pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev Open in urlscan Pro
2606:4700::6812:323 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Submission: On June 28 via api (June 28th 2024, 1:43:50 am UTC) from US — Scanned from DE

Summary HTTP 63 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 24 IPs in 7 countries across 19 domains to perform 63 HTTP transactions. The main IP is 2606:4700::6812:323, located in United States and belongs to CLOUDFLARENET, US. The main domain is pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev.
TLS certificate: Issued by E1 on June 3rd 2024. Valid for: 3 months.

This is the only time pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Email (Online)

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700::68... 2606:4700::6812:323	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	195.80.159.133 195.80.159.133	29152 (DECKNET-AS) (DECKNET-AS)
8	121.254.216.63 121.254.216.63	3786 (LGDACOM L...) (LGDACOM LG DACOM Corporation)
1	211.47.78.83 211.47.78.83	3786 (LGDACOM L...) (LGDACOM LG DACOM Corporation)
9	45.120.70.166 45.120.70.166	3786 (LGDACOM L...) (LGDACOM LG DACOM Corporation)
4	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:400... 2a04:4e42:400::649	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:bdf::60 2620:1ec:bdf::60	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
4	142.250.186.131 142.250.186.131	15169 (GOOGLE) (GOOGLE)
1 1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 3	142.250.185.164 142.250.185.164	15169 (GOOGLE) (GOOGLE)
1	172.217.16.142 172.217.16.142	15169 (GOOGLE) (GOOGLE)
1 2	13.74.129.1 13.74.129.1	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	104.211.35.148 104.211.35.148	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
63	24

10 2606:4700::6812:323 (United States)

ASN13335 (CLOUDFLARENET, US)

pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.80.159.133 (France)

ASN29152 (DECKNET-AS, FR)

l2.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 121.254.216.63 (Korea, Republic Of)

ASN3786 (LGDACOM LG DACOM Corporation, KR)

www.hiworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 211.47.78.83 (Korea, Republic Of)

ASN3786 (LGDACOM LG DACOM Corporation, KR)

static.gabia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 45.120.70.166 (Korea, Republic Of)

ASN3786 (LGDACOM LG DACOM Corporation, KR)

static.hiworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.11.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.164 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.74.129.1 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.211.35.148 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

y.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	hiworks.com www.hiworks.com static.hiworks.com	344 KB
10	r2.dev pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev	24 KB
6	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3125 www.google.com — Cisco Umbrella Rank: 5	150 B
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 743 c.clarity.ms — Cisco Umbrella Rank: 1434 y.clarity.ms — Cisco Umbrella Rank: 11938	28 KB
4	google.de www.google.de — Cisco Umbrella Rank: 8088	253 B
4	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 136 googleads.g.doubleclick.net — Cisco Umbrella Rank: 70	509 B
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	370 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1286 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3406	31 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 224	764 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 133	2 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	274 B
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 204	4 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 381	1 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 469	30 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 268	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 816	24 KB
1	gabia.com static.gabia.com	45 KB
1	l2.io l2.io — Cisco Umbrella Rank: 208697	230 B
63	19

	Domain	Requested by
10	pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev	pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
9	static.hiworks.com	pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
8	www.hiworks.com	pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev www.hiworks.com
4	www.google.de	pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
4	www.googletagmanager.com	pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev www.googletagmanager.com
3	www.google.com	1 redirects pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
3	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
3	region1.analytics.google.com	www.googletagmanager.com
2	y.clarity.ms	www.clarity.ms
2	c.clarity.ms	1 redirects
2	www.clarity.ms	pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev www.clarity.ms
1	c.bing.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	www.facebook.com	pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
1	connect.facebook.net	pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
1	cdn.jsdelivr.net	pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
1	stackpath.bootstrapcdn.com	pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
1	ajax.googleapis.com	pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
1	maxcdn.bootstrapcdn.com	pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
1	cdnjs.cloudflare.com	pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
1	code.jquery.com	pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
1	static.gabia.com	pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
1	l2.io	pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
63	25

This site contains links to these domains. Also see Links.

Domain
www.hiworks.com
customer.gabia.com

Subject Issuer	Validity	Valid
*.r2.dev E1	`2024-06-03` - `2024-09-01`	3 months	crt.sh
l2.io R3	`2024-05-04` - `2024-08-02`	3 months	crt.sh
*.hiworks.com GlobalSign RSA OV SSL CA 2018	`2023-06-27` - `2024-07-28`	a year	crt.sh
*.gabia.com GlobalSign RSA OV SSL CA 2018	`2024-05-09` - `2025-06-10`	a year	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-05-25` - `2024-08-23`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-04-06` - `2024-07-05`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-12-07` - `2024-12-07`	a year	crt.sh
*.googleadservices.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.de WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Frame ID: C4B0A11B72CEE055DA0B91519B507923
Requests: 63 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

하이웍스 - 시장 점유율 1위 클라우드 그룹웨어

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

63
Requests

97 %
HTTPS

50 %
IPv6

19
Domains

25
Subdomains

24
IPs

7
Countries

932 kB
Transfer

2374 kB
Size

18
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hiworks.com/

Search URL Search Domain Scan URL

URL: https://customer.gabia.com/manuals/detail.php?seq_no=2802
Title: 자세히보기

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1035763160/?random=1985299402&cv=11&fst=1719539025184&bg=ffffff&guid=ON&async=1&gtm=45be46q0z8810811039za201zb810811039&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev%2FHiworkss.html&label=75y1CM7wk5MBENj78e0D&hn=www.googleadservices.com&frm=0&tiba=%ED%95%98%EC%9D%B4%EC%9B%8D%EC%8A%A4%20-%20%EC%8B%9C%EC%9E%A5%20%EC%A0%90%EC%9C%A0%EC%9C%A8%201%EC%9C%84%20%ED%81%B4%EB%9D%BC%EC%9A%B0%EB%93%9C%20%EA%B7%B8%EB%A3%B9%EC%9B%A8%EC%96%B4&value=0&npa=1&pscdl=noapi&auid=1685273388.1719539025&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&eitems=ChAI8Jv0swYQkKmO9IyBqZFpEh0AbikSPHzHVShwRdZ4JuB-hTyfB_XdQU5itZbpLg&pscrd=IhMI0K6chpb9hgMVO4eDBx0dGQFRMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6NGh0dHBzOi8vcHViLTgxOGRlYmFhZTdlYzRhOGNiZDgyM2Y3YjliY2E2ZTIxLnIyLmRldi8 HTTP 302
https://www.google.com/pagead/1p-conversion/1035763160/?random=1985299402&cv=11&fst=1719539025184&bg=ffffff&guid=ON&async=1&gtm=45be46q0z8810811039za201zb810811039&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev%2FHiworkss.html&label=75y1CM7wk5MBENj78e0D&hn=www.googleadservices.com&frm=0&tiba=%ED%95%98%EC%9D%B4%EC%9B%8D%EC%8A%A4%20-%20%EC%8B%9C%EC%9E%A5%20%EC%A0%90%EC%9C%A0%EC%9C%A8%201%EC%9C%84%20%ED%81%B4%EB%9D%BC%EC%9A%B0%EB%93%9C%20%EA%B7%B8%EB%A3%B9%EC%9B%A8%EC%96%B4&value=0&npa=1&pscdl=noapi&auid=1685273388.1719539025&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI0K6chpb9hgMVO4eDBx0dGQFRMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6NGh0dHBzOi8vcHViLTgxOGRlYmFhZTdlYzRhOGNiZDgyM2Y3YjliY2E2ZTIxLnIyLmRldi8&is_vtc=1&cid=CAQSGwDaQooLfd2pE1B2tqyJrhu6MWemwBIL1TYx1w&eitems=ChAI8Jv0swYQkKmO9IyBqZFpEh0AbikSPHVbHEGbj1Fz_TUnvG7I-_g7GekOy-uIGg&random=3494884549 HTTP 302
https://www.google.de/pagead/1p-conversion/1035763160/?random=1985299402&cv=11&fst=1719539025184&bg=ffffff&guid=ON&async=1&gtm=45be46q0z8810811039za201zb810811039&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev%2FHiworkss.html&label=75y1CM7wk5MBENj78e0D&hn=www.googleadservices.com&frm=0&tiba=%ED%95%98%EC%9D%B4%EC%9B%8D%EC%8A%A4%20-%20%EC%8B%9C%EC%9E%A5%20%EC%A0%90%EC%9C%A0%EC%9C%A8%201%EC%9C%84%20%ED%81%B4%EB%9D%BC%EC%9A%B0%EB%93%9C%20%EA%B7%B8%EB%A3%B9%EC%9B%A8%EC%96%B4&value=0&npa=1&pscdl=noapi&auid=1685273388.1719539025&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI0K6chpb9hgMVO4eDBx0dGQFRMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6NGh0dHBzOi8vcHViLTgxOGRlYmFhZTdlYzRhOGNiZDgyM2Y3YjliY2E2ZTIxLnIyLmRldi8&is_vtc=1&cid=CAQSGwDaQooLfd2pE1B2tqyJrhu6MWemwBIL1TYx1w&eitems=ChAI8Jv0swYQkKmO9IyBqZFpEh0AbikSPHVbHEGbj1Fz_TUnvG7I-_g7GekOy-uIGg&random=3494884549&ipr=y

Request Chain 57

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C33662161BA144178B28B76CC195EE9F&RedC=c.clarity.ms&MXFR=32D6018D14CE6C9F0DE0152110CE6255 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C33662161BA144178B28B76CC195EE9F&MUID=2582D4FEED506E77014DC052EC826F55

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Hiworkss.html Show response
pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/ 23 KB
24 KB 195ms
73ms Document
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dcdb907804632d4cd2da6661b9bff6aba4fd9c12e2c37e8ff3b075f3a2ee96b1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

Accept-Ranges: bytes
CF-RAY: 89a9fc989e8ebb8f-FRA
Connection: keep-alive
Content-Length: 24006
Content-Type: text/html
Date: Fri, 28 Jun 2024 01:43:34 GMT
ETag: "25dfac5051ec8c4967b3a95b98f2a286"
Last-Modified: Mon, 27 May 2024 10:16:29 GMT
Server: cloudflare
Vary: Accept-Encoding

GET
H/1.1 200
OK ip.js Show response
l2.io/ 26 B
230 B 187ms
43ms Script
text/html 195.80.159.133
DECKNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://l2.io/ip.js?var=userip
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 195.80.159.133 , France, ASN29152 (DECKNET-AS, FR),
Reverse DNS
Software: Apache/2.4.38 (Debian) /
Resource Hash: 67a140b853b91bede1f5837eb1b3cf835514a2696cdedd275fc94f19ba7d2ac7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 01:43:34 GMT
Server: Apache/2.4.38 (Debian)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 26
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK common.css
www.hiworks.com/static/css/ 21 KB
21 KB 2066ms
295ms Stylesheet
text/css 121.254.216.63
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hiworks.com/static/css/common.css?v=0.2
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.254.216.63 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software: Apache /
Resource Hash: 53f0d8525c947b6cbfbfc47d1a962dad8fa756ca45ff30475af055b8f73f9221

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 01:43:36 GMT
Last-Modified: Wed, 20 Jun 2018 02:18:19 GMT
Server: Apache
ETag: "1d808f1-5357-56f09698a08e0"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 21335

GET
H/1.1 200
OK style.css
www.hiworks.com/static/css/ 114 KB
114 KB 1187ms
297ms Stylesheet
text/css 121.254.216.63
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hiworks.com/static/css/style.css?v=0.5
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.254.216.63 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software: Apache /
Resource Hash: 196ee3ccfd2a6296c42e44b0960d4ce7719da379c37e0373bc36f8e412294f8d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 01:43:35 GMT
Last-Modified: Tue, 30 Aug 2022 11:17:29 GMT
Server: Apache
ETag: "1d80947-1c61d-5e773869f0cb8"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 116253

GET
H/1.1 200
OK font-awesome.min.css
static.gabia.com/libs/font-awesome/5.0.8/ 45 KB
45 KB 1169ms
288ms Stylesheet
text/css 211.47.78.83
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.gabia.com/libs/font-awesome/5.0.8/font-awesome.min.css
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 211.47.78.83 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 32ef7444bb3ba6453ee7bbc8e535da39c5296db6bdb5edf815eaff58a4d5106a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 01:43:35 GMT
last-modified: Mon, 17 Jun 2024 04:48:54 GMT
server: nginx/1.18.0
etag: "666fc036-b204"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 45572
expires: Sun, 28 Jul 2024 01:43:35 GMT

GET
H/1.1 200
OK market.css
www.hiworks.com/static/css/ 47 KB
47 KB 2697ms
545ms Stylesheet
text/css 121.254.216.63
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hiworks.com/static/css/market.css
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.254.216.63 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software: Apache /
Resource Hash: 45c9f545bb04a5eecc32933469ca87ed4d27d7eaf0e8c9a4f6584d7132fa6ba8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 01:43:36 GMT
Last-Modified: Wed, 19 Aug 2020 11:47:44 GMT
Server: Apache
ETag: "1d8099f-ba54-5ad399262b5c8"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 47700

GET
H/1.1 200
OK market_new.css
www.hiworks.com/static/css/ 15 KB
15 KB 1199ms
296ms Stylesheet
text/css 121.254.216.63
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hiworks.com/static/css/market_new.css
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.254.216.63 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software: Apache /
Resource Hash: 4c6382c6a40fefa4507c77f1856b9c39fdfdd62c3cdd4bdf4a4f851c936a4378

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 01:43:35 GMT
Last-Modified: Thu, 01 Aug 2019 01:00:10 GMT
Server: Apache
ETag: "1d8099e-3cb7-58f03c375ac00"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 15543

GET
H/1.1 200
OK style_charge.css
www.hiworks.com/static/css/ 3 KB
3 KB 1181ms
292ms Stylesheet
text/css 121.254.216.63
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hiworks.com/static/css/style_charge.css
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.254.216.63 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software: Apache /
Resource Hash: 7010c1639834ecbd93cf215e3814748d1b24a583d3979e7babba722e0c4addf5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 01:43:35 GMT
Last-Modified: Fri, 18 Nov 2016 17:24:45 GMT
Server: Apache
ETag: "1d8095f-b65-54196950b5140"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 2917

GET
H/1.1 200
OK style_sass.css
www.hiworks.com/static/css/ 47 KB
48 KB 1216ms
303ms Stylesheet
text/css 121.254.216.63
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hiworks.com/static/css/style_sass.css
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.254.216.63 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software: Apache /
Resource Hash: 0b5371e67db946ceb53078ef77bd1f0c8be8d0bf93f7cb2468e8ffb3557af87d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 01:43:35 GMT
Last-Modified: Tue, 30 Aug 2022 11:17:10 GMT
Server: Apache
ETag: "1d8092c-bde5-5e773857e6e00"
Content-Type: text/css
Connection: close
Accept-Ranges: bytes
Content-Length: 48613

GET
H/1.1 200
OK common.css
static.hiworks.com/www/static/css/ 20 KB
6 KB 1177ms
304ms Stylesheet
text/css 45.120.70.166
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.hiworks.com/www/static/css/common.css
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.120.70.166 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software: nginx /
Resource Hash: 8bb0cc5911df076e765d29cc9caaf9f4da046d423c3f8ec4dd997a7d5ea7cb9a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 01:43:35 GMT
content-encoding: gzip
last-modified: Tue, 25 Jun 2024 09:25:31 GMT
server: nginx
etag: W/"667a8d0b-5183"
transfer-encoding: chunked
content-type: text/css
access-control-allow-origin: *

GET
H/1.1 200
OK style.css
static.hiworks.com/www/static/css/ 110 KB
29 KB 1464ms
590ms Stylesheet
text/css 45.120.70.166
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.hiworks.com/www/static/css/style.css
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.120.70.166 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software: nginx /
Resource Hash: fef4fe749d5926f8074bbb5cde301c3bcde657cfac5d5e8314a346eb2375af51

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 01:43:35 GMT
content-encoding: gzip
last-modified: Tue, 25 Jun 2024 09:25:31 GMT
server: nginx
etag: W/"667a8d0b-1b867"
transfer-encoding: chunked
content-type: text/css
access-control-allow-origin: *

GET
H/1.1 200
OK lbd_layout.css
static.hiworks.com/www/static/css/ 6 KB
2 KB 1184ms
294ms Stylesheet
text/css 45.120.70.166
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.hiworks.com/www/static/css/lbd_layout.css
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.120.70.166 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software: nginx /
Resource Hash: 0803739eebc841d24307a82d07fe51c1f1994ae5fbf8fc432bb73a993371ce85

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 01:43:35 GMT
content-encoding: gzip
last-modified: Tue, 25 Jun 2024 09:25:31 GMT
server: nginx
etag: W/"667a8d0b-173f"
transfer-encoding: chunked
content-type: text/css
access-control-allow-origin: *

GET
H/1.1 200
OK style_new.css
static.hiworks.com/www/static/css/ 116 KB
24 KB 1450ms
574ms Stylesheet
text/css 45.120.70.166
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.hiworks.com/www/static/css/style_new.css
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.120.70.166 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software: nginx /
Resource Hash: 3f6724db67af53c7cb922786a627014c8302e44f9ed8e7d8a41674df90387d1d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 01:43:35 GMT
content-encoding: gzip
last-modified: Tue, 25 Jun 2024 09:25:32 GMT
server: nginx
etag: W/"667a8d0c-1cf86"
transfer-encoding: chunked
content-type: text/css
access-control-allow-origin: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 324 KB
109 KB 103ms
40ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N86L2GL

Requested by

Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a9eac722b95245b2e289d0d3441c3acd940b4d6ae274ed42c9c439653883e38e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 01:43:34 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110856
x-xss-protection: 0
last-modified: Fri, 28 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jun 2024 01:43:34 GMT

GET
H/1.1 404
Not Found jquery-1.11.3.min.js
pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/static/js/ 0
0 61ms
57ms Script
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/static/js/jquery-1.11.3.min.js
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 01:43:34 GMT
Server: cloudflare
Connection: keep-alive
CF-RAY: 89a9fc992ef6bb8f-FRA
Content-Length: 27242
Vary: Accept-Encoding
Content-Type: text/html

GET
H/1.1 404
Not Found owl.carousel.js
pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/static/js/ 0
0 112ms
67ms Script
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/static/js/owl.carousel.js
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 01:43:34 GMT
Server: cloudflare
Connection: keep-alive
CF-RAY: 89a9fc9968e571d1-FRA
Content-Length: 27242
Vary: Accept-Encoding
Content-Type: text/html

GET
H/1.1 404
Not Found ui.js
pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/static/js/ 0
0 119ms
72ms Script
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/static/js/ui.js?v=2019010401
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 01:43:34 GMT
Server: cloudflare
Connection: keep-alive
CF-RAY: 89a9fc996c393a85-FRA
Content-Length: 27242
Vary: Accept-Encoding
Content-Type: text/html

GET
H/1.1 404
Not Found jquery.gabiaui-1.9.js
pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/static/js/ 0
0 115ms
66ms Script
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/static/js/jquery.gabiaui-1.9.js
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 01:43:34 GMT
Server: cloudflare
Connection: keep-alive
CF-RAY: 89a9fc9969ad1c20-FRA
Content-Length: 27242
Vary: Accept-Encoding
Content-Type: text/html

GET
H/1.1 404
Not Found Agreement.js
pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/static/js/ 0
0 120ms
69ms Script
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/static/js/Agreement.js?v=20180117
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 01:43:34 GMT
Server: cloudflare
Connection: keep-alive
CF-RAY: 89a9fc997e2818f9-FRA
Content-Length: 27242
Vary: Accept-Encoding
Content-Type: text/html

GET
H/1.1 404
Not Found Ajax.js
pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/static/js/ 0
0 137ms
87ms Script
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/static/js/Ajax.js
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 01:43:34 GMT
Server: cloudflare
Connection: keep-alive
CF-RAY: 89a9fc997b5f9764-FRA
Content-Length: 27242
Vary: Accept-Encoding
Content-Type: text/html

GET
H/1.1 404
Not Found Down.js
pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/static/js/ 0
0 133ms
73ms Script
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/static/js/Down.js?v=20190607
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 01:43:34 GMT
Server: cloudflare
Connection: keep-alive
CF-RAY: 89a9fc998f27bb8f-FRA
Content-Length: 27242
Vary: Accept-Encoding
Content-Type: text/html

GET
H/1.1 404
Not Found arr_wrong_office_id_js
pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/office/ 0
0 234ms
52ms Script
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/office/arr_wrong_office_id_js
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 01:43:34 GMT
Server: cloudflare
Connection: keep-alive
CF-RAY: 89a9fc9a4d4a4db5-FRA
Content-Length: 27242
Vary: Accept-Encoding
Content-Type: text/html

GET
H/1.1 404
Not Found Member.js
pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/static/js/ 0
0 241ms
59ms Script
text/html 2606:4700::6812:323
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/static/js/Member.js?v=201904173
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:323 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 01:43:34 GMT
Server: cloudflare
Connection: keep-alive
CF-RAY: 89a9fc9a4de3996e-FRA
Content-Length: 27242
Vary: Accept-Encoding
Content-Type: text/html

GET
H/1.1 200
OK logo.png
www.hiworks.com/static/images/ 4 KB
4 KB 1849ms
301ms Image
image/png 121.254.216.63
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hiworks.com/static/images/logo.png
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.254.216.63 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software: Apache /
Resource Hash: 4e25b0c44d9c4c5fa5a6786fa2124a250c159889a0c8f5dbddd9e07cbe3e1a3c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 01:43:37 GMT
Last-Modified: Thu, 25 Jun 2020 06:18:40 GMT
Server: Apache
ETag: "d427ee-fcb-5a8e2904ef068"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 4043

GET
H2 200 jquery-3.2.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 82ms
22ms Script
application/javascript 2a04:4e42:400::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.slim.min.js
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Origin: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 01:43:34 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4821636
x-cache: HIT, HIT
content-length: 23856
x-served-by: cache-lga21963-LGA, cache-fra-etou8220059-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1719539015.642884,VS0,VE0
etag: W/"28feccc0-10fdd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 13, 18760

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 127ms
30ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Origin: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 01:43:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 636873
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6157
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4af4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wWDGBDA%2BQOnBKSFfOEErVL2DC2KW%2BaSJYuEZnERtZSt%2BvF8DDV2nNkgVgHcDpGyTaknNvK0hoFP4G%2F4mEhqEYVLurKecYq0jFVpIqUUePoSvCp33XYAWky3mQE%2BxScdQnOq%2FH8LaeM2OXI9tV0E7biOs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 89a9fc9a580a2bb4-FRA
expires: Wed, 18 Jun 2025 01:43:34 GMT

GET
H3 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
15 KB 64ms
33ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.11.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Origin: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 01:43:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1048
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 169108
cdn-cachedat: 03/18/2024 12:46:36
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: ca11653092a378f42d317566a3dd7a48
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 89a9fc9a8a971a7d-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 80ms
23ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 20:27:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18984
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 20:27:10 GMT

GET
H3 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
16 KB 69ms
39ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 01:43:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 9181347
cdn-cachedat: 11/15/2021 23:30:00
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: a35b0179a28ed953258d0fb41376a09c
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 89a9fc9a8c5d974e-FRA
cdn-requestpullsuccess: True

GET
H2 200 jquery.session.min.js Show response
cdn.jsdelivr.net/npm/jquery.session@1.0.0/ 2 KB
1 KB 78ms
21ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/jquery.session@1.0.0/jquery.session.min.js

Requested by

Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

76ad6584ac5bdd459939dc7532fae7c2bdd8e22d773ff16d2306f42a1ffc569c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jun 2024 01:43:34 GMT
x-content-type-options: nosniff
content-encoding: br
age: 1873804
x-jsd-version: 1.0.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 840
x-served-by: cache-fra-etou8220115-FRA
x-jsd-version-type: version
etag: W/"91d-mUGbC+S4VCL/hIcOVNvYpS3G2rE"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK common.css
static.hiworks.com/www/static/css/ 20 KB
0 991ms
991ms Stylesheet
text/css 45.120.70.166
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.hiworks.com/www/static/css/common.css
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.120.70.166 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software: nginx /
Resource Hash: 8bb0cc5911df076e765d29cc9caaf9f4da046d423c3f8ec4dd997a7d5ea7cb9a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 28 Jun 2024 01:43:35 GMT
content-encoding: gzip
last-modified: Tue, 25 Jun 2024 09:25:31 GMT
server: nginx
etag: W/"667a8d0b-5183"
content-type: text/css

GET
H/1.1 200
OK style.css
static.hiworks.com/www/static/css/ 110 KB
0 1282ms
1282ms Stylesheet
text/css 45.120.70.166
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.hiworks.com/www/static/css/style.css
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.120.70.166 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software: nginx /
Resource Hash: fef4fe749d5926f8074bbb5cde301c3bcde657cfac5d5e8314a346eb2375af51

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 28 Jun 2024 01:43:35 GMT
content-encoding: gzip
last-modified: Tue, 25 Jun 2024 09:25:31 GMT
server: nginx
etag: W/"667a8d0b-1b867"
content-type: text/css

GET
H/1.1 200
OK lbd_layout.css
static.hiworks.com/www/static/css/ 6 KB
0 998ms
998ms Stylesheet
text/css 45.120.70.166
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.hiworks.com/www/static/css/lbd_layout.css
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.120.70.166 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software: nginx /
Resource Hash: 0803739eebc841d24307a82d07fe51c1f1994ae5fbf8fc432bb73a993371ce85

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 28 Jun 2024 01:43:35 GMT
content-encoding: gzip
last-modified: Tue, 25 Jun 2024 09:25:31 GMT
server: nginx
etag: W/"667a8d0b-173f"
content-type: text/css

GET
H/1.1 200
OK style_new.css
static.hiworks.com/www/static/css/ 116 KB
0 1263ms
1263ms Stylesheet
text/css 45.120.70.166
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.hiworks.com/www/static/css/style_new.css
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.120.70.166 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software: nginx /
Resource Hash: 3f6724db67af53c7cb922786a627014c8302e44f9ed8e7d8a41674df90387d1d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 28 Jun 2024 01:43:35 GMT
content-encoding: gzip
last-modified: Tue, 25 Jun 2024 09:25:32 GMT
server: nginx
etag: W/"667a8d0c-1cf86"
content-type: text/css

GET
H/1.1 200
OK style_sass.css
www.hiworks.com/static/css/ 47 KB
0 0ms
0ms Stylesheet
text/css 121.254.216.63
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hiworks.com/static/css/style_sass.css
Requested by: Host: www.hiworks.com
URL: https://www.hiworks.com/static/css/style.css?v=0.5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 121.254.216.63 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software: Apache /
Resource Hash: 0b5371e67db946ceb53078ef77bd1f0c8be8d0bf93f7cb2468e8ffb3557af87d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://www.hiworks.com/static/css/style.css?v=0.5
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 28 Jun 2024 01:43:35 GMT
Last-Modified: Tue, 30 Aug 2022 11:17:10 GMT
Server: Apache
Accept-Ranges: bytes
ETag: "1d8092c-bde5-5e773857e6e00"
Content-Length: 48613
Content-Type: text/css

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
106 KB 44ms
43ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BTDKH3XK25&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N86L2GL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e0bec267b7b189ecacc1004c8ccc91239d50ddf52a00bd614c6df4a6d06a8dbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 01:43:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108218
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 28 Jun 2024 01:43:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 195 KB
71 KB 40ms
40ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-48097933-4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N86L2GL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2df21d4d5ea0931483f7b64a6045ccc93af27dd8832374425c0e718079bb4b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 01:43:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72344
x-xss-protection: 0
last-modified: Fri, 28 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jun 2024 01:43:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 76ms
21ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N86L2GL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Jun 2024 01:41:01 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 164
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 28 Jun 2024 03:41:01 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 239 KB
85 KB 49ms
49ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1035763160&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N86L2GL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5f07a4a555c9dd0e6bb0008d5a02b524bdc47a53247b636d92c45a8b6fb87002

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 01:43:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 86976
x-xss-protection: 0
last-modified: Fri, 28 Jun 2024 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 Jun 2024 01:43:45 GMT

GET
H2 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
4 KB 65ms
20ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

755e64f124de018685cf0ecbc213e60c7908fa89c71f10791a938716eee50403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 28 Jun 2024 01:43:45 GMT
content-md5: gYVWZgEalLRCsG7gbtDo5w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2166
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=18, rtx=0, c=12, mss=1297, tbw=2805, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: C+xPFIgqTipKrbcURhFagBlHdVFyW3T9GQ09iyj7Z8j+s4SCDEvfRIa0tsIt6Nb4b+CZfsIZqMsQW88ZjS3akw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 4f42a0b8dff3690776e9bba7f3e45d52
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "15f0049db1eff42eb8bb32c91b14bc46"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Fri, 28 Jun 2024 02:00:26 GMT

GET
H2 200 guhcjh2doh Show response
www.clarity.ms/tag/ 1004 B
1 KB 208ms
113ms Script
application/x-javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/guhcjh2doh
Requested by: Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: b8e2af4ab470c80b9f5b7c5ed4e0f5f036fa0b414e654e000e17b698c61b1f8f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: -1
date: Fri, 28 Jun 2024 01:43:45 GMT
x-azure-ref: 20240628T014345Z-178b74c58859t227te7trw260000000003qg00000000apdn
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 1004
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 64ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1645390249013563&ev=PixelInitialized&dl=https%3A%2F%2Fpub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev%2FHiworkss.html&rl=&if=false&ts=1719539025172

Requested by

Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=19, rtx=0, c=10, mss=1297, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 28 Jun 2024 01:43:45 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/1035763160/ 3 KB
2 KB 90ms
40ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1035763160/?random=1719539025184&cv=11&fst=1719539025184&bg=ffffff&guid=ON&async=1&gtm=45be46q0z8810811039za201zb810811039&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev%2FHiworkss.html&label=75y1CM7wk5MBENj78e0D&hn=www.googleadservices.com&frm=0&tiba=%ED%95%98%EC%9D%B4%EC%9B%8D%EC%8A%A4%20-%20%EC%8B%9C%EC%9E%A5%20%EC%A0%90%EC%9C%A0%EC%9C%A8%201%EC%9C%84%20%ED%81%B4%EB%9D%BC%EC%9A%B0%EB%93%9C%20%EA%B7%B8%EB%A3%B9%EC%9B%A8%EC%96%B4&value=0&bttype=purchase&npa=1&pscdl=noapi&auid=1685273388.1719539025&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-1035763160&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

fecc15b7da5858bcc9457188fcb27e74b5f495f9fe316031ac6e2b4614bf4780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 01:43:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1820
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 84ms
30ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-BTDKH3XK25&gtm=45je46q0v884007829z8810811039za200zb810811039&_p=1719539025063&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=2038191741.1719539025&ecid=797926358&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&sid=1719539025&sct=1&seg=0&dl=https%3A%2F%2Fpub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev%2FHiworkss.html&dt=%ED%95%98%EC%9D%B4%EC%9B%8D%EC%8A%A4%20-%20%EC%8B%9C%EC%9E%A5%20%EC%A0%90%EC%9C%A0%EC%9C%A8%201%EC%9C%84%20%ED%81%B4%EB%9D%BC%EC%9A%B0%EB%93%9C%20%EA%B7%B8%EB%A3%B9%EC%9B%A8%EC%96%B4&_s=1&tfd=10869&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BTDKH3XK25&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 01:43:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 83ms
30ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-BTDKH3XK25&gtm=45je46q0v884007829z8810811039za200zb810811039&_p=1719539025063&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=2038191741.1719539025&ecid=797926358&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=2&sid=1719539025&sct=1&seg=0&dl=https%3A%2F%2Fpub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev%2FHiworkss.html&dt=%ED%95%98%EC%9D%B4%EC%9B%8D%EC%8A%A4%20-%20%EC%8B%9C%EC%9E%A5%20%EC%A0%90%EC%9C%A0%EC%9C%A8%201%EC%9C%84%20%ED%81%B4%EB%9D%BC%EC%9A%B0%EB%93%9C%20%EA%B7%B8%EB%A3%B9%EC%9B%A8%EC%96%B4&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=10870&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BTDKH3XK25&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 01:43:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 89ms
30ms Ping
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BTDKH3XK25&cid=2038191741.1719539025&gtm=45je46q0v884007829z8810811039za200zb810811039&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BTDKH3XK25&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 01:43:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 67ms
31ms Image
image/gif 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BTDKH3XK25&cid=2038191741.1719539025&gtm=45je46q0v884007829z8810811039za200zb810811039&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=1192333603

Requested by

Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 01:43:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
227 B 30ms
28ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1385930264&t=pageview&_s=1&dl=https%3A%2F%2Fpub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev%2FHiworkss.html&ul=de-de&de=UTF-8&dt=%ED%95%98%EC%9D%B4%EC%9B%8D%EC%8A%A4%20-%20%EC%8B%9C%EC%9E%A5%20%EC%A0%90%EC%9C%A0%EC%9C%A8%201%EC%9C%84%20%ED%81%B4%EB%9D%BC%EC%9A%B0%EB%93%9C%20%EA%B7%B8%EB%A3%B9%EC%9B%A8%EC%96%B4&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAgEABAAAAACAAI~&jid=1329570870&gjid=1081341122&cid=2038191741.1719539025&tid=UA-48097933-4&_gid=329186431.1719539025&_slc=1&gtm=45He46q0n81N86L2GLv810811039za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&npa=1&z=885979773

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 01:43:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
368 B 63ms
29ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-48097933-4&cid=2038191741.1719539025&jid=1329570870&gjid=1081341122&_gid=329186431.1719539025&npa=1&_u=YCDAgEABAAAAAGAAI~&z=1676330713

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jun 2024 01:43:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
69 B 29ms
28ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1385930264&t=pageview&_s=1&dl=https%3A%2F%2Fpub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev%2FHiworkss.html&ul=de-de&de=UTF-8&dt=%ED%95%98%EC%9D%B4%EC%9B%8D%EC%8A%A4%20-%20%EC%8B%9C%EC%9E%A5%20%EC%A0%90%EC%9C%A0%EC%9C%A8%201%EC%9C%84%20%ED%81%B4%EB%9D%BC%EC%9A%B0%EB%93%9C%20%EA%B7%B8%EB%A3%B9%EC%9B%A8%EC%96%B4&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAAUABAAAAAGAAI~&jid=207281038&gjid=1409794274&cid=2038191741.1719539025&tid=UA-48097933-4&_gid=329186431.1719539025&_r=1&gtm=457e46q0z8810811039za200zb810811039&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&jsscut=1&npa=1&z=1386664815

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 01:43:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1035763160/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1035763160/?random=1985299402&cv=11&fst=1719539025184&bg=ffffff&guid=ON&async=1&gtm=45be46q0z8810811039za201zb810811039&gcd=13l3l3l2...
https://www.google.com/pagead/1p-conversion/1035763160/?random=1985299402&cv=11&fst=1719539025184&bg=ffffff&guid=ON&async=1&gtm=45be46q0z8810811039za201zb810811039&gcd=13l3l3l2l1&dma_cps=sypham&dma...
https://www.google.de/pagead/1p-conversion/1035763160/?random=1985299402&cv=11&fst=1719539025184&bg=ffffff&guid=ON&async=1&gtm=45be46q0z8810811039za201zb810811039&gcd=13l3l3l2l1&dma_cps=sypham&dma=...

42 B
64 B

39ms
39ms

Image
image/gif

142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1035763160/?random=1985299402&cv=11&fst=1719539025184&bg=ffffff&guid=ON&async=1&gtm=45be46q0z8810811039za201zb810811039&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev%2FHiworkss.html&label=75y1CM7wk5MBENj78e0D&hn=www.googleadservices.com&frm=0&tiba=%ED%95%98%EC%9D%B4%EC%9B%8D%EC%8A%A4%20-%20%EC%8B%9C%EC%9E%A5%20%EC%A0%90%EC%9C%A0%EC%9C%A8%201%EC%9C%84%20%ED%81%B4%EB%9D%BC%EC%9A%B0%EB%93%9C%20%EA%B7%B8%EB%A3%B9%EC%9B%A8%EC%96%B4&value=0&npa=1&pscdl=noapi&auid=1685273388.1719539025&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI0K6chpb9hgMVO4eDBx0dGQFRMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6NGh0dHBzOi8vcHViLTgxOGRlYmFhZTdlYzRhOGNiZDgyM2Y3YjliY2E2ZTIxLnIyLmRldi8&is_vtc=1&cid=CAQSGwDaQooLfd2pE1B2tqyJrhu6MWemwBIL1TYx1w&eitems=ChAI8Jv0swYQkKmO9IyBqZFpEh0AbikSPHVbHEGbj1Fz_TUnvG7I-_g7GekOy-uIGg&random=3494884549&ipr=y

Requested by

Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html

Protocol

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 01:43:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 Jun 2024 01:43:45 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1035763160/?random=1985299402&cv=11&fst=1719539025184&bg=ffffff&guid=ON&async=1&gtm=45be46q0z8810811039za201zb810811039&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fpub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev%2FHiworkss.html&label=75y1CM7wk5MBENj78e0D&hn=www.googleadservices.com&frm=0&tiba=%ED%95%98%EC%9D%B4%EC%9B%8D%EC%8A%A4%20-%20%EC%8B%9C%EC%9E%A5%20%EC%A0%90%EC%9C%A0%EC%9C%A8%201%EC%9C%84%20%ED%81%B4%EB%9D%BC%EC%9A%B0%EB%93%9C%20%EA%B7%B8%EB%A3%B9%EC%9B%A8%EC%96%B4&value=0&npa=1&pscdl=noapi&auid=1685273388.1719539025&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=SA&capi=1&fmt=3&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECSixldmVudC1zb3VyY2UsIHRyaWdnZXIsIG5vdC1uYXZpZ2F0aW9uLXNvdXJjZVoDCgEBYgQKAgID&pscrd=IhMI0K6chpb9hgMVO4eDBx0dGQFRMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6NGh0dHBzOi8vcHViLTgxOGRlYmFhZTdlYzRhOGNiZDgyM2Y3YjliY2E2ZTIxLnIyLmRldi8&is_vtc=1&cid=CAQSGwDaQooLfd2pE1B2tqyJrhu6MWemwBIL1TYx1w&eitems=ChAI8Jv0swYQkKmO9IyBqZFpEh0AbikSPHVbHEGbj1Fz_TUnvG7I-_g7GekOy-uIGg&random=3494884549&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 31ms
31ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-48097933-4&cid=2038191741.1719539025&jid=207281038&gjid=1409794274&_gid=329186431.1719539025&npa=1&_u=YCDAAUABAAAAAGAAI~&z=24480690

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 28 Jun 2024 01:43:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.32/ 61 KB
26 KB 54ms
54ms Script
application/javascript 2620:1ec:bdf::60
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.32/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/guhcjh2doh
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 01:43:45 GMT
content-encoding: br
last-modified: Fri, 10 May 2024 17:30:20 GMT
etag: W/"0x8DC7116DE09E645"
vary: Accept-Encoding
x-azure-ref: 20240628T014345Z-178b74c58859t227te7trw260000000003qg00000000apdr
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 7c86e424-301e-0000-396b-c62edb000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28
x-fd-int-roxy-purgeid: 51562430

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 85ms
36ms Image
image/gif 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-48097933-4&cid=2038191741.1719539025&jid=1329570870&npa=1&_u=YCDAgEABAAAAAGAAI~&z=696142613

Requested by

Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 01:43:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 36ms
34ms Image
image/gif 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-48097933-4&cid=2038191741.1719539025&jid=1329570870&npa=1&_u=YCDAgEABAAAAAGAAI~&z=696142613

Requested by

Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 01:43:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 84ms
36ms Image
image/gif 142.250.185.164
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-48097933-4&cid=2038191741.1719539025&jid=207281038&npa=1&_u=YCDAAUABAAAAAGAAI~&z=856569037

Requested by

Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.164 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 01:43:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 42ms
40ms Image
image/gif 142.250.186.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-48097933-4&cid=2038191741.1719539025&jid=207281038&npa=1&_u=YCDAAUABAAAAAGAAI~&z=856569037

Requested by

Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 01:43:45 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 26ms
26ms Image
image/gif 172.217.16.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1385930264&t=event&ni=1&_s=2&dl=https%3A%2F%2Fpub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev%2FHiworkss.html&ul=de-de&de=UTF-8&dt=%ED%95%98%EC%9D%B4%EC%9B%8D%EC%8A%A4%20-%20%EC%8B%9C%EC%9E%A5%20%EC%A0%90%EC%9C%A0%EC%9C%A8%201%EC%9C%84%20%ED%81%B4%EB%9D%BC%EC%9A%B0%EB%93%9C%20%EA%B7%B8%EB%A3%B9%EC%9B%A8%EC%96%B4&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=1uecfb4&_u=aDDAgUABAAAAAGAAI~&jid=&gjid=&cid=2038191741.1719539025&tid=UA-48097933-4&_gid=329186431.1719539025&gtm=45He46q0n81N86L2GLv810811039za200&gcd=13l3l3l2l1&dma_cps=sypham&dma=1&tag_exp=0&cd3=https%3A%2F%2Fclarity.microsoft.com%2Fga%2Fguhcjh2doh%2F1omrf8w%2F1uecfb4&npa=1&z=896193893

Requested by

Host: pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Thu, 27 Jun 2024 15:50:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 35568
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=C33662161BA144178B28B76CC195EE9F&RedC=c.clarity.ms&MXFR=32D6018D14CE6C9F0DE0152110CE6255
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C33662161BA144178B28B76CC195EE9F&MUID=2582D4FEED506E77014DC052EC826F55

42 B
442 B

55ms
54ms

Image
image/gif

13.74.129.1
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C33662161BA144178B28B76CC195EE9F&MUID=2582D4FEED506E77014DC052EC826F55
Protocol: H2
Server: 13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 01:43:45 GMT
last-modified: Tue, 25 Jun 2024 19:30:12 GMT
server: Microsoft-IIS/10.0
etag: "7473f1936c7da1:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 28 Jun 2024 01:43:45 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D92C130179814A93BCA171F7A5BB2C74 Ref B: FRAEDGE2010 Ref C: 2024-06-28T01:43:45Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=C33662161BA144178B28B76CC195EE9F&MUID=2582D4FEED506E77014DC052EC826F55
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 204
No Content collect Show response
y.clarity.ms/ 0
307 B 354ms
113ms XHR
text/plain 104.211.35.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://y.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.211.35.148 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
Date: Fri, 28 Jun 2024 01:43:45 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

GET
H/1.1 200
OK favicon.ico
static.hiworks.com/www/static/images/favicon/ 31 KB
32 KB 570ms
570ms Other
image/x-icon 45.120.70.166
LGDACOM LG DACOM ...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.hiworks.com/www/static/images/favicon/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 45.120.70.166 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software: nginx /
Resource Hash: 644f0911d30b968d2d35e92e9225253012b358fac7f6005e756a9ddb84498679

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 28 Jun 2024 01:43:45 GMT
last-modified: Tue, 25 Jun 2024 09:25:32 GMT
server: nginx
accept-ranges: bytes
etag: "667a8d0c-7d26"
content-length: 32038
content-type: image/x-icon

POST
H/1.1 204
No Content collect Show response
y.clarity.ms/ 0
307 B 114ms
114ms XHR
text/plain 104.211.35.148
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://y.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.32/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.211.35.148 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/x-clarity-gzip
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Access-Control-Allow-Origin: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
Date: Fri, 28 Jun 2024 01:43:46 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:dfa4d45a-f309-4181-9ede-77e6e6c0ecf0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 29ms
28ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-BTDKH3XK25&gtm=45je46q0v884007829za200zb810811039&_p=1719539025063&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=2038191741.1719539025&ecid=797926358&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=3&sid=1719539025&sct=1&seg=0&dl=https%3A%2F%2Fpub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev%2FHiworkss.html&dt=%ED%95%98%EC%9D%B4%EC%9B%8D%EC%8A%A4%20-%20%EC%8B%9C%EC%9E%A5%20%EC%A0%90%EC%9C%A0%EC%9C%A8%201%EC%9C%84%20%ED%81%B4%EB%9D%BC%EC%9A%B0%EB%93%9C%20%EA%B7%B8%EB%A3%B9%EC%9B%A8%EC%96%B4&en=scroll&epn.percent_scrolled=90&_et=8&tfd=15878&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BTDKH3XK25&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 28 Jun 2024 01:43:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Email (Online)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/	1970-01-20 23:48:35	Name: _gcl_au Value: 1.1.1685273388.1719539025
pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/	1970-01-20 21:38:59	Name: __session:0.3864935219206007: Value: https:
.pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/	1970-01-21 07:14:59	Name: _ga_BTDKH3XK25 Value: GS1.1.1719539025.1.0.1719539025.60.0.797926358
.pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/	1970-01-21 07:14:59	Name: _ga Value: GA1.3.2038191741.1719539025
.pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/	1970-01-20 21:40:25	Name: _gid Value: GA1.3.329186431.1719539025
.pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/	1970-01-20 21:38:59	Name: _dc_gtm_UA-48097933-4 Value: 1
.pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/	1970-01-20 21:38:59	Name: _gat_gtag_UA_48097933_4 Value: 1
www.clarity.ms/	1970-01-21 06:24:35	Name: CLID Value: 8a077cb85c9a4940aea0636adc64354c.20240628.20250628
.doubleclick.net/	1970-01-20 21:38:59	Name: test_cookie Value: CheckForPermission
.pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/	1970-01-21 06:24:35	Name: _clck Value: 1omrf8w%7C2%7Cfn0%7C0%7C1640
.pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/	1970-01-20 21:40:25	Name: _clsk Value: 1uecfb4%7C1719539025832%7C1%7C1%7Cy.clarity.ms%2Fcollect
.bing.com/	1970-01-21 07:00:35	Name: MUID Value: 2582D4FEED506E77014DC052EC826F55
.c.bing.com/	1970-01-20 21:49:03	Name: MR Value: 0
.c.bing.com/	1970-01-21 07:00:35	Name: SRM_B Value: 2582D4FEED506E77014DC052EC826F55
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 07:00:35	Name: MUID Value: 2582D4FEED506E77014DC052EC826F55
.c.clarity.ms/	1970-01-20 21:49:03	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 21:38:59	Name: ANONCHK Value: 0

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/static/js/jquery-1.11.3.min.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/static/js/owl.carousel.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/static/js/jquery.gabiaui-1.9.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/static/js/ui.js?v=2019010401 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/static/js/Agreement.js?v=20180117 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/static/js/Down.js?v=20190607 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/static/js/Ajax.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
rendering	warning	URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html(Line 7) Message: The key "user-scaleable" is not recognized and ignored.
network	error	URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/office/arr_wrong_office_id_js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/static/js/Member.js?v=201904173 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
recommendation	verbose	URL: https://pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev/Hiworkss.html Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
c.bing.com
c.clarity.ms
cdn.jsdelivr.net
cdnjs.cloudflare.com
code.jquery.com
connect.facebook.net
googleads.g.doubleclick.net
l2.io
maxcdn.bootstrapcdn.com
pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev
region1.analytics.google.com
stackpath.bootstrapcdn.com
static.gabia.com
static.hiworks.com
stats.g.doubleclick.net
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.hiworks.com
y.clarity.ms
104.18.10.207
104.18.11.207
104.211.35.148
121.254.216.63
13.74.129.1
142.250.181.226
142.250.185.164
142.250.186.131
142.250.186.66
172.217.16.142
195.80.159.133
2001:4860:4802:32::36
211.47.78.83
2606:4700::6811:190e
2606:4700::6812:323
2620:1ec:bdf::60
2620:1ec:c11::237
2a00:1450:4001:806::2008
2a00:1450:4001:810::200e
2a00:1450:4001:82a::200a
2a00:1450:400c:c07::9b
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:400::485
2a04:4e42:400::649
45.120.70.166
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0803739eebc841d24307a82d07fe51c1f1994ae5fbf8fc432bb73a993371ce85
0b5371e67db946ceb53078ef77bd1f0c8be8d0bf93f7cb2468e8ffb3557af87d
196ee3ccfd2a6296c42e44b0960d4ce7719da379c37e0373bc36f8e412294f8d
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2df21d4d5ea0931483f7b64a6045ccc93af27dd8832374425c0e718079bb4b06
32ef7444bb3ba6453ee7bbc8e535da39c5296db6bdb5edf815eaff58a4d5106a
3f6724db67af53c7cb922786a627014c8302e44f9ed8e7d8a41674df90387d1d
45c9f545bb04a5eecc32933469ca87ed4d27d7eaf0e8c9a4f6584d7132fa6ba8
4c6382c6a40fefa4507c77f1856b9c39fdfdd62c3cdd4bdf4a4f851c936a4378
4e25b0c44d9c4c5fa5a6786fa2124a250c159889a0c8f5dbddd9e07cbe3e1a3c
53f0d8525c947b6cbfbfc47d1a962dad8fa756ca45ff30475af055b8f73f9221
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5ba7b351020430e304e1c38988858e13690202831484697551e56fed5826004e
5f07a4a555c9dd0e6bb0008d5a02b524bdc47a53247b636d92c45a8b6fb87002
644f0911d30b968d2d35e92e9225253012b358fac7f6005e756a9ddb84498679
67a140b853b91bede1f5837eb1b3cf835514a2696cdedd275fc94f19ba7d2ac7
7010c1639834ecbd93cf215e3814748d1b24a583d3979e7babba722e0c4addf5
755e64f124de018685cf0ecbc213e60c7908fa89c71f10791a938716eee50403
76ad6584ac5bdd459939dc7532fae7c2bdd8e22d773ff16d2306f42a1ffc569c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8bb0cc5911df076e765d29cc9caaf9f4da046d423c3f8ec4dd997a7d5ea7cb9a
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a9eac722b95245b2e289d0d3441c3acd940b4d6ae274ed42c9c439653883e38e
b8e2af4ab470c80b9f5b7c5ed4e0f5f036fa0b414e654e000e17b698c61b1f8f
dcdb907804632d4cd2da6661b9bff6aba4fd9c12e2c37e8ff3b075f3a2ee96b1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0bec267b7b189ecacc1004c8ccc91239d50ddf52a00bd614c6df4a6d06a8dbc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fecc15b7da5858bcc9457188fcb27e74b5f495f9fe316031ac6e2b4614bf4780
fef4fe749d5926f8074bbb5cde301c3bcde657cfac5d5e8314a346eb2375af51

pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev Open in urlscan Pro 2606:4700::6812:323 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

63 Requests

97 %HTTPS

50 %IPv6

19 Domains

25 Subdomains

24 IPs

7 Countries

932 kBTransfer

2374 kBSize

18 Cookies

2 Outgoing links

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pub-818debaae7ec4a8cbd823f7b9bca6e21.r2.dev Open in urlscan Pro
2606:4700::6812:323 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

97 %
HTTPS

50 %
IPv6

19
Domains

25
Subdomains

24
IPs

7
Countries

932 kB
Transfer

2374 kB
Size

18
Cookies

63 HTTP transactions
0 data transactions