVG1IfIw3xnEBGzRvZ9d1I54V8-Swem5f0MmxNJ51wjIJUei04E8Cm9XOVWp0MY-ioG23XL-GITQzPRqu0rgv_9naEWu5vKkDVwtcaf1ouYOyInU9_f5z2ldAZfL-nRxDTqr5zp-Z4fLMJRPHaQvpbhpPk6AlU%26adurl%3D&documentReferer=https%3A%2F%2Fpb.lihkg.com%2F&ancestorOrigins=https%3A%2F%2Fpb.lihkg.com%2Chttps%3A%2F%2Flihkg.com&random=6642668692102&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 -, , ASN (),
Reverse DNS
Software: keycdn-engine /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Sat, 29 Jul 2023 07:05:23 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Sat, 05 Aug 2023 07:05:23 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn-engine
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame EE2D 0
0

GET
H2 200 link.html
track.webgains.com/ Frame 5A67 2 KB
2 KB 203ms
104ms Script
text/html 3.9.91.156

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=2513145&wgcampaignid=99582&js=1&viewref=70673400020256804444994012400017&nw=1
Requested by: Host: lihkg.com
URL: https://lihkg.com/thread/3257982/page/1?ref=web&post=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.9.91.156 -, , ASN (),
Reverse DNS
Software: nginx / PHP/7.4.26
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:23 GMT
last-modified: Sat, 29 Jul 2023 07:05:23 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sat, 29 Jul 2023 07:06:23 GMT

GET e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/epv/ Frame 5A67 0
0

GET e99aace94e6e58733936cdd965d03e75
pv.medialead.de/trck/eview/ Frame 5A67 0
0

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 5A67 43 B
702 B 179ms
100ms Image
image/gif 92.123.148.9

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2338577&v=11830&q=357066&r=296283&pref1=70673400020256804444994012400017&pv=1

Requested by

Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=a01ab4be45&subid=&uid=20a60d8606c8352d&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCx5PKMbrEZPLlEJKkkwPJiazQCKblvaBpvZOcp8kP8C4QASD-rZZQYJWyn4KwB8gBCakC5SMmYnF7sj6oAwHIA5sEqgT_AU_QtdLwXhFE049w7lfCBe1fKsQ9ytWjktQhE-rQlVcZ6nZBX-jOqNP5xPmyDF5eTs_MrRsLHbCvWYQKDaHaJcnnXI7hJPvEtltyZsWANcx9EQ7tswaxNzeVXCCMR7dl94FFNHs6gLGmiyDwIUtfyqUnjwVACctM-o1nfbHTYuueUOcrJIPMlChrXASyJfV_jGI2EfIWADlvTmNl9O9ME9f-jfLSZ29_cK0QadHZ19DGxuF42avib8VEtLEsStmC4xk4QPeikr6hcbslTSmgEyd4dJbCe-4YDz6R5bRziY_qB3lWnhAl_cu2T5m2spDOIEeP10CQDIwyoawckdOB3MAE64_8jvcD4AQDkAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBsBPMnNkS0BMA2BMDiBQB2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSPABpAlJWROCpX4nRjz69-J86dG4OiL-bdl2sqhFQhDEZjNhr_c_R3LX3LANR0EI23LrX5mfLmofBYSJXRxgB%26sig%3DAOD64_2weDBOYi2KpGxXBBv6FJwcVdEQWg%26client%3Dca-pub-1983042674979462%26dbm_c%3DAKAmf-CfXjMeSVWMs_Sb-Q3ITMBKc3gwN7pATlFqYSBorRd1fmfC-OkoQO_orS6ax1nrMLj5OCa6ITkY8_F4q-Abk5sgkw7R6xiFsk7jbL-bKvT_ol1g377SGLZsyKPl5Wl7K7wPC00thyQdRJrnYEdEdnasHjSMTj7_5SN1De4WStnR_Hx8xqc%26cry%3D1%26dbm_d%3DAKAmf-Anzbp2l4dHRIYYjUxc675-tfWMK_qLd-hfaVNOXBs6rhSW7YXyke5THG7avfHbo1_GHzCzxtrbdSdcWqxGeRytzUSajW4It_5t391IlOJ2OLXTuog2xqjQO3j0DPL8ooTinvJJ0B_EdMVJ6_KBBFMXV7BSXMya-8jfubiN9D3TV-EcUVp9O4OoIu7XIzK2h8Czpp9Q4n0HesRS4mX1a5FLtBatJzwQMBzGY37rw5Idm1yaOiJ56qGXphJpnKsgXLBSCka5EcaAb9sKkbcyDdv-7rDnborT2jiufZ2klZgkqtZR6mjsCKnp4Ipm-gSWT4daynuN4S_k-fVdLk8H6kuAzcowDtgIm4aHQPZaNVG1CU1vfxp1HNPR8KGnhCch2qTfxeva3d0glregpnhObUVG1IfIw3xnEBGzRvZ9d1I54V8-Swem5f0MmxNJ51wjIJUei04E8Cm9XOVWp0MY-ioG23XL-GITQzPRqu0rgv_9naEWu5vKkDVwtcaf1ouYOyInU9_f5z2ldAZfL-nRxDTqr5zp-Z4fLMJRPHaQvpbhpPk6AlU%26adurl%3D&documentReferer=https%3A%2F%2Fpb.lihkg.com%2F&ancestorOrigins=https%3A%2F%2Fpb.lihkg.com%2Chttps%3A%2F%2Flihkg.com&random=6642668692102&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

92.123.148.9 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 29 Jul 2023 07:05:23 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
H3 200 gtm.js
www.googletagmanager.com/ Frame F72C 117 KB
44 KB 44ms
43ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45517
x-xss-protection: 0
last-modified: Sat, 29 Jul 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 29 Jul 2023 07:05:23 GMT

GET
H3 200 js
www.googletagmanager.com/gtag/ Frame F72C 168 KB
0 31ms
30ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date: Sat, 29 Jul 2023 07:05:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88869
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 29 Jul 2023 07:05:23 GMT

GET pvClk.min.js
analytics.webgains.io/ Frame 5A67 0
0

GET 1x1_0.png
cdn.track.production.webgains.team/7121/ Frame 5A67 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: gocm.c.appier.net
URL: https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid

Domain: gocm.c.appier.net
URL: https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid

Domain: pv.medialead.de
URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=70673400020256804444994012400017&t=htlp&gdpr=1&consent=1&gdpr_consent=

Domain: pv.medialead.de
URL: https://pv.medialead.de/trck/epv/e99aace94e6e58733936cdd965d03e75?subid=70673400020256804444994012400017&t=htlp&gdpr=1&consent=1&gdpr_consent=

Domain: pv.medialead.de
URL: https://pv.medialead.de/trck/eview/e99aace94e6e58733936cdd965d03e75?subid=70673400020256804444994012400017&t=htlp&gdpr=1&consent=1&gdpr_consent=

Domain: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Domain: cdn.track.production.webgains.team
URL: https://cdn.track.production.webgains.team/7121/1x1_0.png?Expires=1690614623&Signature=jOh3IvVbgGU537jmEfSB87q-NqYApa3LPHtZSlH7qN7EfznXqNlX1dsuE7EzhKgCKK6kGlf2ruVF2a-gaex7J78V9~ZumXK2ETYyzSa-zh46hBw3pqQTldoR~j7EAGCy8WJhysKOBEKQPLqamdY6vKfVz9drtBEOLlQv5RNkrlnZYTpxqhBQdLuWsaEfOJ5QpXNIQqHoFWl4kK6s-pDXLVykItgBQuyHRzZpethICgT89~NvayHL1pUe4coPdN3WbNdD6Lfkf0w-TsENyIqyQs052WGjZfQxIZgg~BG6yA0wZUAeAtXaKd7qpelJNfveWZsDcQe9az0lBdzWEQUlCA__&Key-Pair-Id=K28VXAGA7VWE0O

Verdicts & Comments Add Verdict or Comment

62 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lihkg.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3kpk94gq4187lmc42qu2nc9rka
.lihkg.com/	1969-12-31 23:59:59	Name: __cfruid Value: 7b3beb9e9e8fc89217c7b2a0d6fed1630e6adaa6-1690614317
lihkg.com/	1970-01-20 14:20:06	Name: _pbjs_userid_consent_data Value: 3524755945110770
adv.lihkg.com/	1969-12-31 23:59:59	Name: OAGEO Value: 2%7CDE%7CEU%7C1%7C%7C%7C51.2993%7C9.491%7C100%7CEurope%2FBerlin%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C%7C
.lihkg.com/	1970-01-20 22:22:30	Name: cf_clearance Value: Jhl9H4YOE_dMRSosUWXaD7t8oDQt.G4ybKpejow6cco-1690614318-0-0.2.1690614318
.lihkg.com/	1970-01-20 13:36:56	Name: __cf_bm Value: f4pmntET94xqZj3amp9d2aDzl.WEGl1_x1qESs8XtNI-1690614318-0-AcjPNIrTn/Mlp7LBclXrxSwCc2nKOo9b9gy/vs5Qgmr42Oi5W4X8da1obhF/2oEkn6ENSYH7W5kc2pPIl/dKCDA=
.lihkg.com/	1969-12-31 23:59:59	Name: _cfuvid Value: r3byJ_5ob61i2M7kVn55jBsnTi.CxW5ESfM4cfqa6dc-1690614318536-0-604800000
.lihkg.com/	1970-01-20 23:12:54	Name: _ga Value: GA1.1.1416592483.1690614319
.lihkg.com/	1970-01-20 23:12:54	Name: _ga_PPY9Z37CCJ Value: GS1.1.1690614319.1.1.1690614319.0.0.0
.lihkg.com/	1970-01-20 23:12:54	Name: _ga_L8WS4GS6YR Value: GS1.1.1690614319.1.0.1690614319.0.0.0
pb.lihkg.com/	1970-01-20 14:20:06	Name: _pbjs_userid_consent_data Value: 3524755945110770
.criteo.com/	1970-01-20 22:58:30	Name: uid Value: d9525643-e3a0-4e54-8ded-0a48d6b96c99
.lihkg.com/	1970-01-20 22:58:30	Name: __gads Value: ID=90006be0ff5ee646-22b82cd402e30039:T=1690614319:RT=1690614319:S=ALNI_Mbtt5_Bju-QC21UG9SMj_yn-BIh7g
.lihkg.com/	1970-01-20 22:58:30	Name: __gpi Value: UID=00000d2a2423f995:T=1690614319:RT=1690614319:S=ALNI_MbG6jYjK_MV8XlEnZfoQjCL9_FFkw
.lihkg.com/	1970-01-20 22:58:30	Name: cto_bundle Value: N2CQBl83bnBuVnU3aXhTclBrd2ZESXZXRFVkbnY4WTJSYVJxdFJTWTMxTlA3TjZmZTJla0VOSTdUTWFHMkM1N3VrdmkyRGpwdE1iZXYxWnBMWDdPRng3VEZ0QzFRSGhLY0o0OGdLN2tvT2RLdXJESzNtcFJqcyUyQjlWSVlhQWZWOXY4TDRPRzNVZnBzNEQlMkZoQWl0b2N1Uk5JVVhBJTNEJTNE
adv.lihkg.com/	1970-01-20 22:22:30	Name: OAID Value: acc5ff6517fd2a5f417bfb9662943e96
.doubleclick.net/	1970-01-20 22:58:30	Name: IDE Value: AHWqTUk3tcVrjk2VDG6MX2_ebxWZVKNaTN3h26dl_Ld-c4HDwCgXhWlqOEsP5K83yTU
.adnxs.com/	1970-01-20 15:46:30	Name: uuid2 Value: 3561017864288866027
.doubleclick.net/	1970-01-20 17:56:06	Name: APC Value: Aa3gxNoVR5k-SFhOHeHRDF74Wtql62448_xIthGpLY4NS-_wvulpxA
.casalemedia.com/	1970-01-20 15:46:30	Name: CMPS Value: 3214
.casalemedia.com/	1970-01-20 15:46:30	Name: CMPRO Value: 3214
.adnxs.com/	1970-01-20 15:46:30	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In5eV9T+!]tbPl1M>e)ZlrFUfJ+tGXxo]N:$V<Xpi)+aT_uCKcS'%XT>!I[8/<eTIwMJ3If)y3KL9D3I?+Wt.qOP
.casalemedia.com/	1970-01-20 22:22:30	Name: CMID Value: ZMS6MugFoGQXSGsLUyMowgAA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid.ad.smaato.net/oapi/prebid Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.sitemaji.com
ads.yap.yahoo.com
adv.lihkg.com
adv.office-partner.de
analytics.webgains.io
cdn.jsdelivr.net
cdn.lihkg.com
cdn.taboola.com
cdn.track.production.webgains.team
cm.g.doubleclick.net
cpm.bidmyqps.xyz
dsum-sec.casalemedia.com
fonts.googleapis.com
geo.yahoo.com
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900017.redintelligence.net
hb.aralego.com
ib.adnxs.com
img.youtube.com
lihkg.com
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.lihkg.com
prebid.ad.smaato.net
pv.medialead.de
region1.google-analytics.com
s.yimg.com
securepubads.g.doubleclick.net
static.cloudflareinsights.com
static.criteo.net
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
analytics.webgains.io
cdn.track.production.webgains.team
gocm.c.appier.net
pv.medialead.de
138.201.63.145
142.250.186.98
151.101.193.44
159.69.70.9
162.210.196.208
178.250.7.13
185.80.39.216
2001:4860:4802:34::36
2606:4700::6810:3865
2606:4700::6810:5514
2606:4700::6811:d6c1
2a00:1288:110:c204::b000
2a00:1288:80:807::1
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a02:2638:3::c
2a02:2638:d::2
2a0b:4d07:102::1
3.9.91.156
35.186.215.140
37.252.171.52
54.216.69.247
77.245.57.72
87.248.100.136
92.123.148.9
02a0b6400997740d58c56092b87da7db00fe4a88b9edbd0c4269b79aa3a1f8cf
0542027378b29bc1e3370b034352034b92460928fae4561033227b0dea2d7d04
05b2def23d36dec3b886f467a18f87326b5765e287d9b483f0b9b6812fa31bf9
08db44d1b93268a2f3b72a2af31bcf207d87714f0f766792c49ed4ccdd2a0e80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cd8ed767fc6b46b1261f9394cca7c3fcae1b16f8cf21e4fdc9a5d5ca86ee8e3
0f631f231bee6defede8a2a442513beb65b14f35295c56bcaec1ef1a5a173b28
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1d533fa3a32a5a67dc45519a85bc430007e3c68bde21d01c5e67c2c8b3d4d2cf
1e91d94290d21c9d51d2312b29960fea194b5f9b00464735e0b888fbce02bfdb
1e9e9483dc8972e01d5f55bbade4cb00f0ad629dc73e7cfd1224ed2496108cc6
1f8feb460ebd79b4e1d7333c978f7e18d339291cd73f86b361595fe807f2dd3e
242b29a5976f86e5ee41348b262c1f227c542ab41b4d328058b2519dfe08c9ae
26dcad3ada09565d9d93453a45a22709b058f2939f2c4f04b49695e4fa7c27f7
2a461002f77d83338ab9aafd8bfd8cb6275f8f6af2ea6a4f8c040d2aad2130f9
2baf9a25c22e89a196e42843c0d547ad3cc326a2c1101c99d437817b831ef0b3
2ed2a584ee1368ea53d5ad19adcf8bd9aa9d260d1489a41f9ddcac11db82a4bb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3a16c8535955ecab958f2479011fe6d736d69c415fca0f045c1ab5f6defb39cc
3aaebb44fa7aff9f07c039c9678ca52b7a5277c15af947834950663fa31b5da5
3b6f81c31568843cd5a4ae37413b7b701390377b5e38c13028031b3d1a9e00a7
3e442e12133be70b81aac4a5d9b8591cd53961725377aeddf150303fd09a5380
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
466d53eb08c836732a59053a7b6f8a8bb1c9e8993f7c59547b9fa3fdd7f1e725
4911d1cc42e734d7ff839ebecc749804c1fb675f2bd496074c87c32429e17b3e
4b1a46106fd1a1ddf039f102e746861c90f6da3b4065aa901362503654335467
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5c05892bdce212e19d0503253b600faaeedca47fa2db97964d412c8c11934e
4ccd9349f5389b8a919b21b78a58b65ef25c20ec8be9b4b116e4fea03d8606b5
4d8175a51150550ffadbc8f026e26b4d8f72a87cab9db27392e989fce4da662e
4da135a3863894c4e002bb2564dc96a454bc043081333239cdeb5d7f72252fa9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa8aec37baab1861e13ee19ef1e8f379572ed567a42cbc25af45cafd1c6a374
4fb66cda8a7f6b544f761bba57abfdadd810eece869cc49f5c4fdb97eda7271c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52d464416aeccece2ae987f18fec263f17e9c8fa42c998941032e1cfd955c1e0
54e7b1cc4755ea6a4fa765be965f7ed7c57e490d78d539a1f09f82f073e08618
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
570042377e4281fd5ac99894af8c69866b1ce3063ea5263669f45df8d75a3d50
5b7d1e63e50218b22558bc94b9d37faac51551fcdb29a7390226a6669d24d8de
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
637551b631d826463bf8048da378ca46f55452b18fa5a94c4e33002c9789232d
72795186d79266a416eec36df560ccb20892d2b66f8f051ff9f3b3307b72f4bc
762bcbf05290682af932b29ee3c54d675e80830af07d80f5ca365730ba318086
7b15cd512b0f8daedef22bb7e63adf9634a989b18397fd69cafe3e1b9341b463
7b3502df02b06b781c53f30f27391d732f6b5e93503eb0c82fb986d5b0490dcc
80049bc10543e0e2fe1fc1b66570855de11c11da2023d5a914c57330d0188ff1
8543eee7ce49564643fa813ae7f87accf93f9a845c8c14aa0eb75c93ec0174bb
8840205721bb9d6fc72feac61276d5d4a1534a5c6cd379f8bb499172b7295ba0
8a40fc44931813ecfe54e364b4796515e500588bb85397524efc745cc1859eba
8ecb4fb492aee0a820dfc4a395fb80e2ac2e864bbf38aa1ae28d6d70fb9e6da3
8f03b94344821d98d8d849415345f53de7c9eb39fe0e5b4862eb1067332d7d79
904a56dd8ea11f7ff3aee2ccb4200f2a6ff362ff646eca70b2a973dbfeec9821
945c70f5db956c7ad2b1ac095c2b9367bd455ce0f8c78af7acec31e4db7b0b59
94e2294df57e775b3da8a4dfeaf427c81efa2a05f808229fcdd4f12646d8a2c7
964783a75f5a7ecc32d48da45cc6025af80e263d6ba6530dc62cc25865b2eb00
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a40bc7c42a924ebfb7c0bc286872aca8d62d090c27977c8f216306a521369828
a58f822cee1ab4f7b39fae5dae406d8ee6e29c6b3da17bffb038a2fb7e9388f7
a9489aa651161142fcb3c34ba6bbd9afd3be3a7ed0f7d576e6747808b435d912
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15446e3681c3d6823e15277d551ae72cbe039cabfd9b3fe7566385d6949a4d2
b79061721d5bff6017244edfae8d759856428814d3e0a5c96ddf81c62fc1a778
bb102dd118baa664f3e341180820bf8daaf721a447a37b765d161fc54becf112
bb4d609b5c3a5aec790f8937ce65e69f35303ddbe39cf3588af7bed8ed2a437e
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c2c77a12e95f74162527f4457cd7348d4ed8533be5409222473bc7b74fd15a28
cdafe1bee6bd0dd0553a6bf2ae3bd42b96df231a0a8caaa4dbf44a20d721a833
cee916756cf22f66a662991d92ffe638736ba18fc64a137c64ea88ba15435e9b
cf600bccf97c9bb7ba13a4f0c6f12acb1c7974cb8d8eee6a18e3ec10b424b4cd
d18956c21464cd32c3ce93f61bbb47b3e24d58ca2680702c7c84a37cdbacc54e
d531ee353b2e628d0735cacda425a3000ab2da5481ea441980a576896e6bd427
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dc608108001d4eb8499652edebc39a136bc140a9cff991a00b2587014ec28ced
e37efbbd9c8163c656be2228f1ae4bd48e55425ad6f399c8fbea9c3c85630aba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e829836e814d8fa0aad73ced4c6c3032c47b92e6312631d35d2ef94229a9ab3f
eb576e03eb610d3af28916b86aa93125748dd242d8449878ac22c61fe7dd9f4c
ebda714b0960b486684f8e18052d2eb1a7afb14dd5d1d87ebf705c1c4af06eb2
ee098897df3c6f95792830ecb2d723738f4f397aa5ca3695468330bfae26e9b4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e20d8f7e3ff4ac88bd039eca6b140ccfad3510688f02d77301b7f29ad6110e
fd9c4d4223ef299450bd46051c276889c4f1ac0ea3e509358f431102bb34f069
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

lihkg.com Open in urlscan Pro 2606:4700::6811:d6c1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

135 Requests

90 %HTTPS

58 %IPv6

31 Domains

40 Subdomains

34 IPs

6 Countries

2693 kBTransfer

9255 kBSize

23 Cookies

16 Outgoing links

Redirected requests

135 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lihkg.com Open in urlscan Pro
2606:4700::6811:d6c1 Public Scan

Screenshot
Live screenshot

Full Image

135
Requests

90 %
HTTPS

58 %
IPv6

31
Domains

40
Subdomains

34
IPs

6
Countries

2693 kB
Transfer

9255 kB
Size

23
Cookies

135 HTTP transactions
1 data transactions