urlscan.io logo urlscan.io
SecurityTrails logo

inews.hket.com Open in urlscan Pro
118.143.30.223  Public Scan

Go To Rescan Add Verdict Report
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Submission: On January 18 via api from TR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 55 IPs in 5 countries across 50 domains to perform 307 HTTP transactions. The main IP is 118.143.30.223, located in Central, Hong Kong and belongs to HUTCHISON-AS-AP HGC Global Communications Limited, HK. The main domain is inews.hket.com. The Cisco Umbrella rank of the primary domain is 306827.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 9th 2022. Valid for: a year.
This is the only time inews.hket.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 118.143.30.223 9304 (HUTCHISON...)
13 2600:9000:206... 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
27 2a00:1450:400... 15169 (GOOGLE)
8 65.9.66.92 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
37 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 118.143.30.165 9304 (HUTCHISON...)
9 2a03:2880:f02... 32934 (FACEBOOK)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
16 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
6 2a03:2880:f12... 32934 (FACEBOOK)
1 143.204.23.90 16509 (AMAZON-02)
1 3 143.204.215.7 16509 (AMAZON-02)
2 99.86.240.114 16509 (AMAZON-02)
8 2a00:1450:400... 15169 (GOOGLE)
26 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.222.214.13 16509 (AMAZON-02)
1 143.204.215.65 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
1 34.107.214.50 396982 (GOOGLE-CL...)
1 16.163.89.66 ()
2 2600:1901:0:7... ()
20 2606:4700:20:... 13335 (CLOUDFLAR...)
2 142.250.181.226 ()
1 2a02:26f0:f70... ()
2 34.117.33.6 ()
1 1 34.91.62.186 ()
3 24 142.250.185.226 ()
2 52.223.40.198 ()
1 98.98.134.243 ()
1 1 35.190.0.66 ()
2 2 52.212.129.166 ()
1 2 51.89.9.254 ()
2 4 23.203.125.36 ()
4 2a02:26f0:11a... ()
1 2 2620:116:800d... ()
1 2a02:fa8:8806... ()
2 2 151.101.2.49 ()
1 1 2a05:d018:d29... ()
3 3 213.155.156.180 ()
3 3 216.52.2.39 ()
2 2a00:1450:400... ()
2 2a00:1450:400... ()
1 2 2606:4700::68... ()
4 4 185.64.190.78 ()
1 1 18.156.0.31 ()
1 35.244.174.68 ()
2 2 104.111.217.14 ()
1 35.227.252.103 ()
1 1 69.173.144.138 ()
2 2 104.18.33.19 ()
3 69.16.175.10 ()
2 3.83.62.214 ()
1 2606:4700:20:... ()
2 213.254.244.25 ()
1 2a02:26f0:f70... ()
4 2606:4700:20:... ()
2 13.32.28.197 ()
307 55
1    118.143.30.223 (Central, Hong Kong)

ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK)
inews.hket.com
13    2600:9000:206f:200:19:debb:5bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static01-proxy.hket.com
7    2a00:1450:4001:801::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
27    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
8    65.9.66.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-92.fra56.r.cloudfront.net
static04.hket.com
2    2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
37    2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
2    118.143.30.165 (Central, Hong Kong)

ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK)
inlog01.hket.com
9    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
16    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
7    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
851367f547691d98e6d8be48752e6c5a.safeframe.googlesyndication.com
e1056743d6f65dd29dd2bd1d16e6e1d2.safeframe.googlesyndication.com
6    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    143.204.23.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-23-90.bog50.r.cloudfront.net
static.hotjar.com
3    143.204.215.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-7.fra53.r.cloudfront.net
sb.scorecardresearch.com
2    99.86.240.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-240-114.vie50.r.cloudfront.net
viselb01.hket.com
8    2a00:1450:400d:80e::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
26    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:400c:c0b::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    52.222.214.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-13.fra56.r.cloudfront.net
script.hotjar.com
1    143.204.215.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-65.fra53.r.cloudfront.net
vars.hotjar.com
10    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    34.107.214.50 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 50.214.107.34.bc.googleusercontent.com
sm1.selectmedia.asia
1    16.163.89.66 (None, )

ASN- ()
dw.hketgroup.com
2    2600:1901:0:76b9:: (None, )

ASN- ()
prod-rtb.ad4mat.net
20    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
2    142.250.181.226 (None, )

ASN- ()
googleads4.g.doubleclick.net
1    2a02:26f0:f700:4::212:4f0d (None, )

ASN- ()
tg1.selectmedia.asia
2    34.117.33.6 (None, )

ASN- ()
track-selectmedia.com
1    34.91.62.186 (None, )

ASN- ()
um.simpli.fi
24    142.250.185.226 (None, )

ASN- ()
cm.g.doubleclick.net
2    52.223.40.198 (None, )

ASN- ()
match.adsrvr.org
1    98.98.134.243 (None, )

ASN- ()
pixel-sync.sitescout.com
1    35.190.0.66 (None, )

ASN- ()
ads.travelaudience.com
2    52.212.129.166 (None, )

ASN- ()
match.360yield.com
2    51.89.9.254 (None, )

ASN- ()
onetag-sys.com
4    23.203.125.36 (None, )

ASN- ()
sync.teads.tv
4    2a02:26f0:11a::217:9a8a (None, )

ASN- ()
cdn.doubleverify.com
2    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (None, )

ASN- ()
cms.quantserve.com
1    2a02:fa8:8806:16::1400 (None, )

ASN- ()
dclk-match.dotomi.com
2    151.101.2.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    2a05:d018:d29:3605:dde3:6cb:7910:6ee0 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
3    213.155.156.180 (None, )

ASN- ()
d5p.de17a.com
3    216.52.2.39 (None, )

ASN- ()
ap.lijit.com
2    2a00:1450:4001:830::2002 (None, )

ASN- ()
adservice.google.de
2    2a00:1450:4001:801::200a (None, )

ASN- ()
ajax.googleapis.com
2    2606:4700::6812:18ad (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
4    185.64.190.78 (None, )

ASN- ()
image6.pubmatic.com
1    18.156.0.31 (None, )

ASN- ()
ups.analytics.yahoo.com
1    35.244.174.68 (None, )

ASN- ()
id.rlcdn.com
2    104.111.217.14 (None, )

ASN- ()
e.dlx.addthis.com
1    35.227.252.103 (None, )

ASN- ()
rtb.openx.net
1    69.173.144.138 (None, )

ASN- ()
pixel.rubiconproject.com
2    104.18.33.19 (None, )

ASN- ()
ssum-sec.casalemedia.com
3    69.16.175.10 (None, )

ASN- ()
player.aniview.com
rtbpass-us.andbeyond.media
2    3.83.62.214 (None, )

ASN- ()
track1.aniview.com
1    2606:4700:20::681a:71b (None, )

ASN- ()
static-de.ad4mat.net
2    213.254.244.25 (None, )

ASN- ()
tps.doubleverify.com
1    2a02:26f0:f700:4::212:4f0e (None, )

ASN- ()
play.selectmedia.asia
4    2606:4700:20::ac43:4a81 (None, )

ASN- ()
ad4m.at
2    13.32.28.197 (None, )

ASN- ()
c.amazon-adsystem.com
Apex Domain
Subdomains		 Transfer
56 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
pubads.g.doubleclick.net — Cisco Umbrella Rank: 418
stats.g.doubleclick.net — Cisco Umbrella Rank: 75
googleads4.g.doubleclick.net
cm.g.doubleclick.net
ad.doubleclick.net Failed
623 KB
49 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 108
08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 156
851367f547691d98e6d8be48752e6c5a.safeframe.googlesyndication.com
e1056743d6f65dd29dd2bd1d16e6e1d2.safeframe.googlesyndication.com
332 KB
37 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 280
484 KB
26 hket.com
inews.hket.com — Cisco Umbrella Rank: 306827
static01-proxy.hket.com — Cisco Umbrella Rank: 138862
static04.hket.com — Cisco Umbrella Rank: 294663
inlog01.hket.com — Cisco Umbrella Rank: 283234
viselb01.hket.com — Cisco Umbrella Rank: 166244
plus.hket.com Failed
1 MB
24 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 28836
ad4m.at
assets.ad4m.at
812 KB
12 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 70
55 KB
10 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
483 KB
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 22
region1.google-analytics.com — Cisco Umbrella Rank: 2439
21 KB
6 doubleverify.com
cdn.doubleverify.com
tps.doubleverify.com
223 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 114
31 KB
5 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 153
332 KB
4 aniview.com
player.aniview.com
track1.aniview.com
go1.aniview.com Failed
127 KB
4 pubmatic.com
image6.pubmatic.com
2 KB
4 teads.tv
sync.teads.tv
919 B
4 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 811
271 KB
4 google.de
adservice.google.de — Cisco Umbrella Rank: 8470
1 KB
4 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 427
ajax.googleapis.com
406 KB
3 lijit.com
ap.lijit.com
2 KB
3 de17a.com
d5p.de17a.com
923 B
3 ad4mat.net
prod-rtb.ad4mat.net
static-de.ad4mat.net
4 KB
3 selectmedia.asia
sm1.selectmedia.asia — Cisco Umbrella Rank: 29385
tg1.selectmedia.asia
play.selectmedia.asia
45 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 158
774 B
3 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 606
script.hotjar.com — Cisco Umbrella Rank: 725
vars.hotjar.com — Cisco Umbrella Rank: 866
73 KB
2 amazon-adsystem.com
c.amazon-adsystem.com
46 KB
2 casalemedia.com
ssum-sec.casalemedia.com
1 KB
2 addthis.com
e.dlx.addthis.com
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 yahoo.com
pr-bh.ybp.yahoo.com
ups.analytics.yahoo.com
1 KB
2 everesttech.net
sync-tm.everesttech.net
840 B
2 quantserve.com
cms.quantserve.com
795 B
2 onetag-sys.com
onetag-sys.com
490 B
2 360yield.com
match.360yield.com
792 B
2 adsrvr.org
match.adsrvr.org
529 B
2 track-selectmedia.com
track-selectmedia.com
466 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41
190 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 76
63 KB
1 andbeyond.media
rtbpass-us.andbeyond.media
176 KB
1 rubiconproject.com
pixel.rubiconproject.com
457 B
1 openx.net
rtb.openx.net
350 B
1 rlcdn.com
id.rlcdn.com
98 B
1 dotomi.com
dclk-match.dotomi.com
104 B
1 travelaudience.com
ads.travelaudience.com
551 B
1 sitescout.com
pixel-sync.sitescout.com
191 B
1 simpli.fi
um.simpli.fi
713 B
1 hketgroup.com
dw.hketgroup.com
0 geoedge.be Failed
wrappers.geoedge.be Failed
0 id5-sync.com Failed
cdn.id5-sync.com Failed
0 serv-selectmedia.com Failed
serv-selectmedia.com Failed
0 awin1.com Failed
www.awin1.com Failed
0 atdmt.com Failed
ad.atdmt.com Failed
307 50
Domain Requested by
37 s0.2mdn.net imasdk.googleapis.com
inews.hket.com
s0.2mdn.net
27 securepubads.g.doubleclick.net static01-proxy.hket.com
securepubads.g.doubleclick.net
inews.hket.com
www.googletagservices.com
26 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
inews.hket.com
24 cm.g.doubleclick.net 3 redirects 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
16 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
www.googletagservices.com
13 static01-proxy.hket.com inews.hket.com
10 www.googletagservices.com securepubads.g.doubleclick.net
08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
8 assets.ad4m.at as.ad4m.at
8 ad4m.at as.ad4m.at
ad4m.at
8 as.ad4m.at 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
as.ad4m.at
ad4m.at
8 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
8 static04.hket.com inews.hket.com
7 www.google.com inews.hket.com
tpc.googlesyndication.com
08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
6 www.facebook.com connect.facebook.net
5 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com securepubads.g.doubleclick.net
5 connect.facebook.net inews.hket.com
connect.facebook.net
5 adservice.google.com imasdk.googleapis.com
securepubads.g.doubleclick.net
4 image6.pubmatic.com 4 redirects
4 cdn.doubleverify.com s0.2mdn.net
inews.hket.com
4 sync.teads.tv 2 redirects 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
4 static.xx.fbcdn.net www.facebook.com
4 adservice.google.de securepubads.g.doubleclick.net
3 ap.lijit.com 3 redirects
3 d5p.de17a.com 3 redirects
3 sb.scorecardresearch.com 1 redirects
2 c.amazon-adsystem.com inews.hket.com
c.amazon-adsystem.com
2 tps.doubleverify.com cdn.doubleverify.com
2 track1.aniview.com inews.hket.com
2 player.aniview.com tg1.selectmedia.asia
player.aniview.com
2 ssum-sec.casalemedia.com 2 redirects
2 e.dlx.addthis.com 2 redirects
2 ajax.googleapis.com securepubads.g.doubleclick.net
2 sync-tm.everesttech.net 2 redirects
2 cms.quantserve.com 1 redirects 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
2 onetag-sys.com 1 redirects 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
2 match.360yield.com 2 redirects
2 match.adsrvr.org 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
2 track-selectmedia.com inews.hket.com
2 googleads4.g.doubleclick.net inews.hket.com
2 prod-rtb.ad4mat.net inews.hket.com
2 stats.g.doubleclick.net www.google-analytics.com
2 viselb01.hket.com static01-proxy.hket.com
2 www.googletagmanager.com inews.hket.com
www.googletagmanager.com
2 inlog01.hket.com static01-proxy.hket.com
2 www.youtube.com static01-proxy.hket.com
www.youtube.com
2 imasdk.googleapis.com inews.hket.com
imasdk.googleapis.com
1 rtbpass-us.andbeyond.media inews.hket.com
1 play.selectmedia.asia player.aniview.com
inews.hket.com
1 static-de.ad4mat.net as.ad4m.at
1 e1056743d6f65dd29dd2bd1d16e6e1d2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel.rubiconproject.com 1 redirects
1 rtb.openx.net 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
1 id.rlcdn.com 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
1 ups.analytics.yahoo.com 1 redirects
1 s.tribalfusion.com 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 851367f547691d98e6d8be48752e6c5a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pr-bh.ybp.yahoo.com 1 redirects
1 dclk-match.dotomi.com 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
1 ads.travelaudience.com 1 redirects
1 pixel-sync.sitescout.com 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
1 um.simpli.fi 1 redirects
1 tg1.selectmedia.asia sm1.selectmedia.asia
1 dw.hketgroup.com inews.hket.com
1 sm1.selectmedia.asia securepubads.g.doubleclick.net
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 region1.google-analytics.com www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 pubads.g.doubleclick.net imasdk.googleapis.com
1 inews.hket.com
0 wrappers.geoedge.be Failed rtbpass-us.andbeyond.media
0 cdn.id5-sync.com Failed inews.hket.com
0 serv-selectmedia.com Failed inews.hket.com
0 www.awin1.com Failed as.ad4m.at
0 ad.doubleclick.net Failed as.ad4m.at
0 go1.aniview.com Failed player.aniview.com
0 ad.atdmt.com Failed 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
0 plus.hket.com Failed static01-proxy.hket.com
307 79
Subject Issuer Validity Valid
*.hket.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-09 -
2023-07-10		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
*.hotjar.com
Amazon		 2022-10-25 -
2023-11-23		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-12-30 -
2024-01-28		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-02 -
2023-03-27		 3 months crt.sh
serv-selectmedia.com
GTS CA 1D4		 2023-01-09 -
2023-04-09		 3 months crt.sh
*.hketgroup.com
Amazon		 2022-03-20 -
2023-04-18		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-12-13 -
2023-03-13		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-07 -
2023-06-06		 a year crt.sh
wl.aniview.com
R3		 2023-01-11 -
2023-04-11		 3 months crt.sh
track-selectmedia.com
GTS CA 1D4		 2023-01-03 -
2023-04-03		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-07		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.aniview.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-07-14 -
2023-08-14		 a year crt.sh
*.tps.doubleverify.com
Go Daddy Secure Certificate Authority - G2		 2022-09-28 -
2023-10-30		 a year crt.sh
*.andbeyond.media
Starfield Secure Certificate Authority - G2		 2022-02-23 -
2023-03-12		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh

This page contains 44 frames:

Primary Page: https://inews.hket.com/article/3438925?r=cpsdlc
Frame ID: E64026A5D4EF9D9C5C8A0E34033C23EA
Requests: 95 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.551.0_en.html
Frame ID: CFC2753A9F674B8E14F6EB94EB5B1F98
Requests: 2 HTTP requests in this frame

Frame: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 167C2589501B196A75AF0FB87F492C6D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12ca0aa62ca5cc%26domain%3Dinews.hket.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Finews.hket.com%252Ff21b31c8374222%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%2F%25E3%2580%2590%25E5%258A%25A0%25E5%25AF%2586%25E8%25B2%25A8%25E5%25B9%25A3%25E3%2580%2591Coinbase%25E6%2593%25AC%25E5%2586%258D%25E8%25A3%2581%25E5%2593%25A1%25E5%2585%25A9%25E6%2588%2590%25E3%2580%2580%25E6%25B6%2589%25E7%25B4%2584950%25E4%25BA%25BA&layout=button_count&locale=zh_HK&sdk=joey&share=false&show_faces=false&width=90
Frame ID: 55D20CAD8328AFBB9B700786B14222DA
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13b93c92a67f84%26domain%3Dinews.hket.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Finews.hket.com%252Ff21b31c8374222%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fhketpage&layout=button_count&locale=zh_HK&sdk=joey&share=false&show_faces=false&width=90
Frame ID: 5E811B9A8BE95CCE774A622F22432761
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1A4B9F3376F080BD5F142E02559B1C33
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EDBD14406F3D231F2B42AD5BE8629E83
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 3D7DE5FE35F979920E619454CD724E8D
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2785967FD9CF73161C22C1D09850580F
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Frame ID: 14C6198EE323C7B66DC933E4393C2B59
Requests: 1 HTTP requests in this frame

Frame: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3778C5508A26A5061B9540C0A538544C
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3pfMT4ZeDUCMe0EQezX0_jeAYlwFrs72j_YRPZ6wj2Hqy4pliSGAEgxEdwwvESB0rXUO7D2PJZuR-vw8u0g9dblIM87z1fE1w-UaH8JgoWPIXZm_tJfDjXl3qYxHWqvLoS2BCtJ3WA_GxFtcHEIlov_8vyJltVNW-raxpwmgiQk_QihN9SMFmQSOrrTRT69jq-EbRaqwhULkWR5CIRh9PP7lmuH_n3SA-amSWhEBeKoSuxgCj5K6S6Z5YJRU4CB1ZiS2r4cWtR0W7yMJvlaTVQr4N7GPyula1X87cvjMRLK_3tT5KyiDmdAPpO0wo4v5kJ_oUsvsqznEAkB32k-ZdXFOA7a32&sai=AMfl-YTHH4zGcJPDUzQQFzsww5WMW3kNu5zSCdeqMJvWc17Zztnpm6YzrB7w5C5TBzInmCY5h_8OT2K02mByCu5LtuUxTY72onm_Hrx1f-gHNeQEEQ_uAuedU2WCscn9qDTM&sig=Cg0ArKJSzEjpUm_vTY_aEAE&uach_m=[UACH]&adurl=
Frame ID: 06A216441819BE61D405ECF6DF956E3A
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsDhntgcKvf-yO15Mv6H7Av8lhZ7jsiYmrJi6fp3Fdvh-XFqXTfAnJOPAV9AtX0Sg-W-UGWqCciG8Oulf2BrVpwxTpuYl7OZQm8kksbHTb4rEPPcw7I7DsLKQnYCapcfKS9bZqH4Ja9PTXm8gzyVpRR61QRLDpe6820axAE5yU9IxjQvV1B-FmLt4mzDqC3b1_sHeN6IAD_ZtWmjZMpzG9tfBbQsIMokmxam2E3errsGBXz4Ck0a3F3HecaTvUNaQEUmcjt890Z0ZpARx3WIuDqFleCvTZu08KFGi2O0_gDXDgYKdLJgsWP7mS-dzgjyUww0MgzCeqQUfwDW9aCAoeI3LF-hm9Nw&sai=AMfl-YTQWTwPOWURAKhvRKrVrDa-d8MV-2gpIPyGss7fYHTSxmEvbF5hpN27hx8NGxMsfpD_qPKuPxlZURTjcJ7VMflhXuXESd3xL8YbJauMXpm4Xk1oJzF3b-p-tt0tPN-a&sig=Cg0ArKJSzFnSFTX3mjbZEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: C6DBFC9B45F4118A69D8BC3646A030F7
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_kxNHV7_jHAaM4TxYqAzjWh23vgfxq-t_GdY1MJAuW8VVvytwxskn_DfR64zONQiZ-h6JNmm9--8slgVeYtScIZ-zssHvWCFs4sOspPU9hg45HUY_psChgdi7ShjIaf89AijJd5vBwu9rNUZfni8qAfCf1wF-DG1x6LBoze6CLCoF2rAMRF7LfSYOnOoo54u0ypNKUwGDGtCv_SDWY1HRoD_oogNPz8Ak-4RRfONNjC7fIZM7j2KvPgXdwCk82n8FxFzEN7_YLj9gjMlYj7YTpoyIKXcvckUPvX2guADqWl1cabicQdoj9yfKqz4OIrohBmCTwug6o9yPfyasbzdXD38n2Yac&sai=AMfl-YSKIOi1dfCK8b43n5B8sncVcYGx9NY9ODxzddPsMdzIcOn-W_HwvoX0y045wnPFTy8LFZZ45fPvzuy9-V4hqyfnbXeFLwjFYro3Wc5hhC8HS2rF6JT6geY45ae-mr-A&sig=Cg0ArKJSzN1NOSL1qTmAEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: DFCF0A3E36C2D2A90569DFD726DD3B47
Requests: 13 HTTP requests in this frame

Frame: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D70048C23741FC63E2FCDB022B31A647
Requests: 15 HTTP requests in this frame

Frame: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9BDB93C375F6181DE74E871F0D72A4A0
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssl-nf9FzeZg-umjNc3clip45HO1KheUOWBBtrq_3XQF4P3CHTdK9-0ahKW0khCM8d0J888i3eMq2SVzZCwZZKwMvc1iX2svX2h7PnB366iSt-ZwqgmYqqDHx5s4z0jN8UCaOeYHKqf1V3yJaAJM3xw-hcA3NHv_AVuJpwGACkjU3NTNCDgXCdLse3RLBCqLnNoPvikB0N4nxJGzd-gGKGgZNPrJzRpgoUhTyL9kN2QyCbaBdvWs0-hFRbRd0JHk0IGhyKOi_wGVWvycVXRoHEMeH3ynb28H0GGQHWIoX0MYaEoXmTRe7Yhkb44p7lTazhA85-b9NCFkRtRCs3SziVhLhCKZw&sai=AMfl-YTLppDi59EhDq3r0ofw9znUGWvaEybfLZj1qARnvH4fHURwkfZIjyV-1LIYZG5fBR_SG6xbTpDJL8WPGXpOEmdncxMQ4syBqIhAJD2B1KorSjB1EBdjkvLsm5UCzCMV&sig=Cg0ArKJSzOD95K5kQ8LVEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 9C8E55EE1880E754129E83F3D396A6D3
Requests: 12 HTTP requests in this frame

Frame: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: E14C92ABA8D502C3B99169FB2248ED28
Requests: 14 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1h7rt67gtd2zemrg8tyf78ydgkjz1wpqbptr87s4jhrg336vxgp7sqeajjr9b642x93wjd75q9gr9bzj7kj81np32ad16rvv1e3k7ctz902vg7v1dqamz2hny3a96hvajt7ac119qyc5z0wb70vq3h9a9btgynxbefb5dszk6ad3dyb4tfqmvsey3ja9r3n80thqxpaq23qg1syeaajbbmsm8vzk48s3g956bhf8ec43k5sjnxks6fxpe10c90ztnenpf4zh9mpxwt6d3mp3haxjp97kxpqh99zy1sxjjfcs11y7g2hnswjp2v5ytwwnf3g921gw71vg1b3wpfb33rermkdf014b0q55f75ma4cfpej1p9h69ejp2mg4hcd0m3xsrg7f8tnbmhhdn6spypq926qj58gngn4v6kkzb259kspd9t6b0tsn8xfx1j8c7k5abtb8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzdU4GobHY575AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoElAJP0ORworuMb0fTEP7VvFUP-niJ9zwulYy4g32aa7l5lDbG_-OO0UmrfASuec35eN96vy-8Lz7e6RcKF8Ab0BOyX81Tl0_cl9txhLNtcAmLGYcrRCFHQl2huY7hfqupBkEmvZRxHnuaoxDVfUE1ivsR12RSQHdLHUUTHYPPaoLzggbBNIRmnY1_w1EnooLyg2ajRJ49xt-y8Yqa_GEvnxdMScwayAGB8SX3QpNedLDOR4NYnG1K1d5My2TsUvu0-79vtrIrXDkpQKBe685miYeDIYS7DwGi3r-KoWwJ1Qjw56TkkxGrSZhx-Ct3Xd7h-8P3_s92Ccx4H8YJJyyixSoxlIXrz4FPKFKDvdwFijjWY6n_8_7gBAGABsXvqpes6vKmHKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2gHV6SwhRhS6kMjFVTMwY5XbJtvg%26client%3Dca-pub-9387637170231181%26adurl%3D
Frame ID: 520607A6CB8DF8FD9B036641F44CDDF4
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C53062B72317B2A40C62640E1F0B273A
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1kdmf9xm4q5kdzsr8nkg3z0vhwfdv4mdh88j6gp4hws9mq4xzp65v1fxkyy56rdqrh7a8yff77jcpk2n3g3yzx3ftmvdpm0dgpj0fzyf9sp2jpqnhcb4rmyc042p53dghsdqwat37332bra6y300rmv11jgprv49341qk53545jr0eddnkmxrxng0ztcnhsw7vcj9reyhdkfd42bnmsprq146h7xpn5ndbv1fzrqdd9nk0yay7pn2ya5ahwbppynhp8s0jzyccs76j11a33p19btnf6q3s4a2k2bwgeb9kxcjmsxym3bt81yeak2dmtqp54yfg6n5hdcc1tc0ffaf552587sea504x62y4pqt33wvkqpawn5ch50zf0ehae8158qgc86ggscfp0v1qkwr5925szacyyf4qrghxzt75wp2m75ksyppagberetfz46zb3q8nfn&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtqMNGobHY5f4AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoEmwJP0P9GOtZK7fHAWboLM6tdCMf5z4nBlNZd2FRlfaLc6KP40JtE9GFHZV6dtQ-wffJzyNEH0CIMQCjf7_OgbcD683SFYrhLk_kBfp_TfENMEfDhFdvScnkHTrgMxwXvnj_z96TGvw3XCuDikx7ARYW7DG_-ZlSIO0JI5dIMaA0cnK33QyokzUtb41d6uun0KMJwS99B2UV6gsEMS6FDOokvFdIJ-o4cunU8DVmk2zw3sOz4Ctb9CX0raN3_l-yTSh3y9EGFZpc5iebg095FtJwimxn40Bqo2p7hqy419BNXX8cqnVN31djmI8lZv9pBmlspsm2ndVLI-8XLkaFu_LUMKWvaK3oRAS5sBf7pJjcP7_4vr43r9lVypzv44AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_23Pcm1DvU3Kps2EM8DGneUQaFdAQ%26client%3Dca-pub-9387637170231181%26adurl%3D
Frame ID: CF04E195777EF3F150AB7DFA9BE77F21
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1269B0B389B3C8E8B002957224881406
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
Frame ID: 8F23BF8185984974213C05FA31A96B63
Requests: 18 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
Frame ID: 5BA25AA7016E8482E4461A7550158717
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EE58AEB902DAE263DCCCBB0D2972D6B4
Requests: 3 HTTP requests in this frame

Frame: https://851367f547691d98e6d8be48752e6c5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 740C086200E3E4BFD1D077E4931B48F5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: AE8168AED7982046FF54F90B88F5E8A1
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9D3A2AF35075C5ECF895633DAEA97BF0
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E9C187443095B4B9FEF62C815875520B
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsugR_2WNXnS8bkHgfSzkeSaCvuRLHuNOCNdnky5L90n8mjUBn_LlB87g_RZM-ChRl_zQ4p-J-aTxNkmpnRyqHwPSbtXwADAFW3oSFATo1TtT6oufu1SeM2CjqquYHr9_s_V0xvXJPDcwdlgxEd-hvOXV1Hu055V5KOyXva9zU77Lup9BaYjDSum5suOwqx57jr7LGku0jVHLyEfAGDwctfZID3HBpMfNSpVeOwvW40oA5iInFCoVQVnaubhLmh7Sts0tanIJAkpGHwc3zsSzOX--RREflUc4LV2E-gpwVeAaQE_ep9ZN0gc56sB-t9epRTRA_jvMW_u&sai=AMfl-YSAuoD9eop2JAPNy5TIeKPZltfqds-k24BXIHAh4TtZjf7sPte4o_VQwBZeIpDgo1FhL168b0t9x7WetlmPJF-wvVy9JHC4IHMspKn3YUJjhZXBhGRW_y38bJMJ9WMb&sig=Cg0ArKJSzCQBXCU03SfIEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 54E4191B75CC3B2F9A573B3A13B7BB01
Requests: 5 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3414.js
Frame ID: 8E1835B6857C03502BC09475B4CEA6F6
Requests: 2 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3414.js
Frame ID: 7D6B0838BD5D24B12353877CC203CBC5
Requests: 2 HTTP requests in this frame

Frame: https://e1056743d6f65dd29dd2bd1d16e6e1d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F3449DF9D588C84245ABAE7187F26023
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 86CAE6F7C43CC16B0E1EA9B7DF463095
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: AB6978F4B1A77418F7AE1F3B2ECE2583
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKSogsXMJU8BTBVussVIzcEdDxySGEDkkeDKDiDVoOgmj69-nkdI0nsoIRGzeR9_Bw3sw8CRb-a3mMH89RTEltwjyLCVMZG1RnF8TWNDb0bsuS3mh0y4DkTvzHOEhHDtxaq5QExKy8P8ODRf7rD5Y4KPvOdM6copHhPTHBWy8a6AiIyqhP04UEkewdXA1w2_v8hCdLr7OUE-LlGazTYjloL0YVDjpQR19Wvh98T3EPTpwDWxCftR7IX75w0yNw_2Ci6_9Q5RBzy7_3NO5FfYkl-Tjjy_DFp0B5QpTaej8Be-NNwDbO-7AhrnGo64cbHfesLUBJiAZz8jNmog&sai=AMfl-YQ75rnu4O7WHgTT8DP5rliv1B9KfqCN2zV2CLUR1LwE0lEUYEpksCNnwA0IrgqV4gAJdcY8jTRFOjJETshi2z1pLJ-xe4mXBeT9d-ZfFRQJ-dDZE1JNF5OQ4SggTgXO&sig=Cg0ArKJSzE5wMIPjC_T6EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 1038103A83EFC8BDC6FACB046072E23B
Requests: 4 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f69ee2786f50a6e302c104c
Frame ID: 7BBD0479EB0761B820D406C257480298
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 70618510683362C34D24491074780DFA
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7A4B5EFB7D710BDD54A2A54FBAB8D686
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=22451&b=Px5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9&f=bMAtQfZfmzVaYHbHzt8Cpb1tbSJTMdzuKqMV&c=320&d=50&e=&g=349ad5d528f47fe8cb37ca6f15d6cd4d%2F16884170306485953979&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1674020380942&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1js8224arvftmx6ayrm81s12ey2aa7qpd88mmqawtb40d13wpvw7v5aw99a0bzvae1ysav0vfbtqxz3pxyt44mvy99afprshn1yace8z8zsjqmr1xgk26k72ja6qb8g1mtnzd0hmxmhdeg8xqj1ae6ym840dkf8e6yk433znes7ke1srtht95ca8rmy2w2vxwx9b54caqrf88jaba3jddg1cme802kx9a2qmbmqajyyvgrsd6v333d4qe53f8mw4mfh6aggry0k8bz1axc0cqafr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzdU4GobHY575AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoElAJP0ORworuMb0fTEP7VvFUP-niJ9zwulYy4g32aa7l5lDbG_-OO0UmrfASuec35eN96vy-8Lz7e6RcKF8Ab0BOyX81Tl0_cl9txhLNtcAmLGYcrRCFHQl2huY7hfqupBkEmvZRxHnuaoxDVfUE1ivsR12RSQHdLHUUTHYPPaoLzggbBNIRmnY1_w1EnooLyg2ajRJ49xt-y8Yqa_GEvnxdMScwayAGB8SX3QpNedLDOR4NYnG1K1d5My2TsUvu0-79vtrIrXDkpQKBe685miYeDIYS7DwGi3r-KoWwJ1Qjw56TkkxGrSZhx-Ct3Xd7h-8P3_s92Ccx4H8YJJyyixSoxlIXrz4FPKFKDvdwFijjWY6n_8_7gBAGABsXvqpes6vKmHKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2gHV6SwhRhS6kMjFVTMwY5XbJtvg%2526client%253Dca-pub-9387637170231181%2526adurl%253D&y=1&s=&z=0
Frame ID: C07DDE25DA1EDC0A48AA2D32BE38719F
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=23576%2C14019%2C117569&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6735ce30a525b229d1d175685a37bfa6%2F15922239561918514587&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674020380946&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g44waf0mgenr3tvk3pgz51d6tryq360v6hd31w3hexqtpz0w33t3t3fsk28494vnyadykvsaz72e1a8ks4mxet5pkm1nmnx77f527d5zznpbq48g2nzgm3f6kd10yn0jjw1me0fs9jm893kbmsd35c8axzfd5bh02k1ktnpq1rakfktn72taq16krnvwwpbnhbhfrnqxdzn9bh2b22j7pkp7s4jz5jw0e7g8py743q3tqmk9g269z033ygr7qgrzf2fdd93f83sny7tkehgqn0s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtqMNGobHY5f4AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoEmwJP0P9GOtZK7fHAWboLM6tdCMf5z4nBlNZd2FRlfaLc6KP40JtE9GFHZV6dtQ-wffJzyNEH0CIMQCjf7_OgbcD683SFYrhLk_kBfp_TfENMEfDhFdvScnkHTrgMxwXvnj_z96TGvw3XCuDikx7ARYW7DG_-ZlSIO0JI5dIMaA0cnK33QyokzUtb41d6uun0KMJwS99B2UV6gsEMS6FDOokvFdIJ-o4cunU8DVmk2zw3sOz4Ctb9CX0raN3_l-yTSh3y9EGFZpc5iebg095FtJwimxn40Bqo2p7hqy419BNXX8cqnVN31djmI8lZv9pBmlspsm2ndVLI-8XLkaFu_LUMKWvaK3oRAS5sBf7pJjcP7_4vr43r9lVypzv44AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_23Pcm1DvU3Kps2EM8DGneUQaFdAQ%2526client%253Dca-pub-9387637170231181%2526adurl%253D&y=1&s=&z=0
Frame ID: DFCD60747038775CFE065BC5CDF36DEF
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C5572100BBBE5161D6D94F95CB35079E
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 02C9186221ECE436CC86F3D4826C96B2
Requests: 2 HTTP requests in this frame

Frame: https://serv-selectmedia.com/cdn/mcm/5f69ee2786f50a6e302c104c.json
Frame ID: 65DA7A173DB2EAFB7FA515971020A970
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

【加密貨幣】Coinbase擬再裁員兩成 涉約950人 - 香港經濟日報 - 即時新聞頻道 - 即市財經 - Hot Talk - D230110

Detected technologies

Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

307
Requests

86 %
HTTPS

48 %
IPv6

50
Domains

79
Subdomains

55
IPs

5
Countries

5912 kB
Transfer

16700 kB
Size

31
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62
  • https://sb.scorecardresearch.com/c2/17708049/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 163
  • https://um.simpli.fi/gp_match?google_gid=CAESEBaDi8iou7ICm9s1STVNXTA&google_cver=1&google_push=AavPq0Mw5pN9wMT7_dhVt4xOATrpHtRV95nTu9GurjdR37BHIlgviiZPIIsMKkysFq0pG1DOeAAYRQdi_f-eYr3tTq8UHh1JS0dxkQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D0C0910075CA4319842E86169EAD484E&google_push=AavPq0Mw5pN9wMT7_dhVt4xOATrpHtRV95nTu9GurjdR37BHIlgviiZPIIsMKkysFq0pG1DOeAAYRQdi_f-eYr3tTq8UHh1JS0dxkQ
Request Chain 166
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEFVG1LeczqZtAulNkh2uIH8&google_cver=1&google_push=AavPq0Mx1VlklcfRehu9UWM7xyGJ240Vg3HWhctH4E4teb_rsBjm_pv7K7t82xbRgjIqOH4Gaa7WurbUKItoYiZeY5NsFBSMD0Xd HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=0nZ3tNAnQ3yuFsUIuk0cBQ2&google_push=AavPq0Mx1VlklcfRehu9UWM7xyGJ240Vg3HWhctH4E4teb_rsBjm_pv7K7t82xbRgjIqOH4Gaa7WurbUKItoYiZeY5NsFBSMD0Xd
Request Chain 167
  • https://match.360yield.com/match/ebda?google_gid=CAESEKnrvDKUzGZS-PG6sUOie7M&google_cver=1&google_push=AavPq0PADZfQiLCrmjDNR17mWusSa3c5zszIVqkhNfdNHj42fHjEC3H05O1elOf-miXgKSXgwXS7axHgzDEHgIhP-SPfM6g0stxebA HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEKnrvDKUzGZS-PG6sUOie7M&google_cver=1&google_push=AavPq0PADZfQiLCrmjDNR17mWusSa3c5zszIVqkhNfdNHj42fHjEC3H05O1elOf-miXgKSXgwXS7axHgzDEHgIhP-SPfM6g0stxebA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=vLdPJsSORyCLFiqMgRsIJA&google_push=AavPq0PADZfQiLCrmjDNR17mWusSa3c5zszIVqkhNfdNHj42fHjEC3H05O1elOf-miXgKSXgwXS7axHgzDEHgIhP-SPfM6g0stxebA
Request Chain 168
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBIl2GRsXlPlf7Cc6ANJlbo&google_cver=1&google_push=AavPq0Mm-tZa0Ez1T8zvfsYWpZalOQ9Wf5pFnNrUMrEhfXaQFU6iElzELaOw4b_d8PMCniDpCZcssyNqdXJQ1eoL_muKfNOkPijqPcM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0Mm-tZa0Ez1T8zvfsYWpZalOQ9Wf5pFnNrUMrEhfXaQFU6iElzELaOw4b_d8PMCniDpCZcssyNqdXJQ1eoL_muKfNOkPijqPcM HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 169
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHvCyjwk2ho6oo5dQH3T4qs&google_cver=1&google_push=AavPq0NAt1XnGYyn_9H1kXLXqAMlNZzWh9HGoMoiQ8XYc4kZzNijDDwGmUqVNVM34mvN7rRQDQpeka6vkySB1toyRl60n-iy_W0o-54 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0NAt1XnGYyn_9H1kXLXqAMlNZzWh9HGoMoiQ8XYc4kZzNijDDwGmUqVNVM34mvN7rRQDQpeka6vkySB1toyRl60n-iy_W0o-54 HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 176
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEA5URhbn9_2LwSIXESOTtGo&google_cver=1&google_push=AavPq0NzFmgwDYVXvy0PdLw6BwprCLBSTf3fcBvZFWJK4TEDNLCJXXf2Iut2s9n60fFOzDVBi3ddYnLS2Q3qLv7HQASsZvrePRILYQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEA5URhbn9_2LwSIXESOTtGo&google_push=AavPq0NzFmgwDYVXvy0PdLw6BwprCLBSTf3fcBvZFWJK4TEDNLCJXXf2Iut2s9n60fFOzDVBi3ddYnLS2Q3qLv7HQASsZvrePRILYQ
Request Chain 178
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPd0aSkFJubDxMQgX8iZkaE&google_cver=1&google_push=AavPq0N3uQU4wdPzrI9ArOCo2Zhr_AtUDe_2e8yAt2cIly-NHQ_ErvlsOAt6F6GBxPf66tLZa0-Z-mGvJIusbiZxR07EOSm2Cs7ukA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0N3uQU4wdPzrI9ArOCo2Zhr_AtUDe_2e8yAt2cIly-NHQ_ErvlsOAt6F6GBxPf66tLZa0-Z-mGvJIusbiZxR07EOSm2Cs7ukA&google_hm=eS1kNEFTRVUxRTJwR3JlQnRVTEwyUEV2ZlBOT1k2UUJsdH5B
Request Chain 179
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEL4qwffallbg4APGkkA7Eos&google_cver=1&google_push=AavPq0NIbRByWkWtkxUYcQhDmqD85paK-lNM604J2v_ey47VAKTkVxPSV0buthV9knv_g9KpEV8poJ-IKF4IPzK6hRq55V9R0NLEBg HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEL4qwffallbg4APGkkA7Eos&google_cver=1&google_push=AavPq0NIbRByWkWtkxUYcQhDmqD85paK-lNM604J2v_ey47VAKTkVxPSV0buthV9knv_g9KpEV8poJ-IKF4IPzK6hRq55V9R0NLEBg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0NIbRByWkWtkxUYcQhDmqD85paK-lNM604J2v_ey47VAKTkVxPSV0buthV9knv_g9KpEV8poJ-IKF4IPzK6hRq55V9R0NLEBg
Request Chain 180
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFOT8u3QB0yKbiH9qhOuxho&google_cver=1&google_push=AavPq0OAnKMppir_E89ythSmLJn9MwJZHM3NUBr5SI-q3ApIs3bUOmSojJc4X6fOHBhEP3n0bbzvyfORM88pdP7VcEAAp7zPckgTaQ HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFOT8u3QB0yKbiH9qhOuxho&google_cver=1&google_push=AavPq0OAnKMppir_E89ythSmLJn9MwJZHM3NUBr5SI-q3ApIs3bUOmSojJc4X6fOHBhEP3n0bbzvyfORM88pdP7VcEAAp7zPckgTaQ&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0OAnKMppir_E89ythSmLJn9MwJZHM3NUBr5SI-q3ApIs3bUOmSojJc4X6fOHBhEP3n0bbzvyfORM88pdP7VcEAAp7zPckgTaQ&google_hm=GAVzvGZHiAds3QEsQse5Kv6H
Request Chain 219
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKnnfDJ31GkA1aFdzijsGVY&google_cver=1&google_push=AavPq0M3efxBhR3TJ-fOqLGVFfSx7NdpcKE9YxvYHYU0QQ6v6_Qt53y3DLMphERhP0ZyJw0hQd2tQuRqprOroqNQV7wJ8dhYfrdODw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0M3efxBhR3TJ-fOqLGVFfSx7NdpcKE9YxvYHYU0QQ6v6_Qt53y3DLMphERhP0ZyJw0hQd2tQuRqprOroqNQV7wJ8dhYfrdODw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKnnfDJ31GkA1aFdzijsGVY&google_cver=1&google_push=AavPq0M3efxBhR3TJ-fOqLGVFfSx7NdpcKE9YxvYHYU0QQ6v6_Qt53y3DLMphERhP0ZyJw0hQd2tQuRqprOroqNQV7wJ8dhYfrdODw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0M3efxBhR3TJ-fOqLGVFfSx7NdpcKE9YxvYHYU0QQ6v6_Qt53y3DLMphERhP0ZyJw0hQd2tQuRqprOroqNQV7wJ8dhYfrdODw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 220
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEA5URhbn9_2LwSIXESOTtGo&google_cver=1&google_push=AavPq0NpCFys289D1E38s7vhvIqXUiv_nugG8n6YUUfQ8m3h5GjUhcA0FzXsYHO4BBDA8jWrGcVU3lsgCdE7Vk6jI255k8H-GsrKeg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WThlR0d3QUFBVFFfSlFBRg==&google_gid=CAESEA5URhbn9_2LwSIXESOTtGo&google_cver=1&google_push=AavPq0NpCFys289D1E38s7vhvIqXUiv_nugG8n6YUUfQ8m3h5GjUhcA0FzXsYHO4BBDA8jWrGcVU3lsgCdE7Vk6jI255k8H-GsrKeg
Request Chain 221
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEL4qwffallbg4APGkkA7Eos&google_cver=1&google_push=AavPq0Ovuw_M4bN5XRkg0v_KxA5ZTGK0D27H-kqDV4igl7B_WuM1KunU1TW2wWs5Kcy_UL0ko0e4M7T_jg1_JIuLhAkRV9mwCpEQbA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0Ovuw_M4bN5XRkg0v_KxA5ZTGK0D27H-kqDV4igl7B_WuM1KunU1TW2wWs5Kcy_UL0ko0e4M7T_jg1_JIuLhAkRV9mwCpEQbA
Request Chain 222
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOLEYHuOxC-GtaFKqYG62sQ&google_cver=1&google_push=AavPq0Mm21fagNJF6Rcfo1-2UrI9R-g_-gWS7CiPN33XtciohbF0s04gnPdTxNxRB0LXM1DPzwPtA2NGrC67W7pmwBqHMoUWplJA HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOLEYHuOxC-GtaFKqYG62sQ&google_cver=1&google_push=AavPq0Mm21fagNJF6Rcfo1-2UrI9R-g_-gWS7CiPN33XtciohbF0s04gnPdTxNxRB0LXM1DPzwPtA2NGrC67W7pmwBqHMoUWplJA&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=f97sp8sOSnGYwIDpHe046g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0Mm21fagNJF6Rcfo1-2UrI9R-g_-gWS7CiPN33XtciohbF0s04gnPdTxNxRB0LXM1DPzwPtA2NGrC67W7pmwBqHMoUWplJA
Request Chain 223
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFOT8u3QB0yKbiH9qhOuxho&google_cver=1&google_push=AavPq0OSjJjtQlm3toBm1bQdZgikF8IoXzEoGXQFzLclUfG8FscnzNLwHLLSLLiVff2rtuEG9xdgzVVdhBBaUZ5oGK78oYnnavo06g HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0OSjJjtQlm3toBm1bQdZgikF8IoXzEoGXQFzLclUfG8FscnzNLwHLLSLLiVff2rtuEG9xdgzVVdhBBaUZ5oGK78oYnnavo06g&google_hm=GAVzvGZHiAds3QEsQse5Kv6H
Request Chain 224
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIvPrrkBtMwrD4-xniEDbiQ&google_cver=1&google_push=AavPq0P4fT_BF2LULmsgsi0-1MlJ3vG1SpS--uwrYE6jU-fhNIHE-eo9WCHOVvuyqhYamKToLEEry7m4ZedeFkJo41CgrCTS_4xVhEc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RSHI1ZFpaRTJ1RjZ1MGk5VG16aTRCMy4yY2twZnBaQn5B&google_push=AavPq0P4fT_BF2LULmsgsi0-1MlJ3vG1SpS--uwrYE6jU-fhNIHE-eo9WCHOVvuyqhYamKToLEEry7m4ZedeFkJo41CgrCTS_4xVhEc
Request Chain 225
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHvCyjwk2ho6oo5dQH3T4qs&google_cver=1&google_push=AavPq0Oni0QAjly7sWlOQG5gYwchhyAKcN0SEkk3CXwQucay9mGKkbUXPw2fo5rnC5bF1OrfGKCQqlHrbTNqupSdQTQr8366GQwvt6g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0Oni0QAjly7sWlOQG5gYwchhyAKcN0SEkk3CXwQucay9mGKkbUXPw2fo5rnC5bF1OrfGKCQqlHrbTNqupSdQTQr8366GQwvt6g HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 227
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELaGFrIZPW0PjS2POVMGjNM&google_cver=1&google_push=AavPq0O96boC1D6wfhNAnaG_3angnG1pErq5hQUBfFWsoy7HtXLIimCMczS7Zo8Ztw_swn4CkBBPLgJuPbaHc-xuK9_8oEUIIDwZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0O96boC1D6wfhNAnaG_3angnG1pErq5hQUBfFWsoy7HtXLIimCMczS7Zo8Ztw_swn4CkBBPLgJuPbaHc-xuK9_8oEUIIDwZ&google_hm=pb5vrVlp28Fz6MxAAfLgHw
Request Chain 229
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAavPq0PUBiySNPoFt4U10ntsRL5ZhLEmmaTDsszRVp88FG0fU1P-lxcBIlegI4-HnudsU3jJL5-a-aqMegdNS4OLfN8qVFfTWEw0&google_gid=CAESEMkxqOW3uVNsjx0t2fZaVcg&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAavPq0PUBiySNPoFt4U10ntsRL5ZhLEmmaTDsszRVp88FG0fU1P-lxcBIlegI4-HnudsU3jJL5-a-aqMegdNS4OLfN8qVFfTWEw0&google_gid=CAESEMkxqOW3uVNsjx0t2fZaVcg&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAxMTgwNTM5NDAwMDAxMDY4OTA3NjQyNw%3D%3D&google_push=AavPq0PUBiySNPoFt4U10ntsRL5ZhLEmmaTDsszRVp88FG0fU1P-lxcBIlegI4-HnudsU3jJL5-a-aqMegdNS4OLfN8qVFfTWEw0
Request Chain 231
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOLEYHuOxC-GtaFKqYG62sQ&google_cver=1&google_push=AavPq0MPZvePiv7zI3qcCBGPWWqDSXofdE3Tnsbte0j0AcMmfZ-jU7UpF9S7UyYotYxm3Y8uPFF_U7GAn1lmE7plhcFT93exCfj9 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOLEYHuOxC-GtaFKqYG62sQ&google_cver=1&google_push=AavPq0MPZvePiv7zI3qcCBGPWWqDSXofdE3Tnsbte0j0AcMmfZ-jU7UpF9S7UyYotYxm3Y8uPFF_U7GAn1lmE7plhcFT93exCfj9&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Nz9i3jiJQTqanqAS_A8kWw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0MPZvePiv7zI3qcCBGPWWqDSXofdE3Tnsbte0j0AcMmfZ-jU7UpF9S7UyYotYxm3Y8uPFF_U7GAn1lmE7plhcFT93exCfj9
Request Chain 232
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECIA3Spa6cqZjJ78FyfHnUw&google_cver=1&google_push=AavPq0MHon9TkKhLoaNlFs4WKmHBW_7sx50MOfxoAX1ocOKJdHQXRQkKQYN9V0Ky3m_b_oF4y4t370eXcsNdRnmmjIF-wSAMWVe_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQxOElHOU4tNS02WjJT&google_push=AavPq0MHon9TkKhLoaNlFs4WKmHBW_7sx50MOfxoAX1ocOKJdHQXRQkKQYN9V0Ky3m_b_oF4y4t370eXcsNdRnmmjIF-wSAMWVe_
Request Chain 233
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJRnpIttTXNm759J83SyFy8&google_cver=1&google_push=AavPq0PThzFBqIGnCL18ErewxAQmeKNVfvROGAWk7SRX9gPb1KnMamSrrYrNOBHAM-Hy93f4B4XfjqaXGARg4ClfdoaGqa4KevK9 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJRnpIttTXNm759J83SyFy8&google_push=AavPq0PThzFBqIGnCL18ErewxAQmeKNVfvROGAWk7SRX9gPb1KnMamSrrYrNOBHAM-Hy93f4B4XfjqaXGARg4ClfdoaGqa4KevK9&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJRnpIttTXNm759J83SyFy8&google_hm=Y8eGHAHHdOeRBRadr76vogAABJEAAAAB&google_nid=index&google_push=AavPq0PThzFBqIGnCL18ErewxAQmeKNVfvROGAWk7SRX9gPb1KnMamSrrYrNOBHAM-Hy93f4B4XfjqaXGARg4ClfdoaGqa4KevK9
Request Chain 305
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidPx5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9oneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJu7qPGz0PwCFViVdwods5oEOg;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidPx5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9oneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
Request Chain 311
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CO27qPGz0PwCFauSdwodOlQJiw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0

307 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 3438925
inews.hket.com/article/ 		112 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.223 Central, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
/
Resource Hash
5684247e2e75ce3caade635dbe5910388671f7825215e86c6220ee763760ac49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Encoding
gzip
Content-Language
de-DE
Content-Type
text/html;charset=UTF-8
Date
Tue, 17 Jan 2023 21:39:33 PST
ETag
"07eef5b325b2071b60900a57b1e2e88c5"
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
vary
accept-encoding
hket-icon-07.ttf
static01-proxy.hket.com/res/v3/dist/common/fonts/ 		52 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static01-proxy.hket.com/res/v3/dist/common/fonts/hket-icon-07.ttf
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:200:19:debb:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13 /
Resource Hash
be5a37614c475bd6f4a155365709a9d8ea9b80e361793686d79f5e177b754a35

Request headers

Referer
https://inews.hket.com/
Origin
https://inews.hket.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:34 GMT
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified
Wed, 05 Oct 2022 03:19:23 GMT
server
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13
x-amz-cf-pop
FRA56-C1
etag
"d180-5ea410b1124c0"
x-cache
RefreshHit from cloudfront
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
53632
x-amz-cf-id
6U-8IRt6LRW5CX6Vx9f_sNIx8BbZQSUvfpVtVs46qfCR-D-7dtrfJA==
expires
Fri, 17 Feb 2023 05:39:34 GMT
ads.js
www.google.com/adsense/search/ 		141 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/adsense/search/ads.js
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e44f7406ddff0ef14e5855d7d864a57e341a2716a264a59a195e17ab3f506a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-afs-ui"
etag
"17379799163859329317"
vary
Accept-Encoding
report-to
{"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
accept-ranges
bytes
expires
Wed, 18 Jan 2023 05:39:33 GMT
hket-default-img-01.gif
static01-proxy.hket.com/res/v3/dist/common/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01-proxy.hket.com/res/v3/dist/common/images/hket-default-img-01.gif
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:200:19:debb:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13 /
Resource Hash
b175924be49b60de2bd4d746960aac08d31823a4a2b983874ae50df496701731

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:34 GMT
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified
Wed, 05 Oct 2022 03:19:23 GMT
server
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13
x-amz-cf-pop
FRA56-C1
etag
"8f5-5ea410b1124c0"
x-cache
RefreshHit from cloudfront
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2293
x-amz-cf-id
McCaOsZZp9rj2pJsVgxnNsB7LEvF5yfL3688Ds0wEGiCor700LOygA==
expires
Fri, 17 Feb 2023 05:39:34 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		369 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdf10f2d2c2627b33f59c5110c744cc586c01cc00616a689c81b818255de09b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125837
x-xss-protection
0
expires
Wed, 18 Jan 2023 05:39:33 GMT
common-style-4e567cb8ee.min.js
static01-proxy.hket.com/res/v3/dist/common/js/ 		291 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static01-proxy.hket.com/res/v3/dist/common/js/common-style-4e567cb8ee.min.js
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:200:19:debb:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13 /
Resource Hash
10f02eb25f535059852c491b933586a756a14bc084810b00cac2be5f750cfc00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:34 GMT
content-encoding
gzip
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified
Wed, 21 Dec 2022 07:02:38 GMT
server
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13
x-amz-cf-pop
FRA56-C1
etag
"48b68-5f05123407f80-gzip"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
44507
x-amz-cf-id
g-cm8dr_pvYDbJwN-e4pI88OosnWhfqThZ2RzLHlUlCKgFD40aOG7A==
expires
Fri, 17 Feb 2023 05:39:34 GMT
content-style-48ae562899.min.js
static01-proxy.hket.com/res/v3/dist/common/js/ 		101 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static01-proxy.hket.com/res/v3/dist/common/js/content-style-48ae562899.min.js
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:200:19:debb:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13 /
Resource Hash
15bd42f008acb27168641cab6c1ef33f51944899c1256345d04f3c543ee73682

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:34 GMT
content-encoding
gzip
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified
Wed, 21 Dec 2022 07:02:38 GMT
server
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13
x-amz-cf-pop
FRA56-C1
etag
"192a9-5f05123407f80-gzip"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
21831
x-amz-cf-id
Y1VLt67reeHGDn51cSaLntZn03LD3nxYM-Y4g9Gpwuj7mgcXsUurvQ==
expires
Fri, 17 Feb 2023 05:39:34 GMT
common-75028ca265.min.js
static01-proxy.hket.com/res/v3/dist/common/js/ 		294 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static01-proxy.hket.com/res/v3/dist/common/js/common-75028ca265.min.js
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:200:19:debb:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13 /
Resource Hash
d6fd1b5f03b568e242e07a3300aef8116c4526570116de1cd4559101f6f666eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:34 GMT
content-encoding
gzip
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified
Wed, 05 Oct 2022 03:19:26 GMT
server
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13
x-amz-cf-pop
FRA56-C1
etag
"499d1-5ea410b3eeb80-gzip"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
JOvBOWABVyU5hvbJD-Viif9xUgxmBpkRs3BUOfR1LUjghAc7Y7zvog==
expires
Fri, 17 Feb 2023 05:39:34 GMT
content-0fae034385.min.js
static01-proxy.hket.com/res/v3/dist/common/js/ 		996 KB
285 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static01-proxy.hket.com/res/v3/dist/common/js/content-0fae034385.min.js
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:200:19:debb:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13 /
Resource Hash
fc68c3423fc3956bb2d36bf1e17d50a45c7f339d8a71f2d543c791cdf5baafdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:34 GMT
content-encoding
gzip
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified
Wed, 14 Dec 2022 02:44:17 GMT
server
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13
x-amz-cf-pop
FRA56-C1
etag
"f90a9-5efc0b66e6240-gzip"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
x-amz-cf-id
cS_bY_Gkeio9Pv-wYPoRp5HNVz3GMH-X3N1Yvb_cki4wE0zckoPBiQ==
expires
Fri, 17 Feb 2023 05:39:34 GMT
inlog-v1.4.min.js
static01-proxy.hket.com/res/v3/script/common/inlog/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static01-proxy.hket.com/res/v3/script/common/inlog/inlog-v1.4.min.js
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:200:19:debb:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13 /
Resource Hash
1e7cc7a8f5a3f6076a6d6722fbdddc34746f420e1c73117ee8904d09c14dc825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:34 GMT
content-encoding
gzip
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified
Thu, 19 Sep 2019 02:07:25 GMT
server
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13
x-amz-cf-pop
FRA56-C1
etag
"b09-592de6a28b140-gzip"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1121
x-amz-cf-id
D6nWZw21xrZP7V0VYk8xQGpffuGlDK-ujl-RxV8qq21-XsbFfP1QWA==
expires
Fri, 17 Feb 2023 05:39:34 GMT
hket-top-logo-v2.png
static01-proxy.hket.com/res/v3/dist/common/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01-proxy.hket.com/res/v3/dist/common/images/hket-top-logo-v2.png
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:200:19:debb:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13 /
Resource Hash
a006ec02817e554d0edcd85d7d4664b37959c24ac71072bb5b29277ce3797ffb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:35 GMT
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified
Wed, 05 Oct 2022 03:19:23 GMT
server
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13
x-amz-cf-pop
FRA56-C1
etag
"cd3-5ea410b1124c0"
x-cache
RefreshHit from cloudfront
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3283
x-amz-cf-id
TLAdmfncULYJXdXgXNGZIEb2aaNawJEschO7e6jGYQPoPf5P85ioUQ==
expires
Fri, 17 Feb 2023 05:39:35 GMT
hket-channel-v8.png
static01-proxy.hket.com/res/v3/dist/common/images/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01-proxy.hket.com/res/v3/dist/common/images/hket-channel-v8.png
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:200:19:debb:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13 /
Resource Hash
6e8556e923475a6bb83130c18d46ea34e686bfbd0a384804030b8abe0fd2a1eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:35 GMT
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified
Wed, 05 Oct 2022 03:19:23 GMT
server
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13
x-amz-cf-pop
FRA56-C1
etag
"86cf-5ea410b1124c0"
x-cache
RefreshHit from cloudfront
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
34511
x-amz-cf-id
pWac82zdBUszsWXEUtzfdkh_j8U_O5OC7nAULFYTxBvIqzmM8e9-BA==
expires
Fri, 17 Feb 2023 05:39:35 GMT
RWHeader_AppDN_EP_01.png
static01-proxy.hket.com/res/v3/dist/common/images/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01-proxy.hket.com/res/v3/dist/common/images/RWHeader_AppDN_EP_01.png
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:200:19:debb:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13 /
Resource Hash
a4eab65bcba6718b0cefc357596bd0b1436e9f3655929d13f1caa5580bbd2052

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:35 GMT
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified
Wed, 18 Jan 2023 02:03:02 GMT
server
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13
x-amz-cf-pop
FRA56-C1
etag
"6e54-5f280375b0180"
x-cache
RefreshHit from cloudfront
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
28244
x-amz-cf-id
IJo-BKEcrVab1R58kEXUwPjW05we-GVUq268PzOh4nBTLt1Phxu8sw==
expires
Fri, 17 Feb 2023 05:39:35 GMT
truncated
/ 		715 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
subscribe_eNewsletter-bg-s.jpg
static01-proxy.hket.com/res/v3/dist/common/images/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01-proxy.hket.com/res/v3/dist/common/images/subscribe_eNewsletter-bg-s.jpg
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:200:19:debb:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13 /
Resource Hash
4c5ae6869b92973a0712aaed5a086d6928aed327fca5981ae839507ea05df674

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:35 GMT
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified
Wed, 18 Jan 2023 02:03:02 GMT
server
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13
x-amz-cf-pop
FRA56-C1
etag
"2a98-5f280375b0180"
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10904
x-amz-cf-id
LWMlvBkaiK_vFX6BCs2nKfKiy0Jcy-8B5bRn-cStOFGK5RlvpENsMg==
expires
Fri, 17 Feb 2023 05:39:35 GMT
hket-logo-mmenu.png
static01-proxy.hket.com/res/v3/dist/common/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static01-proxy.hket.com/res/v3/dist/common/images/hket-logo-mmenu.png
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:200:19:debb:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13 /
Resource Hash
9d12bd846df1d9a7ee82214a4c6886e01ab5a98d49cd45e7631b2b6c04300b65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:35 GMT
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified
Wed, 05 Oct 2022 03:19:23 GMT
server
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13
x-amz-cf-pop
FRA56-C1
etag
"494-5ea410b1124c0"
x-cache
RefreshHit from cloudfront
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1172
x-amz-cf-id
X--858xbzTZySwePCzobuOAHu0RDJovY7ZBmGA7iKFOZsQE4qcAvMA==
expires
Fri, 17 Feb 2023 05:39:35 GMT
weather.ttf
static01-proxy.hket.com/res/v3/dist/common/fonts/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static01-proxy.hket.com/res/v3/dist/common/fonts/weather.ttf
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:200:19:debb:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13 /
Resource Hash
a6449d02e0aa44eb841020ebf9c1511913db90bfd6a5099c8422c55089f432a4

Request headers

Referer
https://inews.hket.com/
Origin
https://inews.hket.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:35 GMT
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
last-modified
Wed, 05 Oct 2022 03:19:23 GMT
server
Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13
x-amz-cf-pop
FRA56-C1
etag
"61c8-5ea410b1124c0"
x-cache
RefreshHit from cloudfront
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
content-length
25032
x-amz-cf-id
9Mm8Mlyc3NepT9dUhnhi6c-M2_Vj3RvrCj_htZ8SpIFV-F3mXB-9-g==
expires
Fri, 17 Feb 2023 05:39:35 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: static01-proxy.hket.com
URL: https://static01-proxy.hket.com/res/v3/dist/common/js/common-75028ca265.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8342ee2a9f9695a268adafd8c87219e4b74b60e31d232533c88f993d27faa5ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27784
x-xss-protection
0
server
sffe
etag
"1455 / 674 of 1000 / last-modified: 1673996606"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Jan 2023 05:39:35 GMT
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		351 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
2023011_1024.jpg
static04.hket.com/res/v3/image/content/3435000/3438925/ 		253 KB
254 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static04.hket.com/res/v3/image/content/3435000/3438925/2023011_1024.jpg
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-92.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e31ff0f1ed5deac538c532c50e7c2522edf24a7d2d418351cc4ff8e050b9cc98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:37 GMT
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified
Tue, 10 Jan 2023 14:55:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"775e5ecadd8d1dd21f6240b177e5c439"
x-cache
Miss from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
259195
x-amz-cf-id
oXoDlBh63_YIcZKty-DKGJmofiGqRZ3G7ddARs7Pr1wtCjXoKeVt-A==
b_135.jpg
static04.hket.com/res/v3/image/content/3440000/3443648/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static04.hket.com/res/v3/image/content/3440000/3443648/b_135.jpg
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-92.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9fb5446b1834bd10e06ebccd98e42d110fcc701c088564da1afab2febacd3754

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:37 GMT
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified
Tue, 17 Jan 2023 04:37:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"afaedc7c1a691eec7feed5aab69632f1"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7024
x-amz-cf-id
95qrjABscVD1ALLKsm-58gIgrmsctEUmf-84v5OnmQaMjLpe3pYLpg==
a_135.jpg
static04.hket.com/res/v3/image/content/3440000/3443486/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static04.hket.com/res/v3/image/content/3440000/3443486/a_135.jpg
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-92.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
96c0e8060c6da011e7ea61c4d27ec79695a890b053ef52889dc2967003efefea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:37 GMT
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified
Tue, 17 Jan 2023 01:55:29 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"deb2ff4413be849159805bb3c35b2ebe"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10188
x-amz-cf-id
2vQJ8i9Bu2OfbWxeHsOcbjEy79xom3aSuN7hM0EegcTm3RfVRwqg7A==
HXC_1024_135.jpg
static04.hket.com/res/v3/image/content/3440000/3443477/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static04.hket.com/res/v3/image/content/3440000/3443477/HXC_1024_135.jpg
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-92.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
be6cfa7666c6ba6b7600d3fc9530900c6bdd9c7407dfd56143a9fdec67dff356

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:37 GMT
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified
Tue, 17 Jan 2023 21:42:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"619a62c450072f169b80c7c6073bd071"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7680
x-amz-cf-id
FiBFWN1-4mfh1LcvC93zGggT8tH-R5Db7FfDY6b0DkRf-tFqO_7vHA==
170123_33_135.jpg
static04.hket.com/res/v3/image/content/3440000/3443619/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static04.hket.com/res/v3/image/content/3440000/3443619/170123_33_135.jpg
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-92.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f054007841af3fdd6b522b432dbff5a656e2823d4290b37a25edcd570cbeb1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:37 GMT
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified
Tue, 17 Jan 2023 06:00:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"d15f988948577cc7caac56d13cdb91bf"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8118
x-amz-cf-id
HOFgVs_vbPz-odROFOFeQHpoaB69hAQLeI18RgYq9CGuDRo9RvqVeQ==
a_135.jpg
static04.hket.com/res/v3/image/content/3440000/3443433/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static04.hket.com/res/v3/image/content/3440000/3443433/a_135.jpg
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-92.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
35f59a0671297463bedd4e40d1348403847c8b22bf90589084e2f21d6ed47ddc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:37 GMT
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified
Tue, 17 Jan 2023 01:13:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"3765565001a6ac39a4c0166e0ba728fe"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
8837
x-amz-cf-id
ruYxEvJyHn-HLIw28HbNAgSTHP2xZNz0HVGFRyMPbTdytCR81NBc_A==
20221229_us_1024_1024_135.jpg
static04.hket.com/res/v3/image/content/3440000/3442740/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static04.hket.com/res/v3/image/content/3440000/3442740/20221229_us_1024_1024_135.jpg
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-92.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c77afa2076f3fa1141361c67ba162e03ce4001e3e32d48c45a2e3e6b7e22728b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:37 GMT
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified
Mon, 16 Jan 2023 04:25:00 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"165d42ee849ff1e69b8d8f23e54aa8b1"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
10911
x-amz-cf-id
OWWZSdm3kdPFItMfvp-EssSHfmOf6QQDXx4TMws0QYPQGWcTfmlMVQ==
pubads_impl_2023011001.js
securepubads.g.doubleclick.net/gpt/ 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba08a3d19225206e1f616f14c7d6e4f214002374c7086834026cb977a09748fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 00:31:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18501
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132153
x-xss-protection
0
last-modified
Tue, 10 Jan 2023 09:35:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 18 Jan 2024 00:31:14 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		470 B
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=inews.hket.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8d502e3699dfe24ccbc688aebc53f2971090ee299fc78dacc043cb167d22902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
169
x-xss-protection
0
expires
Wed, 18 Jan 2023 05:39:35 GMT
iframe_api
www.youtube.com/ 		992 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: static01-proxy.hket.com
URL: https://static01-proxy.hket.com/res/v3/dist/common/js/content-0fae034385.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bff70cc67f36c252a4a1053f3047356ca99d93d7e37ff6fc0df8ad6b33ee530c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 18 Jan 2023 05:39:35 GMT
20230109_MoneyTalk_thumb_1024.jpg
static04.hket.com/res/v3/image/video/3435000/3438013/ 		193 KB
193 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static04.hket.com/res/v3/image/video/3435000/3438013/20230109_MoneyTalk_thumb_1024.jpg
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-92.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a7a41f2b53566d14932b1e38f9d3a5aa2030402730e8a67968b74110fadf2e37

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:37 GMT
via
1.1 2a3a093b493a82493f3431437cb166ac.cloudfront.net (CloudFront)
last-modified
Mon, 09 Jan 2023 11:28:24 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
etag
"4b37f15a5762b7ea622028317aac61bc"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
197374
x-amz-cf-id
LS1kzWnHtiHvpn7uyWhj3Qur63Uyk0XocBpMvpTT2G_a22t3uJuW1A==
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://inews.hket.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
bridge3.551.0_en.html
imasdk.googleapis.com/js/core/ Frame CFC2 		694 KB
223 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.551.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9b4ed6bb59d1c0c75a130ca947ef90a06e253c7e8b841810b68c24d24fe6b3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://inews.hket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1012
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227828
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Jan 2023 05:22:44 GMT
expires
Thu, 18 Jan 2024 05:22:44 GMT
last-modified
Mon, 09 Jan 2023 15:17:00 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 Jan 2023 05:39:36 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=inews.hket.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
73474d46-7cec-40e7-8741-b7da8133a8ae
https://inews.hket.com/ 		6 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://inews.hket.com/73474d46-7cec-40e7-8741-b7da8133a8ae
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8942ef222b34092b3c7dd7fd27010d431cdb1fc74c6db71bafb44c664fed4692

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length
5770
Content-Type
application/javascript
35297ac8-eda8-49c8-b36f-288f41f19365
https://inews.hket.com/ 		77 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://inews.hket.com/35297ac8-eda8-49c8-b36f-288f41f19365
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64597fd148b2edfa22406f019255340d5b0b27390ee60a06523d4381ea143502

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length
79232
Content-Type
application/javascript
feaa3ef4-9f0a-4089-ae3f-f8215971d717
https://inews.hket.com/ 		77 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://inews.hket.com/feaa3ef4-9f0a-4089-ae3f-f8215971d717
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64597fd148b2edfa22406f019255340d5b0b27390ee60a06523d4381ea143502

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length
79232
Content-Type
application/javascript
www-widgetapi.js
www.youtube.com/s/player/4248d311/www-widgetapi.vflset/ 		183 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
79fd5090a5c6183320b1f33277853bae56cf68f320de8f7d68be080d2cae837c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 03:02:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
9410
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62798
x-xss-protection
0
last-modified
Thu, 12 Jan 2023 01:15:11 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 18 Jan 2024 03:02:46 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame CFC2 		156 B
914 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F183518426%2FHKET2_WebRP_iNewsDetail_PreRoll&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3711998792457945&cust_params=section%3D%E8%B2%A1%E7%B6%93%E5%8F%B0%2CET%E8%B2%A1%E6%99%BATalk%26visitor_key%3DBeforeLogin%26formal_tag%3D%E6%8A%95%E8%B3%87%2C%E7%B6%93%E6%BF%9F%2C%E7%B6%93%E6%BF%9F%E8%A1%B0%E9%80%80%2C%E5%B8%82%E6%B3%81%E5%88%86%E6%9E%90%2C%E5%AE%8F%E8%A7%80%E5%88%86%E6%9E%90%2C%E5%AE%8F%E8%A7%80%E5%B8%82%E5%A0%B4%2C%E6%96%B0%E8%88%88%E5%B8%82%E5%A0%B4%2C%E7%B6%93%E6%BF%9F%E6%95%B8%E6%93%9A%E8%A1%A8%E7%8F%BE%2C%E5%AF%A6%E9%AB%94%E8%A9%9E%2C%E6%8A%95%E8%B3%87%E7%AD%96%E7%95%A5%2C%E8%A6%8B%E9%A0%82%2C%E5%88%86%E6%9E%90%E6%8C%87%E6%A8%99%2C%E5%80%BC%E5%8D%9A%E7%8E%87%2C%E8%82%A1%E7%A5%A8%2C%E6%B8%AF%E8%82%A1%2C%E6%8A%95%E8%B3%87%E7%94%A2%E5%93%81%2C%E5%95%86%E5%93%81%2C%E7%BE%8E%E8%82%A1%2C%E7%B6%93%E6%BF%9F%E6%95%B8%E6%93%9A%E5%8F%8A%E8%AA%BF%E6%9F%A5%2C%E9%80%9A%E8%84%B9%2CCPI%26video_id%3D3438013%26live%3Dfalse&vpa=auto&vpmute=0&sdkv=h.3.551.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=3502178145&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.551.0&sid=6BD605F4-2B07-4522-A1A2-5FCDFBBABDEA&nel=0&eid=44731964%2C44748969%2C44765701%2C44777649&url=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%3Fr%3Dcpsdlc&dlt=1674020373523&idt=2589&dt=1674020376149&cookie_enabled=1&scor=2841729312691767&ged=ve4_td2_tt0_pd2_la2000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.551.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
weblog
inlog01.hket.com/inlog/log/ 		7 B
241 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inlog01.hket.com/inlog/log/weblog
Requested by
Host: static01-proxy.hket.com
URL: https://static01-proxy.hket.com/res/v3/dist/common/js/common-75028ca265.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.165 Central, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Access-Control-Allow-Origin
https://inlog01.hket.com/inlog/log/weblog
Accept
text/html, */*; q=0.01
Referer
https://inews.hket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://inews.hket.com
Date
Wed, 18 Jan 2023 05:39:37 GMT
Access-Control-Allow-Credentials
true
Server
Apache-Coyote/1.1
Content-Length
7
Vary
Origin
Content-Type
text/html
weblog
inlog01.hket.com/inlog/log/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://inlog01.hket.com/inlog/log/weblog
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.143.30.165 Central, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,content-type
Access-Control-Request-Method
POST
Origin
https://inews.hket.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
access-control-allow-origin, content-type
Access-Control-Allow-Methods
GET,PUT,POST
Access-Control-Allow-Origin
https://inews.hket.com
Access-Control-Max-Age
1600
Allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Content-Length
0
Date
Wed, 18 Jan 2023 05:39:37 GMT
Server
Apache-Coyote/1.1
Vary
Origin
sdk.js
connect.facebook.net/zh_HK/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_HK/sdk.js
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
23aba93a57ec8a4e277062af494f64d3a5bb85321a1fa060af94377c03ef7c71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 18 Jan 2023 05:39:37 GMT
content-md5
so4EnfiX8h3fGZy3ICD67w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
x-fb-rlafr
0
x-fb-debug
kCGKSdvDHKfYDABQX19BDxVU4PJVv2qk+iyrNatUvOUl9lfnaxW7EL3iOQEuy6uEWm5CnN/LeIIz2H3zo6CmFA==
x-fb-trip-id
2050670934
x-fb-content-md5
a577d25ae13a7ca263f123d62fe4e244
cross-origin-opener-policy
same-origin-allow-popups
etag
"f5bc4699a8a35ca14647ca43af039969"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 18 Jan 2023 05:53:21 GMT
gtm.js
www.googletagmanager.com/ 		517 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WX5N6M
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5852f2c7092bd92c4b0cae00fca6d8f08e2e13b33fd60f742e9751c77e4c1752
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
124408
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 18 Jan 2023 05:39:37 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=inews.hket.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=inews.hket.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		713 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2512665111444734&correlator=2190041109963300&output=ldjh&gdfp_req=1&vrg=2023011001&ptt=17&impl=fifs&iu_parts=183518426%2Chket2_webrp_inewsdetail_stickytop&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x160%7C970x90%7C970x250%7C728x90&ifi=1&adks=1989716805&didk=2998157634&sfv=1-0-40&eri=1&cust_params=article_id%3D3438925%26section_id%3D008010006%26adhoc_tag%3D%25E7%25BE%258E%25E8%2582%25A1%25E7%2584%25A6%25E9%25BB%259E%26contenttag_id%3D11691%252C2159%252C1128%252C26%26stock_id%3D%26keyword%3D%25E5%2593%25A1%25E5%25B7%25A5%252C%25E5%25B9%25B3%25E5%258F%25B0%252C%25E8%25B2%25A8%25E5%25B9%25A3%252C%25E5%25B8%2582%25E5%25A0%25B4%252C%25E8%25A8%2588%25E5%258A%2583%252C%25E7%25BE%258E%25E8%2582%25A1%252C%25E6%25A5%25AD%25E7%2595%258C%252C%25E8%25A1%258C%25E6%25A5%25AD%252C%25E7%2594%25A8%25E6%2588%25B6%252C%25E5%25AD%25A3%25E5%25BA%25A6%252C%25E4%25BA%25A4%25E6%2598%2593%252C%25E8%25B2%25BB%25E7%2594%25A8%252C%25E9%2596%258B%25E6%2594%25AF%252C%25E5%25AE%2589%25E6%259F%258F%252C%25E9%2587%2591%25E8%259E%258D%252C%25E9%259B%25B7%25E5%25BF%2597%25E6%25B5%25B7%252C%25E7%25B6%2593%25E6%25BF%259F%252C%25E6%2596%25B0%25E8%2581%259E%252C%25E7%2584%25A6%25E9%25BB%259E%252C%25E8%25B2%25A1%25E6%2599%25BA%252C%25E7%25BE%258E%25E5%259C%258B%252C%25E6%2581%25AF%25E5%258F%25A3%252C%25E8%25A1%258C%25E6%2594%25BF%252C%25E7%25B8%25BD%25E8%25A3%2581%252C%25E5%2585%25AC%25E5%258F%25B8%252C%25E9%259B%2586%25E5%259C%2598%252C%25E8%25B3%2587%25E7%2594%25A2%252C%25E6%2583%2585%25E7%25B7%2592%252C%25E9%25A0%2585%25E7%259B%25AE%252C%25E4%25BC%2581%25E6%25A5%25AD%26inskin_yes%3Dtrue%26show_skyscraper%3Dfalse%26visitor_key%3DBeforeLogin%26section%3D%25E5%258D%25B3%25E5%25B8%2582%25E8%25B2%25A1%25E7%25B6%2593%252CHot%2520Talk%26formal_tag%3D%25E6%258A%2595%25E8%25B3%2587%252C%25E6%258A%2595%25E8%25B3%2587%25E7%2594%25A2%25E5%2593%2581%252C%25E8%2599%259B%25E6%2593%25AC%25E8%25B2%25A8%25E5%25B9%25A3%252C%25E8%2582%25A1%25E7%25A5%25A8%252C%25E7%25BE%258E%25E8%2582%25A1%252C%25E8%2581%25B7%25E5%25A0%25B4%252C%25E8%25A1%258C%25E6%2594%25BF%25E7%25AE%25A1%25E7%2590%2586%252C%25E8%25A3%2581%25E5%2593%25A1%252C%25E5%25AF%25A6%25E9%25AB%2594%25E8%25A9%259E%252C%25E5%25A4%2596%25E6%25BB%2599%25E8%25B2%25A8%25E5%25B9%25A3%252C%25E7%25BE%258E%25E5%2585%2583%26district%3D&sc=1&cookie_enabled=1&abxe=1&dt=1674020377356&lmt=1674020377&dlt=1674020373523&idt=1888&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%3Fr%3Dcpsdlc&frm=20&vis=1&psz=0x20&msz=0x0&fws=128&ohw=0&ga_vid=383476091.1674020377&ga_sid=1674020377&ga_hid=841911941&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
31f156db29bc341d3ac71ffb27acc694482e3246d062b6ee74782b2a0514c519
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:37 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
382
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://inews.hket.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
168365d0bb98b9bddebae0e9ba4cfb3bbfb42d387cc452a4899ff01a47b0e868
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11057
x-xss-protection
0
container.html
08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 167C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://inews.hket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Jan 2023 05:39:37 GMT
expires
Thu, 18 Jan 2024 05:39:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sdk.js
connect.facebook.net/zh_HK/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_HK/sdk.js?hash=443160bd3a02ab2c5b66f6fba3dac85e
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
600e39b64933dc44a03fab891f3979d6058caa1de3b00bc4fdc121aa9e2737e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://inews.hket.com/
Origin
https://inews.hket.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 18 Jan 2023 05:39:37 GMT
content-md5
A1C+DojqfgKB/gptB8xuzQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88589
x-fb-rlafr
0
x-fb-debug
pkukpuxfXDou1koGDbgmlEzl7OGf8WQP3PJb07Ok7kywK5YhEvlbZ5a70RHGT7ymeRLMTCuPHnasY4sHwtOVWA==
x-fb-content-md5
5c93e66098c2d76a3c8b0c1643f8915a
cross-origin-opener-policy
same-origin-allow-popups
etag
"54f9b0998f075e29d5516610e456dcbb"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Wed, 17 Jan 2024 22:14:15 GMT
like.php
www.facebook.com/v2.8/plugins/ Frame 55D2 		45 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12ca0aa62ca5cc%26domain%3Dinews.hket.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Finews.hket.com%252Ff21b31c8374222%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%2F%25E3%2580%2590%25E5%258A%25A0%25E5%25AF%2586%25E8%25B2%25A8%25E5%25B9%25A3%25E3%2580%2591Coinbase%25E6%2593%25AC%25E5%2586%258D%25E8%25A3%2581%25E5%2593%25A1%25E5%2585%25A9%25E6%2588%2590%25E3%2580%2580%25E6%25B6%2589%25E7%25B4%2584950%25E4%25BA%25BA&layout=button_count&locale=zh_HK&sdk=joey&share=false&show_faces=false&width=90
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/sdk.js?hash=443160bd3a02ab2c5b66f6fba3dac85e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f222874d6d14a9cbf8adc5b1cd25424f0e41ef61e7dbfd2e060aa42c1486fd39
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://inews.hket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Wed, 18 Jan 2023 05:39:37 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v9.0
origin-agent-cluster
?0
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
uDacmS5uPFWAFx09pX+BZPFHmiwe4ALg2uzDr2JmlHlV4QB7jDEeWEJoGRitV7TclEwhgFURxYneA0C+odpI4A==
x-fb-rlafr
0
x-xss-protection
0
like.php
www.facebook.com/v2.8/plugins/ Frame 5E81 		35 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13b93c92a67f84%26domain%3Dinews.hket.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Finews.hket.com%252Ff21b31c8374222%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fhketpage&layout=button_count&locale=zh_HK&sdk=joey&share=false&show_faces=false&width=90
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/sdk.js?hash=443160bd3a02ab2c5b66f6fba3dac85e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
44ce63bfabae9c230c65b20616e6884c681e5c526eb9d60bac1acdc43f3e8160
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://inews.hket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Wed, 18 Jan 2023 05:39:37 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v9.0
origin-agent-cluster
?0
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
gq/WRFeRqHVJe/456/DbNu0cYApA5dJ2lhPeVXS47dDJos+7HZ2vMIjc4NjYZRKA/PXwE7DzDmebx9e2w6QfjQ==
x-fb-rlafr
0
x-xss-protection
0
hotjar-834550.js
static.hotjar.com/c/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-834550.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5N6M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.23.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-23-90.bog50.r.cloudfront.net
Software
/
Resource Hash
b17be775bd4f9ab557ee65d7d9871607bde1fb2f57bef0934e5b2c68ea705f1a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:35 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 afa872536bf18addc6b9bc49f0000210.cloudfront.net (CloudFront)
x-amz-cf-pop
BOG50-P1
age
3
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/3592cdf490ef7fe89148f850088f7c7f
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
x-amz-cf-id
D94LG_z1NP47zoWEa_IQtc96TQE82Ymm1naWSH5SOQFqbuC9bn7ODA==
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 18 Jan 2023 05:39:37 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27815
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
DfHoNKrbaYZZd5ryRAukReYvBj8NwpLrIO79nPVmdtOCce/j9aNQv5lzAw9uBhovKSJVmpHGKqhF/xsucidWHg==
x-fb-trip-id
2050670934
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
b
sb.scorecardresearch.com/ 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=17708049&ns__t=1674020377472&ns_c=UTF-8&c8=%E3%80%90%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E3%80%91Coinbase%E6%93%AC%E5%86%8D%E8%A3%81%E5%93%A1%E5%85%A9%E6%88%90%E3%80%80%E6%B6%89%E7%B4%84950%E4%BA%BA%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20-%20%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E%E9%A0%BB%E9%81%93%20-%20%E5%8D%B3%E5%B8%82%E8%B2%A1%E7%B6%93%20-%20Hot%20Talk%20-%20D230110&c7=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%3Fr%3Dcpsdlc&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:37 GMT
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
EpGBHC0jwaf2IbmJeIq9SJ85H5YZS3fUrS4P8yZCei63BIPwV258AA==
x-cache
Miss from cloudfront
id.do
viselb01.hket.com/ajax/get/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://viselb01.hket.com/ajax/get/id.do
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-114.vie50.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin
Access-Control-Request-Method
POST
Origin
https://inews.hket.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization, Access-Control-Allow-Origin, aisid
access-control-allow-methods
OPTIONS,POST,GET
access-control-allow-origin
https://inews.hket.com
content-length
0
content-type
application/json
date
Wed, 18 Jan 2023 05:39:38 GMT
via
1.1 7c17b3af9cda4d5f0ff45961b7be9fdc.cloudfront.net (CloudFront)
x-amz-apigw-id
e7HkHFg8HUYFgkA=
x-amz-cf-id
U5PA0RpJb4VribWzol-PY5AC4BLbcwWgrxWekBjaZpH7yMbl7xl-zQ==
x-amz-cf-pop
VIE50-C1
x-amzn-requestid
4faf94a9-7557-41eb-815f-1b5d618e6778
x-amzn-trace-id
Root=1-63c7861a-1250729d7a573e054734cfe3;Sampled=0
x-cache
Miss from cloudfront
destination
www.googletagmanager.com/gtag/ 		192 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-FW085S0G3K&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5N6M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
047a6e554be18f88c8362e0aa1524b9adcd6c24a1e1c8a0d665c343c8f66b5fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69596
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 18 Jan 2023 05:39:37 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5N6M
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 18 Jan 2023 04:21:53 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
4664
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 18 Jan 2023 06:21:53 GMT
SaveControl
plus.hket.com/anonymous_identity/ 		0
0
id.do
viselb01.hket.com/ajax/get/ 		36 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://viselb01.hket.com/ajax/get/id.do
Requested by
Host: static01-proxy.hket.com
URL: https://static01-proxy.hket.com/res/v3/dist/common/js/common-75028ca265.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.240.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-240-114.vie50.r.cloudfront.net
Software
/
Resource Hash
fd2470950d6eeb8e50c84405c3cc2597dadebabe7c2019ec572fc651beb42aa3

Request headers

Access-Control-Allow-Origin
https://viselb01.hket.com/ajax/get/id.do
Accept
text/html, */*; q=0.01
Referer
https://inews.hket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:38 GMT
via
1.1 c2756f406c0dc2bb176f6e2181d7607e.cloudfront.net (CloudFront)
origin
https://inews.hket.com
x-amz-cf-pop
VIE50-C1
x-amzn-requestid
48979a2f-bceb-4bcb-8f66-252fdb10e450
x-amzn-trace-id
Root=1-63c7861a-47b0b8fe7207908a347aa5e2;Sampled=0
access-control-allow-methods
OPTIONS,POST,GET
content-type
text/html
access-control-allow-origin
https://inews.hket.com
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-amz-apigw-id
e7HkNGHzHUYFgcg=
content-length
36
x-amz-cf-id
RN_QzZ75pCfambLu_QmKornJFwCSO-rRuiuExSCdgxedUruOFQfJ-g==
access-control-allow-headers
*
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 05:39:37 GMT
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/17708049/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
359 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
143.204.215.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-7.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:25:08 GMT
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
last-modified
Mon, 01 Mar 2021 20:42:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
870
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
0
x-amz-cf-id
E1vhmwNgScM52LzK4fKy_ZBTJX80Y9fHcndnxOCLxPx1KJolbvN_tw==

Redirect headers

location
/internal-c2/default/cs.js
date
Wed, 18 Jan 2023 05:39:37 GMT
via
1.1 f960fa0538fdb326fc338e984fa7ece8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
content-length
0
x-amz-cf-id
ji6AAUzwO647BlusbIsp9Ul1K1T2fGL5tKD36ddiawfPmX0vMdrchg==
x-cache
Miss from cloudfront
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 5E81 		299 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13b93c92a67f84%26domain%3Dinews.hket.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Finews.hket.com%252Ff21b31c8374222%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fhketpage&layout=button_count&locale=zh_HK&sdk=joey&share=false&show_faces=false&width=90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:37 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
299
x-fb-rlafr
0
x-fb-debug
C7b01MRnIOsNZZ61FKamVEiyd7xZbwjlCl6QOI44UMiLzb2W3xD0namhQBBz9Rs3WyJSJWDz0Me8nBhaHGLNOg==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 08 Jan 2024 07:02:53 GMT
hHysURDxI9X.js
static.xx.fbcdn.net/rsrc.php/v3ioTW4/yi/l/zh_HK/ Frame 5E81 		525 KB
135 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ioTW4/yi/l/zh_HK/hHysURDxI9X.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df13b93c92a67f84%26domain%3Dinews.hket.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Finews.hket.com%252Ff21b31c8374222%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fwww.facebook.com%2Fhketpage&layout=button_count&locale=zh_HK&sdk=joey&share=false&show_faces=false&width=90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e8547d8c362cb1ff8e66f2aa33fe6797fafdda2fece2a8f63db602dd0525af9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
W1tfOGJI6+IBjXph/yvJHw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
138187
x-fb-rlafr
0
x-fb-debug
TXuaJp+CTk1Ly9S+kbxypzJBOSn8tpAnQtVQxmW80PKKlVpLN6qp3F2u/Gy4P1Doh2Z/ZsLTpNLpYASKTvUHnw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 13 Jan 2024 02:35:43 GMT
1239415992893153
connect.facebook.net/signals/config/ 		376 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1239415992893153?v=2.9.92&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c98cf17b8ba96caea0ac708c699d34a4d0de7d9ae8f434d69b04eb4e754eebd0
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 18 Jan 2023 05:39:37 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
V4WYrtlgg8FOqEppT7pT8+51uymIqgDFTgX/POmCfFA7F6nE/cL16R2kv1ET0AozDFtv7O9jWK8zC1G+HQQYrw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1A4B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://inews.hket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
24413
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Jan 2023 22:52:44 GMT
expires
Wed, 17 Jan 2024 22:52:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame EDBD 		783 B
960 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bed71600978f9e4ab1348d53a31cafab200245dd08441eb2a553ad8b4d5992c5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-_1jA2kQVkdYgr3THULCe1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://inews.hket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-_1jA2kQVkdYgr3THULCe1A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 18 Jan 2023 05:39:37 GMT
expires
Wed, 18 Jan 2023 05:39:37 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
region1.google-analytics.com/g/ 		0
346 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-FW085S0G3K&gtm=2oe1a1&_p=841911941&cid=383476091.1674020377&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dl=inews.hket.com%2Farticle%2F3438925%3Fr%3Dcpsdlc&sid=1674020377&sct=1&seg=0&dt=%E3%80%90%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E3%80%91Coinbase%E6%93%AC%E5%86%8D%E8%A3%81%E5%93%A1%E5%85%A9%E6%88%90%E3%80%80%E6%B6%89%E7%B4%84950%E4%BA%BA%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20-%20%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E%E9%A0%BB%E9%81%93%20-%20%E5%8D%B3%E5%B8%82%E8%B2%A1%E7%B6%93%20-%20Hot%20Talk%20-%20D230110&uid=&en=page_view&_fv=1&_ss=1&ep.formal_tags=%E8%99%9B%E6%93%AC%E8%B2%A8%E5%B9%A3%7C%E7%BE%8E%E8%82%A1%7C%E8%A3%81%E5%93%A1%7C%E7%BE%8E%E5%85%83&ep.plus_id=&ep.page_param=r%3Dcpsdlc&ep.page_domain=inews.hket.com&ep.aisid=&ep.tracking_user_id=
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-FW085S0G3K&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:37 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://inews.hket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
144 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=841911941&t=pageview&_s=1&dl=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%3Fr%3Dcpsdlc&dp=%2Farticle%2F3438925%3Fr%3Dcpsdlc&ul=en-us&de=UTF-8&dt=%E3%80%90%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E3%80%91Coinbase%E6%93%AC%E5%86%8D%E8%A3%81%E5%93%A1%E5%85%A9%E6%88%90%E3%80%80%E6%B6%89%E7%B4%84950%E4%BA%BA%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20-%20%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E%E9%A0%BB%E9%81%93%20-%20%E5%8D%B3%E5%B8%82%E8%B2%A1%E7%B6%93%20-%20Hot%20Talk%20-%20D230110&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACACI~&jid=88919420&gjid=1996908038&cid=383476091.1674020377&tid=UA-5159780-1&_gid=2146965406.1674020378&_r=1&gtm=2wg1a1WX5N6M&cd1=Anonymous&cd2=No%20record&cd3=No%20record&cd4=No%20record&cd5=unknown&cd7=1600x1200&z=1146907934
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://inews.hket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://inews.hket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=841911941&t=pageview&_s=1&dl=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%3Fr%3Dcpsdlc&dp=%2Farticle%2F3438925%3Fr%3Dcpsdlc&ul=en-us&de=UTF-8&dt=%E3%80%90%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E3%80%91Coinbase%E6%93%AC%E5%86%8D%E8%A3%81%E5%93%A1%E5%85%A9%E6%88%90%E3%80%80%E6%B6%89%E7%B4%84950%E4%BA%BA%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20-%20%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E%E9%A0%BB%E9%81%93%20-%20%E5%8D%B3%E5%B8%82%E8%B2%A1%E7%B6%93%20-%20Hot%20Talk%20-%20D230110&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACACI~&jid=2059462083&gjid=910011956&cid=383476091.1674020377&tid=UA-5159780-34&_gid=2146965406.1674020378&_r=1&gtm=2wg1a1WX5N6M&cd1=Anonymous&cd2=No%20record&cd3=No%20record&cd4=No%20record&cd5=unknown&z=1297222018
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://inews.hket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://inews.hket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=841911941&t=event&ni=0&_s=1&dl=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%3Fr%3Dcpsdlc&ul=en-us&de=UTF-8&dt=%E3%80%90%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E3%80%91Coinbase%E6%93%AC%E5%86%8D%E8%A3%81%E5%93%A1%E5%85%A9%E6%88%90%E3%80%80%E6%B6%89%E7%B4%84950%E4%BA%BA%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20-%20%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E%E9%A0%BB%E9%81%93%20-%20%E5%8D%B3%E5%B8%82%E8%B2%A1%E7%B6%93%20-%20Hot%20Talk%20-%20D230110&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Infinite%20Scroll%20-%20Article&ea=Expanded%20article&el=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%3Fr%3Dcpsdlc&_u=YADAAEABAAAAACACI~&jid=&gjid=&cid=383476091.1674020377&tid=UA-5159780-1&_gid=2146965406.1674020378&gtm=2wg1a1WX5N6M&z=28070498
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Jan 2023 18:07:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
41526
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=841911941&t=event&ni=0&_s=1&dl=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%3Fr%3Dcpsdlc&dp=%2Farticle%2F3438925%3Fr%3Dcpsdlc&ul=en-us&de=UTF-8&dt=%E3%80%90%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E3%80%91Coinbase%E6%93%AC%E5%86%8D%E8%A3%81%E5%93%A1%E5%85%A9%E6%88%90%E3%80%80%E6%B6%89%E7%B4%84950%E4%BA%BA%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20-%20%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E%E9%A0%BB%E9%81%93%20-%20%E5%8D%B3%E5%B8%82%E8%B2%A1%E7%B6%93%20-%20Hot%20Talk%20-%20D230110&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Farticle%2F3438925%3Fr%3Dcpsdlc&el=10%25&_u=YADAAEABAAAAACACI~&jid=&gjid=&cid=383476091.1674020377&tid=UA-5159780-1&_gid=2146965406.1674020378&gtm=2wg1a1WX5N6M&z=1538624430
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Jan 2023 18:07:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
41526
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=841911941&t=event&ni=0&_s=1&dl=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%3Fr%3Dcpsdlc&dp=%2Farticle%2F3438925%3Fr%3Dcpsdlc&ul=en-us&de=UTF-8&dt=%E3%80%90%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E3%80%91Coinbase%E6%93%AC%E5%86%8D%E8%A3%81%E5%93%A1%E5%85%A9%E6%88%90%E3%80%80%E6%B6%89%E7%B4%84950%E4%BA%BA%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20-%20%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E%E9%A0%BB%E9%81%93%20-%20%E5%8D%B3%E5%B8%82%E8%B2%A1%E7%B6%93%20-%20Hot%20Talk%20-%20D230110&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Farticle%2F3438925%3Fr%3Dcpsdlc&el=20%25&_u=YADAAEABAAAAACACI~&jid=&gjid=&cid=383476091.1674020377&tid=UA-5159780-1&_gid=2146965406.1674020378&gtm=2wg1a1WX5N6M&z=1575038868
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Jan 2023 18:07:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
41526
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=841911941&t=event&ni=0&_s=1&dl=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%3Fr%3Dcpsdlc&dp=%2Farticle%2F3438925%3Fr%3Dcpsdlc&ul=en-us&de=UTF-8&dt=%E3%80%90%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E3%80%91Coinbase%E6%93%AC%E5%86%8D%E8%A3%81%E5%93%A1%E5%85%A9%E6%88%90%E3%80%80%E6%B6%89%E7%B4%84950%E4%BA%BA%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20-%20%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E%E9%A0%BB%E9%81%93%20-%20%E5%8D%B3%E5%B8%82%E8%B2%A1%E7%B6%93%20-%20Hot%20Talk%20-%20D230110&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Farticle%2F3438925%3Fr%3Dcpsdlc&el=30%25&_u=YADAAEABAAAAACACI~&jid=&gjid=&cid=383476091.1674020377&tid=UA-5159780-1&_gid=2146965406.1674020378&gtm=2wg1a1WX5N6M&z=1992937917
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Jan 2023 18:07:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
41526
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=841911941&t=event&ni=0&_s=1&dl=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%3Fr%3Dcpsdlc&dp=%2Farticle%2F3438925%3Fr%3Dcpsdlc&ul=en-us&de=UTF-8&dt=%E3%80%90%E5%8A%A0%E5%AF%86%E8%B2%A8%E5%B9%A3%E3%80%91Coinbase%E6%93%AC%E5%86%8D%E8%A3%81%E5%93%A1%E5%85%A9%E6%88%90%E3%80%80%E6%B6%89%E7%B4%84950%E4%BA%BA%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20-%20%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E%E9%A0%BB%E9%81%93%20-%20%E5%8D%B3%E5%B8%82%E8%B2%A1%E7%B6%93%20-%20Hot%20Talk%20-%20D230110&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2Farticle%2F3438925%3Fr%3Dcpsdlc&el=40%25&_u=YADAAEABAAAAACACI~&jid=&gjid=&cid=383476091.1674020377&tid=UA-5159780-1&_gid=2146965406.1674020378&gtm=2wg1a1WX5N6M&z=411252723
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 17 Jan 2023 18:07:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
41526
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame EDBD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023011001&jk=2512665111444734&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
pagead2.googlesyndication.com/bg/ Frame 1A4B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 17:00:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45550
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16095
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Jan 2024 17:00:27 GMT
1834290790049148
connect.facebook.net/signals/config/ 		376 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1834290790049148?v=2.9.92&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9815c8482429960d87a5462c9a314f5b90f2e61a863bf0c0acacdad98ba29419
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 18 Jan 2023 05:39:37 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
1EL9bjKdsVTGcB0kSutz0nbs4amOpzPXc918fEI6MOquvjSrD5yLxVV/Zwb5dlp8Wdi/g7NlIYaUc3G+lEohZg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1239415992893153&ev=PageView&dl=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%3Fr%3Dcpsdlc&rl=&if=false&ts=1674020377684&sw=1600&sh=1200&v=2.9.92&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1674020377683.1218425194&it=1674020377567&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 18 Jan 2023 05:39:37 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
stats.g.doubleclick.net/j/ 		1 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-5159780-1&cid=383476091.1674020377&jid=88919420&gjid=1996908038&_gid=2146965406.1674020378&_u=YADAAEAAAAAAACACI~&z=1315874936
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://inews.hket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 18 Jan 2023 05:39:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://inews.hket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-5159780-34&cid=383476091.1674020377&jid=2059462083&gjid=910011956&_gid=2146965406.1674020378&_u=YADAAEABAAAAACACI~&z=368321714
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://inews.hket.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 18 Jan 2023 05:39:37 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://inews.hket.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 55D2 		299 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12ca0aa62ca5cc%26domain%3Dinews.hket.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Finews.hket.com%252Ff21b31c8374222%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%2F%25E3%2580%2590%25E5%258A%25A0%25E5%25AF%2586%25E8%25B2%25A8%25E5%25B9%25A3%25E3%2580%2591Coinbase%25E6%2593%25AC%25E5%2586%258D%25E8%25A3%2581%25E5%2593%25A1%25E5%2585%25A9%25E6%2588%2590%25E3%2580%2580%25E6%25B6%2589%25E7%25B4%2584950%25E4%25BA%25BA&layout=button_count&locale=zh_HK&sdk=joey&share=false&show_faces=false&width=90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:37 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
299
x-fb-rlafr
0
x-fb-debug
C7b01MRnIOsNZZ61FKamVEiyd7xZbwjlCl6QOI44UMiLzb2W3xD0namhQBBz9Rs3WyJSJWDz0Me8nBhaHGLNOg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Mon, 08 Jan 2024 07:02:53 GMT
hHysURDxI9X.js
static.xx.fbcdn.net/rsrc.php/v3ioTW4/yi/l/zh_HK/ Frame 55D2 		525 KB
135 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ioTW4/yi/l/zh_HK/hHysURDxI9X.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.8/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df12ca0aa62ca5cc%26domain%3Dinews.hket.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Finews.hket.com%252Ff21b31c8374222%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%2F%25E3%2580%2590%25E5%258A%25A0%25E5%25AF%2586%25E8%25B2%25A8%25E5%25B9%25A3%25E3%2580%2591Coinbase%25E6%2593%25AC%25E5%2586%258D%25E8%25A3%2581%25E5%2593%25A1%25E5%2585%25A9%25E6%2588%2590%25E3%2580%2580%25E6%25B6%2589%25E7%25B4%2584950%25E4%25BA%25BA&layout=button_count&locale=zh_HK&sdk=joey&share=false&show_faces=false&width=90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e8547d8c362cb1ff8e66f2aa33fe6797fafdda2fece2a8f63db602dd0525af9e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:37 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
W1tfOGJI6+IBjXph/yvJHw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
138187
x-fb-rlafr
0
x-fb-debug
TXuaJp+CTk1Ly9S+kbxypzJBOSn8tpAnQtVQxmW80PKKlVpLN6qp3F2u/Gy4P1Doh2Z/ZsLTpNLpYASKTvUHnw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Sat, 13 Jan 2024 02:35:43 GMT
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1834290790049148&ev=PageView&dl=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%3Fr%3Dcpsdlc&rl=&if=false&ts=1674020377777&sw=1600&sh=1200&v=2.9.92&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1674020377683.1218425194&it=1674020377567&coo=false&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 18 Jan 2023 05:39:37 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=inews.hket.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=inews.hket.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		397 KB
78 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2512665111444734&correlator=1423102773688668&output=ldjh&gdfp_req=1&vrg=2023011001&ptt=17&impl=fifs&iu_parts=183518426%2CHKET2_WebRP_iNewsDetail_LightboxFlip%2Chket2_WebRP_InewsDetail_Fixed01%2Chket2_WebRP_InewsDetail_Fixed03%2Chket2_WebRP_InewsDetail_Fixed04%2Chket2_WebRP_InewsDetail_Fixed05%2Chket2_WebRP_InewsDetail_MobileInArticle%2Chket2_WebRP_InewsDetail_Special%2CHKET2_WebRP_iNews_Splash%2CHKET2_WebRP_iNewsDetail_Native01%2CHKET2_WebRP_iNewsDetail_Native02%2CHKET2_WebRP_iNewsDetail_Native03%2CHKET2_WebRP_iNewsDetail_Lightbox&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2C%2F0%2F12&prev_iu_szs=300x250%2C1x1%7C728x90%7C970x90%7C970x160%7C970x250%7C990x200%7C1320x160%7C1320x250%2C300x250%7C300x600%2C300x250%7C300x600%2C728x90%2C728x90%2C1x1%2C1x1%2C320x50%7C1x1%2C320x50%7C1x1%2C320x50%7C1x1%2C320x50%7C320x100%7C728x90&fluid=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2Cheight%2Cheight%2Cheight%2C0&ifi=2&adks=3922122517%2C3110530066%2C2412761339%2C2331083568%2C3304711085%2C880595465%2C754225060%2C2819305019%2C4026233355%2C1573333421%2C175545058%2C4286905472&didk=2899444577~2709969705~2709969707~2709969706~2709969701~1113243039~4194824220~1543559186~440426657~440426662~440426663~248489146&sfv=1-0-40&ists=16&eri=1&cust_params=article_id%3D3438925%26section_id%3D008010006%26adhoc_tag%3D%25E7%25BE%258E%25E8%2582%25A1%25E7%2584%25A6%25E9%25BB%259E%26contenttag_id%3D11691%252C2159%252C1128%252C26%26stock_id%3D%26keyword%3D%25E5%2593%25A1%25E5%25B7%25A5%252C%25E5%25B9%25B3%25E5%258F%25B0%252C%25E8%25B2%25A8%25E5%25B9%25A3%252C%25E5%25B8%2582%25E5%25A0%25B4%252C%25E8%25A8%2588%25E5%258A%2583%252C%25E7%25BE%258E%25E8%2582%25A1%252C%25E6%25A5%25AD%25E7%2595%258C%252C%25E8%25A1%258C%25E6%25A5%25AD%252C%25E7%2594%25A8%25E6%2588%25B6%252C%25E5%25AD%25A3%25E5%25BA%25A6%252C%25E4%25BA%25A4%25E6%2598%2593%252C%25E8%25B2%25BB%25E7%2594%25A8%252C%25E9%2596%258B%25E6%2594%25AF%252C%25E5%25AE%2589%25E6%259F%258F%252C%25E9%2587%2591%25E8%259E%258D%252C%25E9%259B%25B7%25E5%25BF%2597%25E6%25B5%25B7%252C%25E7%25B6%2593%25E6%25BF%259F%252C%25E6%2596%25B0%25E8%2581%259E%252C%25E7%2584%25A6%25E9%25BB%259E%252C%25E8%25B2%25A1%25E6%2599%25BA%252C%25E7%25BE%258E%25E5%259C%258B%252C%25E6%2581%25AF%25E5%258F%25A3%252C%25E8%25A1%258C%25E6%2594%25BF%252C%25E7%25B8%25BD%25E8%25A3%2581%252C%25E5%2585%25AC%25E5%258F%25B8%252C%25E9%259B%2586%25E5%259C%2598%252C%25E8%25B3%2587%25E7%2594%25A2%252C%25E6%2583%2585%25E7%25B7%2592%252C%25E9%25A0%2585%25E7%259B%25AE%252C%25E4%25BC%2581%25E6%25A5%25AD%26inskin_yes%3Dtrue%26show_skyscraper%3Dfalse%26visitor_key%3DBeforeLogin%26section%3D%25E5%258D%25B3%25E5%25B8%2582%25E8%25B2%25A1%25E7%25B6%2593%252CHot%2520Talk%26formal_tag%3D%25E6%258A%2595%25E8%25B3%2587%252C%25E6%258A%2595%25E8%25B3%2587%25E7%2594%25A2%25E5%2593%2581%252C%25E8%2599%259B%25E6%2593%25AC%25E8%25B2%25A8%25E5%25B9%25A3%252C%25E8%2582%25A1%25E7%25A5%25A8%252C%25E7%25BE%258E%25E8%2582%25A1%252C%25E8%2581%25B7%25E5%25A0%25B4%252C%25E8%25A1%258C%25E6%2594%25BF%25E7%25AE%25A1%25E7%2590%2586%252C%25E8%25A3%2581%25E5%2593%25A1%252C%25E5%25AF%25A6%25E9%25AB%2594%25E8%25A9%259E%252C%25E5%25A4%2596%25E6%25BB%2599%25E8%25B2%25A8%25E5%25B9%25A3%252C%25E7%25BE%258E%25E5%2585%2583%26district%3D&sc=1&cookie=ID%3D3e60d30139bf569d%3AT%3D1674020377%3AS%3DALNI_Mbp2zYSQ5IdlTAKieBSTQb7F8Of7A&gpic=UID%3D00000ba4a3d57d02%3AT%3D1674020377%3ART%3D1674020377%3AS%3DALNI_Ma7GyIoHEMBuOx2sQizeZxrOzLgNg&abxe=1&dt=1674020377940&lmt=1674020377&dlt=1674020373523&idt=1888&adxs=-9%2C436%2C1160%2C-9%2C436%2C274%2C125%2C125%2C140%2C140%2C140%2C-12245933&adys=-9%2C60%2C194%2C-9%2C2692%2C1324%2C55%2C209%2C2400%2C2400%2C2400%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C0%7C-1%7C1%7C2%7C0%7C0%7C3%7C4%7C5%7C-1&ucis=2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%3Fr%3Dcpsdlc&frm=20&vis=1&psz=0x-1%7C1320x0%7C300x817%7C0x-1%7C1320x2482%7C965x1375%7C1320x0%7C1350x2497%7C965x2158%7C965x2158%7C965x2158%7C0x-1&msz=0x-1%7C728x44%7C300x15%7C0x-1%7C728x15%7C995x15%7C0x15%7C0x1%7C0x0%7C0x0%7C0x0%7C0x-1&fws=2%2C128%2C132%2C2%2C132%2C4%2C128%2C132%2C132%2C132%2C132%2C640&ohw=0%2C0%2C1350%2C0%2C1350%2C965%2C0%2C1350%2C965%2C965%2C965%2C0&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1&ga_vid=383476091.1674020377&ga_sid=1674020377&ga_hid=841911941&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7560d43acee2597d64340cb009a174d404e1b500cd50c78b8494f4703748c582
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:38 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
79627
x-xss-protection
0
google-lineitem-id
6193976635,-1,-1,-1,6180399514,-1,5939062297,-2,5905573403,-2,5697054628,-1
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138418673180,-1,-1,-1,138416473611,-1,138383278038,-2,138399349364,-2,138350040111,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://inews.hket.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 3D7D 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://inews.hket.com
Referer
https://inews.hket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://inews.hket.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 18 Jan 2023 05:39:38 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.facebook.com/tr/ Frame 2785 		0
15 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://inews.hket.com
Referer
https://inews.hket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://inews.hket.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 18 Jan 2023 05:39:38 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023011001&jk=2512665111444734&bg=!AQKlAkbNAAYDMoyoIzI7ACkAdvg8WpuBj5w8JRGTecfsBGHx61Q9XR2_tw5HparZwJLL0ZF7S1CFbgIAAAB7UgAAAAdoAQcKAKAnYy01s-Gb265R4kP0Gzzdolr6gUg3ZBjfUV8EIQC13FGFRHuhvlq5U2d9p4HPIr8LQOMWihUBnyYPC2kYQOKJvWNRpeYjVyQHQ_G4oYtsiouZqFFo1yqxS47CJo1_k2Sxx7xGgDcc59juJUH3GnDcCqvap3BDmeHK8OJkaSuYnpaUxD5G3IxINELxJ5Fun1TSTGVlOGJHfrrFTAhFu5QImQLt8X2v_blNHxV8v-EoWU5_lDp0ARtYoc-2G7UhJ45JxgO_Ldx04TRnH_OhVe_EpxHn56zduE85D8maoGCUCggPOxI4V9wp7Tb9LkpZzONYJLtLaSeNS84Vh7fm7Gh49tJmT_UuQ7WD6Sundb4bNXsfLxj9Dz7Kg6tcX2AMiABlsrCfS-VPZ_1jNCXTOR7SdBEMDmDPDey6l1vTAJdf-Ur2V4iKLa_vH4IB88cDLYtKUTYw0uerq8RzzOvPX1bB6pUV5IPvzVDYCBrYm5QNkyWPB7bkZgafGHawkMXAnmDm29vN5Ysq0UpEOv9X4CTRbhqLNngMT2S2kWuFHsNcLkNl7EUpREcN3UwPMdVc6X7tbfeDVFZbdUDVIUHpRyLqYutGKO-Lwx5z0iapX1ckTTpPsvTvfVjtHsErpykoDuSfs6nZ93N42fAVa--YU9rnLtyEgF4mBKXGr9jtxqC5_mLvXxHpYXuAYPhopBINIIBJvSVLroKvP8lZ_zmnXGTesBGDBiKRtXEDN37oTgNa-K6YUVRxuCyFvDQUh0JCO8uuxM2iMfEtIZzyi_pvRsMp4l_RMl7cWhu19C3fSN_mckZfaTc33t7R7F4mKYQI3bT13o5bOskBeWFEUfGVY5FLZaGedUn696_l3b4KVje5XIyrm_W3QleE48QDADMGh0j6pYSFTYJLlSLnSqt60st73Mu2m5Nn03hY1MkVMyBHkKI_hrXQvpHAQdQAoLxM7YnBrQpRq0quQRAiVrrS7WUEw-lwI012RsmRz0sMzcQEWpgynyjrO_mOz22FYHOQ6c21mBl3dafiFtpfMYNNm3ARAJCIReObIy-229sBAVgU969t58TAoIEM3eeVMVFd_4IKh95fpmFT_eba5oyl41ffBokKKYj57Oke57Seb8cfMHmjxpIs_YbaHTQujqpnkeSsoGKv2B9VGHgrXLlGonXnbFZMhrSgPxmKo0s3FjSwcjeyAmYm-VfO0y8URMZSF3Y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
modules.5bc662be9faceb9038da.js
script.hotjar.com/ 		265 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.5bc662be9faceb9038da.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-834550.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-13.fra56.r.cloudfront.net
Software
/
Resource Hash
c88797fe877f620ae2963c981693d3f3f5ce6aed03f79bc13f05f3f21b0249f7
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 10:32:05 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 4360596ad590d8363ce70eb7bf282e42.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3
age
68853
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
68986
last-modified
Tue, 17 Jan 2023 10:31:25 GMT
etag
"80bbbdc2c462ad6e55b13b4def9dd8de"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
mtkD5mxOaZxHFM9xyU3jtj21mm10FqNQAWqtYZrgtZGdFHVxUHdrEw==
box-5e66f98b4ee957db209dc6f63e3d59dd.html
vars.hotjar.com/ Frame 14C6 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-5e66f98b4ee957db209dc6f63e3d59dd.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-834550.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-65.fra53.r.cloudfront.net
Software
/
Resource Hash
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://inews.hket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3977856
cache-control
max-age=31536000
content-encoding
br
content-length
1035
content-type
text/html
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 03 Dec 2022 04:42:02 GMT
etag
"e0652b84b7b3b650769c759fc520c3f8"
last-modified
Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security
max-age=2592000; includeSubDomains
vary
Accept-Encoding
via
1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
x-amz-cf-id
1AgpzeDpZpaqnq5NOlxyUx1ONjMkY5EG7az_BKdluGkX5naiQrR3iQ==
x-amz-cf-pop
FRA53-C1
x-cache
Hit from cloudfront
x-robots-tag
none
container.html
08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3778 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://inews.hket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Jan 2023 05:39:37 GMT
expires
Thu, 18 Jan 2024 05:39:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 06A2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss3pfMT4ZeDUCMe0EQezX0_jeAYlwFrs72j_YRPZ6wj2Hqy4pliSGAEgxEdwwvESB0rXUO7D2PJZuR-vw8u0g9dblIM87z1fE1w-UaH8JgoWPIXZm_tJfDjXl3qYxHWqvLoS2BCtJ3WA_GxFtcHEIlov_8vyJltVNW-raxpwmgiQk_QihN9SMFmQSOrrTRT69jq-EbRaqwhULkWR5CIRh9PP7lmuH_n3SA-amSWhEBeKoSuxgCj5K6S6Z5YJRU4CB1ZiS2r4cWtR0W7yMJvlaTVQr4N7GPyula1X87cvjMRLK_3tT5KyiDmdAPpO0wo4v5kJ_oUsvsqznEAkB32k-ZdXFOA7a32&sai=AMfl-YTHH4zGcJPDUzQQFzsww5WMW3kNu5zSCdeqMJvWc17Zztnpm6YzrB7w5C5TBzInmCY5h_8OT2K02mByCu5LtuUxTY72onm_Hrx1f-gHNeQEEQ_uAuedU2WCscn9qDTM&sig=Cg0ArKJSzEjpUm_vTY_aEAE&uach_m=[UACH]&adurl=
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/ Frame 06A2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 20:11:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
34092
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Jan 2023 20:11:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 06A2 		157 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49309
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1673441803913192"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 05:39:38 GMT
17681178244832635361
tpc.googlesyndication.com/simgad/ Frame 06A2 		56 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17681178244832635361
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a92688eb1a244a52a91bee325394d97216716299f7a60ac8d9be2e40ddc5854b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 17:18:49 GMT
x-content-type-options
nosniff
age
44449
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57405
x-xss-protection
0
last-modified
Wed, 14 Dec 2022 02:05:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 17 Jan 2024 17:18:49 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C6DB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsDhntgcKvf-yO15Mv6H7Av8lhZ7jsiYmrJi6fp3Fdvh-XFqXTfAnJOPAV9AtX0Sg-W-UGWqCciG8Oulf2BrVpwxTpuYl7OZQm8kksbHTb4rEPPcw7I7DsLKQnYCapcfKS9bZqH4Ja9PTXm8gzyVpRR61QRLDpe6820axAE5yU9IxjQvV1B-FmLt4mzDqC3b1_sHeN6IAD_ZtWmjZMpzG9tfBbQsIMokmxam2E3errsGBXz4Ck0a3F3HecaTvUNaQEUmcjt890Z0ZpARx3WIuDqFleCvTZu08KFGi2O0_gDXDgYKdLJgsWP7mS-dzgjyUww0MgzCeqQUfwDW9aCAoeI3LF-hm9Nw&sai=AMfl-YTQWTwPOWURAKhvRKrVrDa-d8MV-2gpIPyGss7fYHTSxmEvbF5hpN27hx8NGxMsfpD_qPKuPxlZURTjcJ7VMflhXuXESd3xL8YbJauMXpm4Xk1oJzF3b-p-tt0tPN-a&sig=Cg0ArKJSzFnSFTX3mjbZEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
tag_fe55081e-be50-473d-8f11-22935e7a7a9a.js
sm1.selectmedia.asia/cdn/tags/ Frame C6DB 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sm1.selectmedia.asia/cdn/tags/tag_fe55081e-be50-473d-8f11-22935e7a7a9a.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a252f82913b2a56fd3c3895ae50a646f93c7aae48b8fe90316cb4e5b1e12e6bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:36:44 GMT
age
174
x-guploader-uploadid
ADPycdsrQF7xLCl-crD_JBUB1tA_JZ88djf8Gp7G-sgo-t3bvqclVFkUPEEMVbHAMmc96oc2_zCtvz6q4KEaR-cxp5GJQdgc7Rti
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36732
last-modified
Mon, 09 Jan 2023 13:09:31 GMT
server
UploadServer
etag
"97c00c6920aba4460e8fe4b0843a4b8c"
x-goog-generation
1673269771025451
x-goog-hash
crc32c=SVdy1g==, md5=l8AMaSCrpEYOj+SwhDpLjA==
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
36732
accept-ranges
bytes
content-type
text/javascript;charset=UTF-8
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C6DB 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49309
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1673441803913192"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 05:39:38 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DFCF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv_kxNHV7_jHAaM4TxYqAzjWh23vgfxq-t_GdY1MJAuW8VVvytwxskn_DfR64zONQiZ-h6JNmm9--8slgVeYtScIZ-zssHvWCFs4sOspPU9hg45HUY_psChgdi7ShjIaf89AijJd5vBwu9rNUZfni8qAfCf1wF-DG1x6LBoze6CLCoF2rAMRF7LfSYOnOoo54u0ypNKUwGDGtCv_SDWY1HRoD_oogNPz8Ak-4RRfONNjC7fIZM7j2KvPgXdwCk82n8FxFzEN7_YLj9gjMlYj7YTpoyIKXcvckUPvX2guADqWl1cabicQdoj9yfKqz4OIrohBmCTwug6o9yPfyasbzdXD38n2Yac&sai=AMfl-YSKIOi1dfCK8b43n5B8sncVcYGx9NY9ODxzddPsMdzIcOn-W_HwvoX0y045wnPFTy8LFZZ45fPvzuy9-V4hqyfnbXeFLwjFYro3Wc5hhC8HS2rF6JT6geY45ae-mr-A&sig=Cg0ArKJSzN1NOSL1qTmAEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame DFCF 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8342ee2a9f9695a268adafd8c87219e4b74b60e31d232533c88f993d27faa5ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27784
x-xss-protection
0
server
sffe
etag
"1455 / 523 of 1000 / last-modified: 1673996606"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Jan 2023 05:39:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DFCF 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49309
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1673441803913192"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 05:39:38 GMT
container.html
08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D700 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://inews.hket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Jan 2023 05:39:37 GMT
expires
Thu, 18 Jan 2024 05:39:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9BDB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://inews.hket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Jan 2023 05:39:37 GMT
expires
Thu, 18 Jan 2024 05:39:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 9C8E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssl-nf9FzeZg-umjNc3clip45HO1KheUOWBBtrq_3XQF4P3CHTdK9-0ahKW0khCM8d0J888i3eMq2SVzZCwZZKwMvc1iX2svX2h7PnB366iSt-ZwqgmYqqDHx5s4z0jN8UCaOeYHKqf1V3yJaAJM3xw-hcA3NHv_AVuJpwGACkjU3NTNCDgXCdLse3RLBCqLnNoPvikB0N4nxJGzd-gGKGgZNPrJzRpgoUhTyL9kN2QyCbaBdvWs0-hFRbRd0JHk0IGhyKOi_wGVWvycVXRoHEMeH3ynb28H0GGQHWIoX0MYaEoXmTRe7Yhkb44p7lTazhA85-b9NCFkRtRCs3SziVhLhCKZw&sai=AMfl-YTLppDi59EhDq3r0ofw9znUGWvaEybfLZj1qARnvH4fHURwkfZIjyV-1LIYZG5fBR_SG6xbTpDJL8WPGXpOEmdncxMQ4syBqIhAJD2B1KorSjB1EBdjkvLsm5UCzCMV&sig=Cg0ArKJSzOD95K5kQ8LVEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 9C8E 		81 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
daf8261e9896ce069e367b1a64b35b853faf682a4b60e52bb0a8481d33741005
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27775
x-xss-protection
0
server
sffe
etag
"1455 / 1 of 1000 / last-modified: 1673996606"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 18 Jan 2023 05:39:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9C8E 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49309
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1673441803913192"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 05:39:38 GMT
container.html
08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E14C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://inews.hket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Jan 2023 05:39:37 GMT
expires
Thu, 18 Jan 2024 05:39:37 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 06A2 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38b38a8ae55647809ed664e492da29d628e1e93c3d869cfd50b1430796c5c5ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
matomo.js
dw.hketgroup.com/analysis01/ 		82 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://dw.hketgroup.com/analysis01/matomo.js
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
16.163.89.66 -, , ASN (),
Reverse DNS
Software
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/7.4.33 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
content-encoding
gzip
last-modified
Fri, 16 Dec 2022 05:07:03 GMT
server
Apache/2.4.6 (Red Hat Enterprise Linux) PHP/7.4.33
etag
"190b5-5efeaf0be1b47-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
adview
securepubads.g.doubleclick.net/pagead/ Frame 3778 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CH-ieGobHY575AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoEkQJP0ORworuMb0fTEP7VvFUP-niJ9zwulYy4g32aa7l5lDbG_-OO0UmrfASuec35eN96vy-8Lz7e6RcKF8Ab0BOyX81Tl0_cl9txhLNtcAmLGYcrRCFHQl2huY7hfqupBkEmvZRxHnuaoxDVfUE1ivsR12RSQHdLHUUTHYPPaoLzggbBNIRmnY1_w1EnooLyg2ajRJ49xt-y8Yqa_GEvnxdMScwayAGB8SX3QpNedLDOR4NYnG1K1d5My2TsUvu0-79vtrIrXDkpQKBe685miYeDIYS7DwGi3r-KoWwJ1Qjw56TkkxGrSZhx-Ct3H9zAaRQOeY--joTuxY-b1RW2z4c7up02T0MGuqoXo_AdX-RJI2HgBAGABsXvqpes6vKmHKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTM4NzYzNzE3MDIzMTE4MRiatRM&sigh=RFbHNLUm3hg&uach_m=[UACH]&cid=CAQSOwDq26N974o112-g9uQ1aYunTA2ruGns02HXEzDymALbjufRDCZlg34NMfjBHatJf7e3-JUry9aJ0aY_GAEgEw
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 3778 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kf9am6yn5n820v9gbcgyyrkn0a2ama0h1yevzx1ymmxhj6za5t1eaxvqs2yy78ehgzmrrnqgbsmgwgzwzv4ya5c6vxkzayn1z3e8qjynwqnb989mnj7e5h94aghe87py72q8fwaw6kgwezet8kxr2h6dkcpcv182gmfy86b249pec4f268qnx8wpvkp57gtedma7krbwysp74k5xcnmeyvpaw0d33c1wy216nkrhn2k8c0b5w3hwdqh19gbs9k14cdq1g3fkfmfv5s8ac8s1w3fdzcvfhgnk1sgq3m7mbnf47g3bdy6v056w9yv3dpzq1mxbv0zx0hnh5zdv88rd2ksdwyfsjekeb0y2pfb2xzhzn62qnh4vza5p1hcrg9a6gykb8qc2tc7qq0&b=Y8eGGgAAfJ4H_Zl1AAmoBAo02-21X0XyTr2bsw
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 18 Jan 2023 05:39:38 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 5206 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1h7rt67gtd2zemrg8tyf78ydgkjz1wpqbptr87s4jhrg336vxgp7sqeajjr9b642x93wjd75q9gr9bzj7kj81np32ad16rvv1e3k7ctz902vg7v1dqamz2hny3a96hvajt7ac119qyc5z0wb70vq3h9a9btgynxbefb5dszk6ad3dyb4tfqmvsey3ja9r3n80thqxpaq23qg1syeaajbbmsm8vzk48s3g956bhf8ec43k5sjnxks6fxpe10c90ztnenpf4zh9mpxwt6d3mp3haxjp97kxpqh99zy1sxjjfcs11y7g2hnswjp2v5ytwwnf3g921gw71vg1b3wpfb33rermkdf014b0q55f75ma4cfpej1p9h69ejp2mg4hcd0m3xsrg7f8tnbmhhdn6spypq926qj58gngn4v6kkzb259kspd9t6b0tsn8xfx1j8c7k5abtb8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzdU4GobHY575AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoElAJP0ORworuMb0fTEP7VvFUP-niJ9zwulYy4g32aa7l5lDbG_-OO0UmrfASuec35eN96vy-8Lz7e6RcKF8Ab0BOyX81Tl0_cl9txhLNtcAmLGYcrRCFHQl2huY7hfqupBkEmvZRxHnuaoxDVfUE1ivsR12RSQHdLHUUTHYPPaoLzggbBNIRmnY1_w1EnooLyg2ajRJ49xt-y8Yqa_GEvnxdMScwayAGB8SX3QpNedLDOR4NYnG1K1d5My2TsUvu0-79vtrIrXDkpQKBe685miYeDIYS7DwGi3r-KoWwJ1Qjw56TkkxGrSZhx-Ct3Xd7h-8P3_s92Ccx4H8YJJyyixSoxlIXrz4FPKFKDvdwFijjWY6n_8_7gBAGABsXvqpes6vKmHKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2gHV6SwhRhS6kMjFVTMwY5XbJtvg%26client%3Dca-pub-9387637170231181%26adurl%3D
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
594cc5532c6f20e29ef1ac3e1ff3da02324d3baa8ed286c254b3792c05f4847c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
78b4fdc8681a9b1f-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 18 Jan 2023 05:39:38 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/ Frame 3778 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/window_focus_fy2021.js
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 20:11:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
34092
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Jan 2023 20:11:26 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C530 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
59090
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Jan 2023 13:14:48 GMT
etag
48472445140208031
expires
Wed, 18 Jan 2023 13:14:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/ Frame 3778 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fcb2a2d76154a28aee5a1e84fce890f1e5bd8ef41d5a7c8368f1db418409cc83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:38:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
36067
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7536
x-xss-protection
0
server
cafe
etag
18409170587552385168
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Jan 2023 19:38:31 GMT
l
www.google.com/ads/measurement/ Frame 3778 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRfPOSQX3pT0MpBHdL9FZ4qy4rTxM1gZKNum_AlAFrUjNn7oIshjDceIwp7q3fvT30nabsGuPMp3hVyu742YMpEeReV-A
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3778 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 08:20:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
422354
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 13 Jan 2024 08:20:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3778 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49309
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1673441803913192"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 05:39:38 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D700 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstn_9xvEHPtokdjZkJEEmIjsX2aUcZdnm9ELpjjApPdSFxpkw7D78CiruADXVTkjkd3GiQl4R9JkySAcyIS38Le4nWnonN-bI-MPhtKOUy8Co5Lskcj7WYuqSmpWeqcxqRwRVZBmv5DJ5mWiIr7pOLuWNMQvFhqFBluv8sIV6dwbCGFbZiym3i-Bnev5kxxZudvSAfYDW-Oh7gXusP7q_c-pMB3nG4LCFUcyTFuKtd-qe3AQ-XcY-6cKA2_G0o7Psy94aq4KA2_RWCr4MJpi3slW4dUmmXNO6QBt6stSSqMgokyzSmtIONwzyNVzpRIt-KIGkqaK_m12HTpubQEhj-l34HJ5KQtR1RC6tWJ1KttkbNTxJ_IMNXd5036IybTtCOjDSblVTBHgm08gfc7zB-KVH19kqgNGV0QoYFkslbUg4ojRT6gZbdVW5XX0OSYxNBfLyZnPGO_cn2Rcn0W_9PGyTu8iwrHHV_evReUbToa086qKJ3ZUiBIE0VyBMnTdFo4fdll1h1Vwt8eBUmbg6HijJqshF0Dl7KU89039r9m_5mIMdH_0e-yhaBT7P1sCz-7u8c8ALUnkaFJSb_mUB3MdxWEUd3TpxeoItrRF0j4ckG12BGq7abyvERxBetClmok9kDO3HY-Ibo6Uaz1Mt-_OQHIXgW5dfxb4a3L4iqnCZ5q9GF6pna0-l-o6M18OLJ4pBZvMuN-_RcBDpxf1YB8HGx8eCIR51gsQPjToc24UgMz3r90vCTj2iuZ2QQboy7fwoFu_g0IqztCX6X8ugw7zf2wA3GzXQpTmgDSSN1YexsproDb77YP7_ZazWftL8LlGAC0dPVicFcsfeNSg2U_XzSZW8gmN7UNra_dOXjJ-4iUSS4EjQFKbFt7vceM3W7vPNuWaD-rl0tcBXOWfDCvOULY45bJTo9Ct29bXUdKakN6Diswa0Mdh2zJFhXRfH2ctkPR7QaGHoUXEEXTe7GlyH0MLOXmbBjjC8NBOqrc0LlVo93PHQiATohJdqvHIOO2JdWccLE0qayn438AmOI32mUkTOz4Pm1MElalfNjQhhu01baBskIyWLnWiUwaM2ANhp-L3R-9W6PADxy9g4wHrTQq3EPwQ38Cqs_vriCctqswFW_ipjHYRducvSMoF5OxOsplTQw0Kf0y&sai=AMfl-YQ3miNAbwB6e5y5KtWgZkH4TBn7DkUlh3z_jusMdnZOIsNQGR840e6uGuBx14qNhoSO493gBkrMWUveTJRPU8cW59kDocNjWbeC3AJQRQ46RCnKfM_qna5sX8k0CYjtFSkKgL2QUcyFMeUeKnQyRj0DfPKPBEvKlkd2Nf1UypNfMUBLgW6ON3Rg0n-U9vrDi1vfOIZ4F_FogcclI4HjYBn97T_bS1d_tJS4_ACxG9qj2tvOZfbPrvhVS952KdmOoowWfDfMDL5Mo3zJG2yXxe6h0NNyh7sdcjqiKyGYUpWyyZL4JNC9JJ63_7RLe0yzrGiW35L4AoZWtF79RUO9wqm2JLXwqUohdkOiS6rl_09mx5Uybe2bTJ2vLLpFSIZ4e8hPcDc85l1_NHBBo8YkIw&sig=Cg0ArKJSzDeilKTYhyn2EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 18 Jan 2023 05:39:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame D700 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
Origin
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 15:17:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51710
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 Jan 2023 15:17:48 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230112/r20110914/elements/html/ Frame D700 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230112/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 20:36:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
32600
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2477
x-xss-protection
0
server
cafe
etag
8436122973860808490
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Jan 2023 20:36:18 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame D700 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 14:01:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
574716
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 14:01:02 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/ Frame D700 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6705b8781ba706f654fe7632dfef69c200c124efe2427ca6145abacce52193c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 20:32:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
32839
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14225
x-xss-protection
0
server
cafe
etag
2800653896865434201
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Jan 2023 20:32:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/ Frame D700 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/window_focus_fy2021.js
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 20:11:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
34092
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Jan 2023 20:11:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/ Frame D700 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fcb2a2d76154a28aee5a1e84fce890f1e5bd8ef41d5a7c8368f1db418409cc83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:38:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
36067
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7536
x-xss-protection
0
server
cafe
etag
18409170587552385168
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Jan 2023 19:38:31 GMT
l
www.google.com/ads/measurement/ Frame D700 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTzbdn80lY5iQIiS-pTwyZSwHxzx4WXkcIQj_619EuXUVgIGRV3vaidS4j-9W9Dk7FBxbIYEKU5tT361N3xjJrnpDhiQg
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D700 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49309
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1673441803913192"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 05:39:38 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230112/r20110914/ Frame D700 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230112/r20110914/abg_lite_fy2021.js
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 14:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
53910
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8889
x-xss-protection
0
server
cafe
etag
3049769697470197148
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Jan 2023 14:41:08 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9BDB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CdCIQGobHY5f4AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoEmAJP0P9GOtZK7fHAWboLM6tdCMf5z4nBlNZd2FRlfaLc6KP40JtE9GFHZV6dtQ-wffJzyNEH0CIMQCjf7_OgbcD683SFYrhLk_kBfp_TfENMEfDhFdvScnkHTrgMxwXvnj_z96TGvw3XCuDikx7ARYW7DG_-ZlSIO0JI5dIMaA0cnK33QyokzUtb41d6uun0KMJwS99B2UV6gsEMS6FDOokvFdIJ-o4cunU8DVmk2zw3sOz4Ctb9CX0raN3_l-yTSh3y9EGFZpc5iebg095FtJwimxn40Bqo2p7hqy419BNXX8cqnVN31djmI8lZv9pBmlspsi-lVMAfAkKLWSYmam9Fu5njP3C8CwB02H4rb6X3e-ADt1g3aRW64AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi05Mzg3NjM3MTcwMjMxMTgxGJq1Ew&sigh=DhgXroYEFMs&uach_m=[UACH]&cid=CAQSOwDq26N974o112-g9uQ1aYunTA2ruGns02HXEzDymALbjufRDCZlg34NMfjBHatJf7e3-JUry9aJ0aY_GAEgEw
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame 9BDB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1kgja4efq9yfmvvb6dftbqs3sr9st1dh45vx2m51qaf1vxtg3pg6cqb1tkb13e59y7t5zs5xmex4tkf0dt3r8qch6nc5qgt9a59vb5v9q3svsmtqz2ebps940c4yq65n704wj0vxd8sydtamkjd49j4yk1vs7frkv3w6et5czt54btp8b48vnx9n020m3c0qmb51deb31yyrzzxmmxhc9gx86m95xb7msps9wm36y59hnnj2j8trjbzks9he4nh4bb5h6cp6rde5ctby0ht0pnpv2xbnmc7q61d46s6a9vnbct3snw4rjt6q5atz4mbv1fkcp50gp85tg27xmf5vg5sw6qes5x408hrx78b9h8vjje1nmnj0mw9btdpyjhk9h28t4mac4nm6am8&b=Y8eGGgAAfBcH_Zl1AAmoBK0f5ND2d--qVznV3g
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 18 Jan 2023 05:39:38 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame CF04 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1kdmf9xm4q5kdzsr8nkg3z0vhwfdv4mdh88j6gp4hws9mq4xzp65v1fxkyy56rdqrh7a8yff77jcpk2n3g3yzx3ftmvdpm0dgpj0fzyf9sp2jpqnhcb4rmyc042p53dghsdqwat37332bra6y300rmv11jgprv49341qk53545jr0eddnkmxrxng0ztcnhsw7vcj9reyhdkfd42bnmsprq146h7xpn5ndbv1fzrqdd9nk0yay7pn2ya5ahwbppynhp8s0jzyccs76j11a33p19btnf6q3s4a2k2bwgeb9kxcjmsxym3bt81yeak2dmtqp54yfg6n5hdcc1tc0ffaf552587sea504x62y4pqt33wvkqpawn5ch50zf0ehae8158qgc86ggscfp0v1qkwr5925szacyyf4qrghxzt75wp2m75ksyppagberetfz46zb3q8nfn&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtqMNGobHY5f4AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoEmwJP0P9GOtZK7fHAWboLM6tdCMf5z4nBlNZd2FRlfaLc6KP40JtE9GFHZV6dtQ-wffJzyNEH0CIMQCjf7_OgbcD683SFYrhLk_kBfp_TfENMEfDhFdvScnkHTrgMxwXvnj_z96TGvw3XCuDikx7ARYW7DG_-ZlSIO0JI5dIMaA0cnK33QyokzUtb41d6uun0KMJwS99B2UV6gsEMS6FDOokvFdIJ-o4cunU8DVmk2zw3sOz4Ctb9CX0raN3_l-yTSh3y9EGFZpc5iebg095FtJwimxn40Bqo2p7hqy419BNXX8cqnVN31djmI8lZv9pBmlspsm2ndVLI-8XLkaFu_LUMKWvaK3oRAS5sBf7pJjcP7_4vr43r9lVypzv44AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_23Pcm1DvU3Kps2EM8DGneUQaFdAQ%26client%3Dca-pub-9387637170231181%26adurl%3D
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64e6cabf96617a453bcc3a1cc85522e76aface53316ca208d0fdd54fd3240581
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
78b4fdc8681c9b1f-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 18 Jan 2023 05:39:38 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/ Frame 9BDB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/window_focus_fy2021.js
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 20:11:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
34092
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Jan 2023 20:11:26 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1269 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
59090
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Jan 2023 13:14:48 GMT
etag
48472445140208031
expires
Wed, 18 Jan 2023 13:14:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/ Frame 9BDB 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fcb2a2d76154a28aee5a1e84fce890f1e5bd8ef41d5a7c8368f1db418409cc83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:38:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
36067
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7536
x-xss-protection
0
server
cafe
etag
18409170587552385168
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Jan 2023 19:38:31 GMT
l
www.google.com/ads/measurement/ Frame 9BDB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTLQMEAQeSvRUxC1QZ06IyU55RvbqgzizE3inBDW-GgYfVSQViheHx_ZBqdbGVIu8YZvg3GKWTTCUdO86DP4I-XGel3g
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 9BDB 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Fri, 13 Jan 2023 08:20:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
422354
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 13 Jan 2024 08:20:24 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9BDB 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49309
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1673441803913192"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 05:39:38 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame E14C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssJ8SLhvUt9SoEq4nnXn8iDU-MK-EBdSW5q6ItCk1_OaTPjrMggfVLVmAVTYs9oyelwm_gt3yTMGvuQK44DpWQAD9zL9c4jDut31w3pzqvo4avS6iq_HyMZrQX48JH62a-qATl30xRpKhlXPbOH4d5lfElTQYcBhhwDYcnRD9lclDli9emXEHS-UNBzHk_FB1FVyFo3hIFfXZBOM73sg3LYCzZrP_9m068DlCtRbfJTXeeoDkrvojn72OB48a0dfq0w0lUQXt8-D9CuVag1-lOnCIwfzmwu0P5gWj6naAIYBUQYfCP0BlvLD67Lox_hBI2uaR1yRnTsOzPKka5acon68NdQQi-6wV0CWs5dBcY-2pMkB08OfRkWLwVXpguuQRINEeSKSYmHcE_9poldzanVOC-9-E0EEEgaOQmDtiftJJGrxJfKhCe83NgAFNgr5Ajz2QutMlbzGjtlo4SzSq0H_Z9KtmqTcNZvYkJwVynVnfYPhMLjP423m2S8MpShtugSzqTccS_kfSk4Uv2TYLxKFUV6kL7Nd7-TT27m_8N0sAp0FYwc0KRHCZKvEYcHZT4oSa5_RTMbAjVG90xaM49hsU76e2-YbudkZGNldCNYFkqSU7zLvTJvLoEcnqVt6gz3ml6SXgsZIrjqEEF0OWKTLocR7EJS4VcL2cszw4n27uAG25EH-ZAC8pYy1xdNc8ADBXuXkU9UwssAKTaqcQu6OfWNE_T6jY62kbM35XJB4r0ffjeTXwLxnyTLzTx_ChsOndC6GcCWJkoPBy2xcfuJAWIPkUK5QizGjQ2EOpSY5X1sJX-T84I9GBFZ6h5kkHUFgowdqwbEzaqx3oUE5WdJtqqG_8NrZHvPkD__4oGyqohyVV47CDbAVS-O4A2zNUEHJlzypvFeSFmKIJPqJMbvAk9D3vRu702HRYNFtPDWwhPmDtGuOf9Oe8_TEGMKw2qJY8tnGO9ctqph22R5nYrYfUidgT-yONxBo_8ypEZ6I5vGOvIFVTmpqKSOqOLbkx7rQ20hoESjuCIoXpmX7F89G0O_Pq5ZlMFWBMTiaLht_r7kO_l6upMargXSNhYm8N3rLJZIlQ14xm8HVWkFBkpKedI9mE1dqIxJqkVu6aGyeuTBLFE-sfPc1IfwK6ca28HihfiFWXCJMQ&sai=AMfl-YTWtD0WYq1h48q8pbfeLuOFxQ1W7vcKMDrL5ddrUwdgBjM7oU5mSz2wrUHuT6gnea6KUM6ump2EF9jMA0p0_FBqcA50c7BtrN3COtuxYbOTBtn6zS0yIehgqNUtRB08XXDCJQV-zDBws6rCNtO1zb9PFYunfulkSkd5jUUbM7mqhWm5ZqYUc8leYJz7IHlwvU0CsLRDEn64rsiIAfzsm98afDKvFeueS1dXpCa2FUeO9KMLzrsqRLBivgHjIy4oZWixkpNfso4E72MzabdUjqD4iQSJywDivhyTnI3EKA5Wlrx_rmNIGBq7fmqEukQnB6s17Xkos7J7u_HyFjxMEXPXLmcJMGFkOqoYtLNn7MP-MTsxwguKKdfE401AFjZnELhBZPfnsGSxP_jhOU_XVA&sig=Cg0ArKJSzOPmz_95sYdVEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 18 Jan 2023 05:39:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame E14C 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
Origin
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 15:17:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51710
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 Jan 2023 15:17:48 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230112/r20110914/elements/html/ Frame E14C 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230112/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 20:36:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
32600
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2477
x-xss-protection
0
server
cafe
etag
8436122973860808490
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Jan 2023 20:36:18 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame E14C 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 14:01:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
574716
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jan 2024 14:01:02 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/ Frame E14C 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6705b8781ba706f654fe7632dfef69c200c124efe2427ca6145abacce52193c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 20:32:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
32839
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14225
x-xss-protection
0
server
cafe
etag
2800653896865434201
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Jan 2023 20:32:19 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/ Frame E14C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/window_focus_fy2021.js
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 20:11:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
34092
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Jan 2023 20:11:26 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/ Frame E14C 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230112/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fcb2a2d76154a28aee5a1e84fce890f1e5bd8ef41d5a7c8368f1db418409cc83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 19:38:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
36067
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7536
x-xss-protection
0
server
cafe
etag
18409170587552385168
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Jan 2023 19:38:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E14C 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49309
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1673441803913192"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 05:39:38 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230112/r20110914/ Frame E14C 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230112/r20110914/abg_lite_fy2021.js
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 14:41:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
53910
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8889
x-xss-protection
0
server
cafe
etag
3049769697470197148
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 31 Jan 2023 14:41:08 GMT
spt
tg1.selectmedia.asia/api/adserver/ Frame C6DB 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.selectmedia.asia/api/adserver/spt?AV_TAGID=60e7ec078903a3059a28136d&AV_PUBLISHERID=5f69ee2786f50a6e302c104c
Requested by
Host: sm1.selectmedia.asia
URL: https://sm1.selectmedia.asia/cdn/tags/tag_fe55081e-be50-473d-8f11-22935e7a7a9a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:4::212:4f0d -, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a6043c48761c2330b12351dee5f354ff1832c1b26fb4b0eb1bca43a902ecbe9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Wed, 18 Jan 2023 05:39:39 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With,avsptstaging
Content-Length
6089
Expires
Wed, 18 Jan 2023 05:44:39 GMT
/
track-selectmedia.com/trackv4/ Frame C6DB 		0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?&d5=inews.hket.com&d3=fbdd116e-f6bb-47c8-9d7f-1a5506de0575&d25=13040bed-d283-4fd9-abec-62d240273393&d23=tag_fe55081e-be50-473d-8f11-22935e7a7a9a&d24=08bcd46e-a5fb-4562-982c-b9911bf6b3fb&d2=1674020378&e=40&cb=1674020378959
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.33.6 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:39 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials
true
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pubads_impl_2023011001.js
securepubads.g.doubleclick.net/gpt/ Frame DFCF 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba08a3d19225206e1f616f14c7d6e4f214002374c7086834026cb977a09748fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 00:31:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18504
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132153
x-xss-protection
0
last-modified
Tue, 10 Jan 2023 09:35:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 18 Jan 2024 00:31:14 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame DFCF 		470 B
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=inews.hket.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8d502e3699dfe24ccbc688aebc53f2971090ee299fc78dacc043cb167d22902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:38 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
169
x-xss-protection
0
expires
Wed, 18 Jan 2023 05:39:38 GMT
truncated
/ Frame C6DB 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05dd0e0b8b94d061f9fba3d42c6fc2078e5dbb5d0e70e6aae2bf0d2c2b8280ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9C8E 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb3377bdad82644bb7121f668d56bf53c81e31c7b495e65d0e594495fe7df3ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame DFCF 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0e1095db72bc8fceef234016ad7dd4afd2f479579f2fbbcc00925f2c1099a86

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 06A2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSXjXManbaLtPKst9PgFFCdhiHYIVaYPsan82EmgSr-_yLGRIfrkrxlKthdjObl7ENyDG1htw9LeedUj7gB785lYAHhYtDXqh84z8dQtrlDme9rHGehWiGclU-tqH0ZjmTIzwYZOEE5wB_a7F4WBuFZKt1Pou0HnmSGeIakFqQFXdoSbwQcFos2Hu9EJ9WkwwIQnBOwP5SCFTBnz1WX3W7d_ldGPdqz0HeovGvOt_P_kVtzbHaLlM17pHSR6Njw9eVc7N3h8uzStUn9lxi5N8by5W258KrQR0d8ui_MsDSwHjqdCZ8r6gf5BTiOZDGD7NEqApq1MsoIu23974xMGdJkg6LNYlEtpA&sai=AMfl-YRw3HZf942IBPnNgvKXdQ1esqX0yWNrt7iiChF16tI4K96loAnBkrp5yfiMViEkpDKYgv6cuZuSRbICFphl_FfHewlRbVB6pB7B0qCmmsecf6kmfsqByQa3r3V_uDDb&sig=Cg0ArKJSzB4POa0b4_nREAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:39 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 18 Jan 2023 05:39:39 GMT
pubads_impl_2023011001.js
securepubads.g.doubleclick.net/gpt/ Frame 9C8E 		382 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba08a3d19225206e1f616f14c7d6e4f214002374c7086834026cb977a09748fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 00:31:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132153
x-xss-protection
0
last-modified
Tue, 10 Jan 2023 09:35:18 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 18 Jan 2024 00:31:14 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 9C8E 		470 B
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=inews.hket.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a8d502e3699dfe24ccbc688aebc53f2971090ee299fc78dacc043cb167d22902
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
169
x-xss-protection
0
expires
Wed, 18 Jan 2023 05:39:39 GMT
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame CF04 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kdmf9xm4q5kdzsr8nkg3z0vhwfdv4mdh88j6gp4hws9mq4xzp65v1fxkyy56rdqrh7a8yff77jcpk2n3g3yzx3ftmvdpm0dgpj0fzyf9sp2jpqnhcb4rmyc042p53dghsdqwat37332bra6y300rmv11jgprv49341qk53545jr0eddnkmxrxng0ztcnhsw7vcj9reyhdkfd42bnmsprq146h7xpn5ndbv1fzrqdd9nk0yay7pn2ya5ahwbppynhp8s0jzyccs76j11a33p19btnf6q3s4a2k2bwgeb9kxcjmsxym3bt81yeak2dmtqp54yfg6n5hdcc1tc0ffaf552587sea504x62y4pqt33wvkqpawn5ch50zf0ehae8158qgc86ggscfp0v1qkwr5925szacyyf4qrghxzt75wp2m75ksyppagberetfz46zb3q8nfn&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtqMNGobHY5f4AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoEmwJP0P9GOtZK7fHAWboLM6tdCMf5z4nBlNZd2FRlfaLc6KP40JtE9GFHZV6dtQ-wffJzyNEH0CIMQCjf7_OgbcD683SFYrhLk_kBfp_TfENMEfDhFdvScnkHTrgMxwXvnj_z96TGvw3XCuDikx7ARYW7DG_-ZlSIO0JI5dIMaA0cnK33QyokzUtb41d6uun0KMJwS99B2UV6gsEMS6FDOokvFdIJ-o4cunU8DVmk2zw3sOz4Ctb9CX0raN3_l-yTSh3y9EGFZpc5iebg095FtJwimxn40Bqo2p7hqy419BNXX8cqnVN31djmI8lZv9pBmlspsm2ndVLI-8XLkaFu_LUMKWvaK3oRAS5sBf7pJjcP7_4vr43r9lVypzv44AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_23Pcm1DvU3Kps2EM8DGneUQaFdAQ%26client%3Dca-pub-9387637170231181%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1kdmf9xm4q5kdzsr8nkg3z0vhwfdv4mdh88j6gp4hws9mq4xzp65v1fxkyy56rdqrh7a8yff77jcpk2n3g3yzx3ftmvdpm0dgpj0fzyf9sp2jpqnhcb4rmyc042p53dghsdqwat37332bra6y300rmv11jgprv49341qk53545jr0eddnkmxrxng0ztcnhsw7vcj9reyhdkfd42bnmsprq146h7xpn5ndbv1fzrqdd9nk0yay7pn2ya5ahwbppynhp8s0jzyccs76j11a33p19btnf6q3s4a2k2bwgeb9kxcjmsxym3bt81yeak2dmtqp54yfg6n5hdcc1tc0ffaf552587sea504x62y4pqt33wvkqpawn5ch50zf0ehae8158qgc86ggscfp0v1qkwr5925szacyyf4qrghxzt75wp2m75ksyppagberetfz46zb3q8nfn&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtqMNGobHY5f4AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoEmwJP0P9GOtZK7fHAWboLM6tdCMf5z4nBlNZd2FRlfaLc6KP40JtE9GFHZV6dtQ-wffJzyNEH0CIMQCjf7_OgbcD683SFYrhLk_kBfp_TfENMEfDhFdvScnkHTrgMxwXvnj_z96TGvw3XCuDikx7ARYW7DG_-ZlSIO0JI5dIMaA0cnK33QyokzUtb41d6uun0KMJwS99B2UV6gsEMS6FDOokvFdIJ-o4cunU8DVmk2zw3sOz4Ctb9CX0raN3_l-yTSh3y9EGFZpc5iebg095FtJwimxn40Bqo2p7hqy419BNXX8cqnVN31djmI8lZv9pBmlspsm2ndVLI-8XLkaFu_LUMKWvaK3oRAS5sBf7pJjcP7_4vr43r9lVypzv44AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_23Pcm1DvU3Kps2EM8DGneUQaFdAQ%26client%3Dca-pub-9387637170231181%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
665543
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mkTz70tJ2HHc5WqJINjNpvC5lFCFX%2Fr3os7o5BxQpPYqqNIuII4FcnqoTCZEfjtf6hU0cHipe1bS8LtITVOQ%2B%2FfupcodcDv7pXFLPXfo%2BY518aWMl78lcw4AgoEYyhKdH%2FhFuLJEgr8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
78b4fdc958e59b1f-FRA
expires
Wed, 18 Jan 2023 06:39:39 GMT
r62eglto.js
ad4m.at/ Frame CF04 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1kdmf9xm4q5kdzsr8nkg3z0vhwfdv4mdh88j6gp4hws9mq4xzp65v1fxkyy56rdqrh7a8yff77jcpk2n3g3yzx3ftmvdpm0dgpj0fzyf9sp2jpqnhcb4rmyc042p53dghsdqwat37332bra6y300rmv11jgprv49341qk53545jr0eddnkmxrxng0ztcnhsw7vcj9reyhdkfd42bnmsprq146h7xpn5ndbv1fzrqdd9nk0yay7pn2ya5ahwbppynhp8s0jzyccs76j11a33p19btnf6q3s4a2k2bwgeb9kxcjmsxym3bt81yeak2dmtqp54yfg6n5hdcc1tc0ffaf552587sea504x62y4pqt33wvkqpawn5ch50zf0ehae8158qgc86ggscfp0v1qkwr5925szacyyf4qrghxzt75wp2m75ksyppagberetfz46zb3q8nfn&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtqMNGobHY5f4AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoEmwJP0P9GOtZK7fHAWboLM6tdCMf5z4nBlNZd2FRlfaLc6KP40JtE9GFHZV6dtQ-wffJzyNEH0CIMQCjf7_OgbcD683SFYrhLk_kBfp_TfENMEfDhFdvScnkHTrgMxwXvnj_z96TGvw3XCuDikx7ARYW7DG_-ZlSIO0JI5dIMaA0cnK33QyokzUtb41d6uun0KMJwS99B2UV6gsEMS6FDOokvFdIJ-o4cunU8DVmk2zw3sOz4Ctb9CX0raN3_l-yTSh3y9EGFZpc5iebg095FtJwimxn40Bqo2p7hqy419BNXX8cqnVN31djmI8lZv9pBmlspsm2ndVLI-8XLkaFu_LUMKWvaK3oRAS5sBf7pJjcP7_4vr43r9lVypzv44AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_23Pcm1DvU3Kps2EM8DGneUQaFdAQ%26client%3Dca-pub-9387637170231181%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 15:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
52519
etag
W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mw22Xbri0GZuU3nKh83NH04DTU3V3ZMMky8iFdSSELaoDjEKAZq0cdwQC5Z2vDqEDbV9OgZUnTib48JpAxQArmMZbxhcVGvT4%2BlPYOiiF96suMWQzguXW%2BrEv3DE4Lr5Z2PPyOg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
78b4fdc968fe9b1f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 17 Jan 2023 15:04:20 GMT
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame 5206 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h7rt67gtd2zemrg8tyf78ydgkjz1wpqbptr87s4jhrg336vxgp7sqeajjr9b642x93wjd75q9gr9bzj7kj81np32ad16rvv1e3k7ctz902vg7v1dqamz2hny3a96hvajt7ac119qyc5z0wb70vq3h9a9btgynxbefb5dszk6ad3dyb4tfqmvsey3ja9r3n80thqxpaq23qg1syeaajbbmsm8vzk48s3g956bhf8ec43k5sjnxks6fxpe10c90ztnenpf4zh9mpxwt6d3mp3haxjp97kxpqh99zy1sxjjfcs11y7g2hnswjp2v5ytwwnf3g921gw71vg1b3wpfb33rermkdf014b0q55f75ma4cfpej1p9h69ejp2mg4hcd0m3xsrg7f8tnbmhhdn6spypq926qj58gngn4v6kkzb259kspd9t6b0tsn8xfx1j8c7k5abtb8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzdU4GobHY575AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoElAJP0ORworuMb0fTEP7VvFUP-niJ9zwulYy4g32aa7l5lDbG_-OO0UmrfASuec35eN96vy-8Lz7e6RcKF8Ab0BOyX81Tl0_cl9txhLNtcAmLGYcrRCFHQl2huY7hfqupBkEmvZRxHnuaoxDVfUE1ivsR12RSQHdLHUUTHYPPaoLzggbBNIRmnY1_w1EnooLyg2ajRJ49xt-y8Yqa_GEvnxdMScwayAGB8SX3QpNedLDOR4NYnG1K1d5My2TsUvu0-79vtrIrXDkpQKBe685miYeDIYS7DwGi3r-KoWwJ1Qjw56TkkxGrSZhx-Ct3Xd7h-8P3_s92Ccx4H8YJJyyixSoxlIXrz4FPKFKDvdwFijjWY6n_8_7gBAGABsXvqpes6vKmHKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2gHV6SwhRhS6kMjFVTMwY5XbJtvg%26client%3Dca-pub-9387637170231181%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1h7rt67gtd2zemrg8tyf78ydgkjz1wpqbptr87s4jhrg336vxgp7sqeajjr9b642x93wjd75q9gr9bzj7kj81np32ad16rvv1e3k7ctz902vg7v1dqamz2hny3a96hvajt7ac119qyc5z0wb70vq3h9a9btgynxbefb5dszk6ad3dyb4tfqmvsey3ja9r3n80thqxpaq23qg1syeaajbbmsm8vzk48s3g956bhf8ec43k5sjnxks6fxpe10c90ztnenpf4zh9mpxwt6d3mp3haxjp97kxpqh99zy1sxjjfcs11y7g2hnswjp2v5ytwwnf3g921gw71vg1b3wpfb33rermkdf014b0q55f75ma4cfpej1p9h69ejp2mg4hcd0m3xsrg7f8tnbmhhdn6spypq926qj58gngn4v6kkzb259kspd9t6b0tsn8xfx1j8c7k5abtb8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzdU4GobHY575AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoElAJP0ORworuMb0fTEP7VvFUP-niJ9zwulYy4g32aa7l5lDbG_-OO0UmrfASuec35eN96vy-8Lz7e6RcKF8Ab0BOyX81Tl0_cl9txhLNtcAmLGYcrRCFHQl2huY7hfqupBkEmvZRxHnuaoxDVfUE1ivsR12RSQHdLHUUTHYPPaoLzggbBNIRmnY1_w1EnooLyg2ajRJ49xt-y8Yqa_GEvnxdMScwayAGB8SX3QpNedLDOR4NYnG1K1d5My2TsUvu0-79vtrIrXDkpQKBe685miYeDIYS7DwGi3r-KoWwJ1Qjw56TkkxGrSZhx-Ct3Xd7h-8P3_s92Ccx4H8YJJyyixSoxlIXrz4FPKFKDvdwFijjWY6n_8_7gBAGABsXvqpes6vKmHKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2gHV6SwhRhS6kMjFVTMwY5XbJtvg%26client%3Dca-pub-9387637170231181%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
665543
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8CRr2uJju8X49nyoNef4Rf%2Bt5yjpnfDO5iiDGFlyRhVi5ZnIn3APjRMdYPXXFuTy6BmBTnOBc4TCnfXI8LIiubsBbwLGiibouHV6RcHAOv6E%2FXiOAi0TZUdLGh7kGA0zoXB9LZPapJk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
78b4fdc968ed9b1f-FRA
expires
Wed, 18 Jan 2023 06:39:39 GMT
r62eglto.js
ad4m.at/ Frame 5206 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1h7rt67gtd2zemrg8tyf78ydgkjz1wpqbptr87s4jhrg336vxgp7sqeajjr9b642x93wjd75q9gr9bzj7kj81np32ad16rvv1e3k7ctz902vg7v1dqamz2hny3a96hvajt7ac119qyc5z0wb70vq3h9a9btgynxbefb5dszk6ad3dyb4tfqmvsey3ja9r3n80thqxpaq23qg1syeaajbbmsm8vzk48s3g956bhf8ec43k5sjnxks6fxpe10c90ztnenpf4zh9mpxwt6d3mp3haxjp97kxpqh99zy1sxjjfcs11y7g2hnswjp2v5ytwwnf3g921gw71vg1b3wpfb33rermkdf014b0q55f75ma4cfpej1p9h69ejp2mg4hcd0m3xsrg7f8tnbmhhdn6spypq926qj58gngn4v6kkzb259kspd9t6b0tsn8xfx1j8c7k5abtb8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzdU4GobHY575AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoElAJP0ORworuMb0fTEP7VvFUP-niJ9zwulYy4g32aa7l5lDbG_-OO0UmrfASuec35eN96vy-8Lz7e6RcKF8Ab0BOyX81Tl0_cl9txhLNtcAmLGYcrRCFHQl2huY7hfqupBkEmvZRxHnuaoxDVfUE1ivsR12RSQHdLHUUTHYPPaoLzggbBNIRmnY1_w1EnooLyg2ajRJ49xt-y8Yqa_GEvnxdMScwayAGB8SX3QpNedLDOR4NYnG1K1d5My2TsUvu0-79vtrIrXDkpQKBe685miYeDIYS7DwGi3r-KoWwJ1Qjw56TkkxGrSZhx-Ct3Xd7h-8P3_s92Ccx4H8YJJyyixSoxlIXrz4FPKFKDvdwFijjWY6n_8_7gBAGABsXvqpes6vKmHKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2gHV6SwhRhS6kMjFVTMwY5XbJtvg%26client%3Dca-pub-9387637170231181%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:39 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Jan 2023 15:04:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
52519
etag
W/"70eeb1f8c81f2c3fac3062f4a8c34636"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJSrRVh2Alpq5XajeyYeydetzZf9Z0Sqom7TJdivQaxRGeYQc%2FgDXURg%2FOm4iR2iEdcxaUkXorlt7DczG4X7Fo77X8HA6116vi3PcRo6i18hv2WJpm1SVoB9B0%2BxDd%2BU2dq233w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
78b4fdc969029b1f-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 17 Jan 2023 15:04:20 GMT
pixel
cm.g.doubleclick.net/ Frame C530
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEBaDi8iou7ICm9s1STVNXTA&google_cver=1&google_push=AavPq0Mw5pN9wMT7_dhVt4xOATrpHtRV95nTu9GurjdR37BHIlgviiZPIIsMKkysFq0pG1DOeAAYRQdi_f-eYr3tTq8UHh1JS0dxkQ
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D0C0910075CA4319842E86169EAD484E&google_push=AavPq0Mw5pN9wMT7_dhVt4xOATrpHtRV95nTu9GurjdR37BHIlgviiZPIIsMKkysFq0pG1DOeAAYRQdi_f-eYr3...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D0C0910075CA4319842E86169EAD484E&google_push=AavPq0Mw5pN9wMT7_dhVt4xOATrpHtRV95nTu9GurjdR37BHIlgviiZPIIsMKkysFq0pG1DOeAAYRQdi_f-eYr3tTq8UHh1JS0dxkQ
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 18 Jan 2023 05:39:39 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=D0C0910075CA4319842E86169EAD484E&google_push=AavPq0Mw5pN9wMT7_dhVt4xOATrpHtRV95nTu9GurjdR37BHIlgviiZPIIsMKkysFq0pG1DOeAAYRQdi_f-eYr3tTq8UHh1JS0dxkQ
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Tue, 17 Jan 2023 05:39:39 GMT
google
match.adsrvr.org/track/cmf/ Frame C530 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEI8DK5aFc42HaJCEilDrETg&google_cver=1&google_push=AavPq0N2QXxh2mauObescRiqclGdR-TcrL2X31OPyzMuG7oo6Ic2tdTNgiEDkLIMf_P9xTk5ruzJr98sKQ2Dxx5Ja7w1jhoLJkQaLQ
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 18 Jan 2023 05:39:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixelSync
pixel-sync.sitescout.com/dmp/ Frame C530 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEFoJ5xnMnCKCdTezvOzVUaA&google_cver=1&google_push=AavPq0O990-20IX8Gd4g2NltsqNpdMGiPJdsnilktfMkbVExltfxRp7ekHjIK0SJhGiBgYK2om4UKis2MDcduASMmdfyjNhFfVS7oQ
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.243 -, , ASN (),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Wed, 18 Jan 2023 05:39:39 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame C530
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEFVG1LeczqZtAulNkh2uIH8&google_cver=1&google_push=AavPq0Mx1VlklcfRehu9UWM7xyGJ240Vg3HWhctH4E4teb_rsBjm_pv7K7t82xbRgjIqOH4Gaa7WurbUKItoYiZe...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=0nZ3tNAnQ3yuFsUIuk0cBQ2&google_push=AavPq0Mx1VlklcfRehu9UWM7xyGJ240Vg3HWhctH4E4teb_rsBjm_pv7K7t82xbRgjIqOH4Gaa7WurbUKItoYiZeY5NsFBSMD0Xd
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=0nZ3tNAnQ3yuFsUIuk0cBQ2&google_push=AavPq0Mx1VlklcfRehu9UWM7xyGJ240Vg3HWhctH4E4teb_rsBjm_pv7K7t82xbRgjIqOH4Gaa7WurbUKItoYiZeY5NsFBSMD0Xd
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 18 Jan 2023 05:39:39 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=0nZ3tNAnQ3yuFsUIuk0cBQ2&google_push=AavPq0Mx1VlklcfRehu9UWM7xyGJ240Vg3HWhctH4E4teb_rsBjm_pv7K7t82xbRgjIqOH4Gaa7WurbUKItoYiZeY5NsFBSMD0Xd
x-host
tde-deliveryengine-production-fb497649f-8fkv7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame C530
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEKnrvDKUzGZS-PG6sUOie7M&google_cver=1&google_push=AavPq0PADZfQiLCrmjDNR17mWusSa3c5zszIVqkhNfdNHj42fHjEC3H05O1elOf-miXgKSXgwXS7axHgzDEHgIhP-SPfM6...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEKnrvDKUzGZS-PG6sUOie7M&google_cver=1&google_push=AavPq0PADZfQiLCrmjDNR17mWusSa3c5zszIVqkhNfdNHj42fHjEC3H05O1elOf-miXgKSXgwXS7axHgzDEHgIhP...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=vLdPJsSORyCLFiqMgRsIJA&google_push=AavPq0PADZfQiLCrmjDNR17mWusSa3c5zszIVqkhNfdNHj42fHjEC3H05O1elOf-miXgKSXgwXS7axHgzDEHgIh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=vLdPJsSORyCLFiqMgRsIJA&google_push=AavPq0PADZfQiLCrmjDNR17mWusSa3c5zszIVqkhNfdNHj42fHjEC3H05O1elOf-miXgKSXgwXS7axHgzDEHgIhP-SPfM6g0stxebA
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=vLdPJsSORyCLFiqMgRsIJA&google_push=AavPq0PADZfQiLCrmjDNR17mWusSa3c5zszIVqkhNfdNHj42fHjEC3H05O1elOf-miXgKSXgwXS7axHgzDEHgIhP-SPfM6g0stxebA
access-control-allow-origin
*
date
Wed, 18 Jan 2023 05:39:39 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
onetag-sys.com/match/ Frame C530
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBIl2GRsXlPlf7Cc6ANJlbo&google_cver=1&google_push=AavPq0Mm-tZa0Ez1T8zvfsYWpZalOQ9Wf5pFnNrUMrEhfXaQFU6iElzELaOw4b_d8PMCniDpCZcssyNqdXJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AavPq0Mm-tZa0Ez1T8zvfsYWpZalOQ9Wf5pFnNrUMrEhfXaQFU6iElzELaOw4b_d8PMCniDpCZcssyNqdXJQ1eoL_muKfNOkPijqPcM
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
51.89.9.254 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
report
sync.teads.tv/um/ Frame C530
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHvCyjwk2ho6oo5dQH3T4qs&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0NAt1XnGYyn_9H1kXLXqAMlNZzWh9HGoMoiQ8XYc4kZzNijDDwGmUqVNVM34mvN7rRQDQpeka6vkySB1toyRl60n-iy_W0o-54
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
23.203.125.36 -, , ASN (),
Reverse DNS
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires
Wed, 18 Jan 2023 05:39:40 GMT
pragma
no-cache
date
Wed, 18 Jan 2023 05:39:40 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:39 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame C530 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ImLAyiRuF9uW6zXmLvKUBNb3U0qeJF95qC5af69NEW438Ze-Wdl62dDRxnGXvUnw6dbG-4NuU
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dvtp_src.js
cdn.doubleverify.com/ Frame D700 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13361095&cmp=28887302&sid=443002&plc=353276808&num=&adid=&advid=8650961&adsrv=1&btreg=544407136&btadsrv=doubleclick&crt=182017995&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::217:9a8a -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
593acdfeb9ef6a7c6f80c1918c52734d3b62e7c2319d54bb0f4ae8199f8fbea4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Wed, 18 Jan 2023 05:39:39 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15 Jan 2023 12:42:30 GMT
Server
Microsoft-IIS/10.0
ETag
"07fabd4de28d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3337
index.html
s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/ Frame 8F23 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f33b0376b952ae01acc10dc1d4bcebbe09d0b238e99f7e6d54aa8b04e441e90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
588766
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1756
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 11 Jan 2023 10:06:53 GMT
expires
Thu, 11 Jan 2024 10:06:53 GMT
last-modified
Wed, 09 Nov 2022 03:26:00 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=28887302;s.a=443002;p.a=353276808;a.a=544407136;cache=3302127397;
ad.atdmt.com/i/ Frame D700 		0
0
dpixel
cms.quantserve.com/ Frame 1269 		35 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELaGFrIZPW0PjS2POVMGjNM&google_cver=1&google_push=AavPq0PPNPMWqrIyqn8IhucbWpe7Lsv0oVsl-p5sicHWS64ZzboJ6ReeMmpsOcLrAlxiH4Io7_IpX7ipfC51y_hRbddqzdDXMcrK
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:39 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 1269 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESENVXOhYhERWKp93VjaxyDV4&google_cver=1&google_push=AavPq0Mi0qqRrAttdXBLP2S3wjEGMKkuW6vD00e19JaV_ob-srWhoASb965aK6qgKNFU1ALX4MgDZ0oSICSj1yLNJcPpvunblnBy-g
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:39 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pixel
cm.g.doubleclick.net/ Frame 1269
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEA5URhbn9_2LwSIXESOTtGo&google_push=AavPq0NzFmgwDYVXvy0PdLw6BwprCLBSTf3fcBvZFWJK4TEDNLCJXXf2Iu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEA5URhbn9_2LwSIXESOTtGo&google_push=AavPq0NzFmgwDYVXvy0PdLw6BwprCLBSTf3fcBvZFWJK4TEDNLCJXXf2Iut2s9n60fFOzDVBi3ddYnLS2Q3qLv7HQASsZvrePRILYQ
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-hhn-etou8220053-HHN
pragma
no-cache
date
Wed, 18 Jan 2023 05:39:39 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1674020380.701405,VS0,VE93
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEA5URhbn9_2LwSIXESOTtGo&google_push=AavPq0NzFmgwDYVXvy0PdLw6BwprCLBSTf3fcBvZFWJK4TEDNLCJXXf2Iut2s9n60fFOzDVBi3ddYnLS2Q3qLv7HQASsZvrePRILYQ
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
google
match.adsrvr.org/track/cmf/ Frame 1269 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEI8DK5aFc42HaJCEilDrETg&google_cver=1&google_push=AavPq0OnpQhKiOxgnVc6zAMh0C1Rq5-5yaZCQg7wrJk6TUeaMJlDc78I_PjZhXUj1oIJJ0RftfDpdvVfpF-oP6m3Fcl2OZ3aMdRy_Q
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 18 Jan 2023 05:39:39 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 1269
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPd0aSkFJubDxMQgX8iZkaE&google_cver=1&google_push=AavPq0N3uQU4wdPzrI9ArOCo2Zhr_AtUDe_2e8yAt2cIly-NHQ_ErvlsOAt6F6GBxPf66tLZa0-Z-mGvJIusbiZxR07EOSm...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0N3uQU4wdPzrI9ArOCo2Zhr_AtUDe_2e8yAt2cIly-NHQ_ErvlsOAt6F6GBxPf66tLZa0-Z-mGvJIusbiZxR07EOSm2Cs7ukA&google_hm=eS1kNEFTRVUxRTJwR3Jl...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0N3uQU4wdPzrI9ArOCo2Zhr_AtUDe_2e8yAt2cIly-NHQ_ErvlsOAt6F6GBxPf66tLZa0-Z-mGvJIusbiZxR07EOSm2Cs7ukA&google_hm=eS1kNEFTRVUxRTJwR3JlQnRVTEwyUEV2ZlBOT1k2UUJsdH5B
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 18 Jan 2023 05:39:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AavPq0N3uQU4wdPzrI9ArOCo2Zhr_AtUDe_2e8yAt2cIly-NHQ_ErvlsOAt6F6GBxPf66tLZa0-Z-mGvJIusbiZxR07EOSm2Cs7ukA&google_hm=eS1kNEFTRVUxRTJwR3JlQnRVTEwyUEV2ZlBOT1k2UUJsdH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1269
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEL4qwffallbg4APGkkA7Eos&google_cver=1&google_push=AavPq0NIbRByWkWtkxUYcQhDmqD85paK-lNM604J2v_ey47VAKTkVxPSV0buthV9knv_g9KpEV8poJ-IKF4IPzK6hRq55V9...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEL4qwffallbg4APGkkA7Eos&google_cver=1&google_push=AavPq0NIbRByWkWtkxUYcQhDmqD85paK-lNM604J2v_ey47VAKTkVxPSV0buthV9knv_g9KpEV8poJ-IKF4IPzK6hRq55...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0NIbRByWkWtkxUYcQhDmqD85paK-lNM604J2v_ey47VAKTkVxPSV0buthV9knv_g9KpEV8poJ-IKF4IPzK6hRq55V9R0NLEBg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0NIbRByWkWtkxUYcQhDmqD85paK-lNM604J2v_ey47VAKTkVxPSV0buthV9knv_g9KpEV8poJ-IKF4IPzK6hRq55V9R0NLEBg
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0NIbRByWkWtkxUYcQhDmqD85paK-lNM604J2v_ey47VAKTkVxPSV0buthV9knv_g9KpEV8poJ-IKF4IPzK6hRq55V9R0NLEBg
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 1269
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFOT8u3QB0yKbiH9qhOuxho&google_cver=1&google_push=AavPq0OAnKMppir_E89ythSmLJn9MwJZHM3NUBr5SI-q3ApIs3bUOmSojJc4X6fOHBhEP3n0bbzvyfORM88pdP7Vc...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFOT8u3QB0yKbiH9qhOuxho&google_cver=1&google_push=AavPq0OAnKMppir_E89ythSmLJn9MwJZHM3NUBr5SI-q3ApIs3bUOmSojJc4X6fOHBhEP3n0bbzvyfORM88pdP7Vc...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0OAnKMppir_E89ythSmLJn9MwJZHM3NUBr5SI-q3ApIs3bUOmSojJc4X6fOHBhEP3n0bbzvyfORM88pdP7VcEAAp7zPckgTaQ&google_hm=GAVzvGZHiAds3QEsQse5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0OAnKMppir_E89ythSmLJn9MwJZHM3NUBr5SI-q3ApIs3bUOmSojJc4X6fOHBhEP3n0bbzvyfORM88pdP7VcEAAp7zPckgTaQ&google_hm=GAVzvGZHiAds3QEsQse5Kv6H
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:39 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 18 Jan 2023 05:39:39 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0OAnKMppir_E89ythSmLJn9MwJZHM3NUBr5SI-q3ApIs3bUOmSojJc4X6fOHBhEP3n0bbzvyfORM88pdP7VcEAAp7zPckgTaQ&google_hm=GAVzvGZHiAds3QEsQse5Kv6H
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
attr
cm.g.doubleclick.net/pixel/ Frame 1269 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JwGSQOrAFfSkaXCley4RvvNEkzuacDxqLDxq_anzTXQGmQpkuHdxNfODxEj9wKosIyw_qp
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:39 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dvtp_src.js
cdn.doubleverify.com/ Frame E14C 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=13361095&cmp=28887302&sid=443002&plc=352921673&num=&adid=&advid=8650961&adsrv=1&btreg=544401832&btadsrv=doubleclick&crt=181655972&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::217:9a8a -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
593acdfeb9ef6a7c6f80c1918c52734d3b62e7c2319d54bb0f4ae8199f8fbea4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Wed, 18 Jan 2023 05:39:39 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15 Jan 2023 12:42:30 GMT
Server
Microsoft-IIS/10.0
ETag
"07fabd4de28d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3337
index.html
s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/ Frame 5BA2 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
839f3e8fe56ca86d68e5a380a5d7609ec160e17d7e6796d2c98d0066931b163e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
243224
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1747
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 15 Jan 2023 10:05:55 GMT
expires
Mon, 15 Jan 2024 10:05:55 GMT
last-modified
Wed, 09 Nov 2022 04:13:52 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=28887302;s.a=443002;p.a=352921673;a.a=544401832;cache=3686821635;
ad.atdmt.com/i/ Frame E14C 		0
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame EE58 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
94069
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Jan 2023 03:31:50 GMT
expires
Wed, 17 Jan 2024 03:31:50 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame DFCF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=inews.hket.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame DFCF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=inews.hket.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame DFCF 		333 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3636088169947857&correlator=1213592154210901&output=ldjh&gdfp_req=1&vrg=2023011001&ptt=17&impl=fif&iu_parts=21927187246%2C552851_hket_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=2430662450&sfv=1-0-40&sc=1&cookie=ID%3D3e60d30139bf569d%3AT%3D1674020377%3AS%3DALNI_Mbp2zYSQ5IdlTAKieBSTQb7F8Of7A&gpic=UID%3D00000ba4a3d57d02%3AT%3D1674020377%3ART%3D1674020377%3AS%3DALNI_Ma7GyIoHEMBuOx2sQizeZxrOzLgNg&abxe=1&dt=1674020379711&lmt=1674020379&dlt=1674020378819&idt=378&adxs=800&adys=74&biw=1600&bih=1200&isw=1&ish=1&scr_x=0&scr_y=0&btvi=0&ucis=ozlbb355kl5r&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%3Fr%3Dcpsdlc&ref=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%3Fr%3Dcpsdlc&top=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%3Fr%3Dcpsdlc&frm=23&vis=1&psz=0x0&msz=1x0&fws=256&ohw=0&ea=0&ga_vid=383476091.1674020377&ga_sid=1674020380&ga_hid=1710077542&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46ba64e62c70a82fa989df35b3d2419e6017a40248d3680b86ddc352b154cae5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:39 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35699
x-xss-protection
0
google-lineitem-id
5936626023
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138383115252
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://inews.hket.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
851367f547691d98e6d8be48752e6c5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 740C 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://851367f547691d98e6d8be48752e6c5a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://inews.hket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Jan 2023 05:39:39 GMT
expires
Thu, 18 Jan 2024 05:39:39 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame AE81 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
59091
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Jan 2023 13:14:48 GMT
etag
48472445140208031
expires
Wed, 18 Jan 2023 13:14:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame D700 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3a7ec7dd95f82b5a09b67f1a438e5e5f5c6b048bbb9a707da06792d1488fc82

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9BDB 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b5a7c319902844a075d808b576761551eeb01120b6e2495505b757bf25133c2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9D3A 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
59091
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Jan 2023 13:14:48 GMT
etag
48472445140208031
expires
Wed, 18 Jan 2023 13:14:48 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame E14C 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b401ed697c8d5b9e2e6b8dd3791b93c28fd88c85904ff567418193755ae989f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E9C1 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
94069
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Jan 2023 03:31:50 GMT
expires
Wed, 17 Jan 2024 03:31:50 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
style.css
s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/styles/ Frame 8F23 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/styles/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
682b54b5c9a38b017d9063f27038dbcabea5b3e2cd1e52c852514757d7e335f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 10:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
588766
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1844
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 03:26:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 10:06:53 GMT
brand.css
s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/ Frame 8F23 		0
0
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8F23 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 Jan 2023 05:39:39 GMT
easepack_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 8F23 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/easepack_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1356
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 Jan 2023 05:39:39 GMT
initialLoader.min.js
s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/scripts/ Frame 8F23 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/scripts/initialLoader.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27f5b100c25a8ef97876750b81222227c7d5ff0da6626d5fdfa8d4819738d4d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 00:16:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19401
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1989
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 03:26:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Jan 2024 00:16:18 GMT
fontfaceobserver.standalone.js
s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/scripts/ Frame 8F23 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/scripts/fontfaceobserver.standalone.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e1adee22626162c0fb089096a3bd419c5a57d50043e31bf6e7b2ea292f6341f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 10:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
588766
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1674
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 03:26:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 10:06:53 GMT
custom.js
s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/scripts/ Frame 8F23 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/scripts/custom.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec4da734410948861d16c114b2b6cf5ad702c04ef2c0f5c51edf3cfc6d1461db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 01:25:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15259
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1204
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 03:26:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Jan 2024 01:25:20 GMT
logic.js
s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/scripts/ Frame 8F23 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/scripts/logic.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4971e9fc754d2504d1ea41e28651652135710c47d6a5a9388699c56ac15e0691
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 10:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
588766
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2263
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 03:26:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 10:06:53 GMT
messaging.js
s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/scripts/ Frame 8F23 		3 KB
970 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/scripts/messaging.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
736fb641f5fababcf00f66eb53ef4bdff641a632bcea9a3d254b0b36e6271543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 10:06:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
588766
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
941
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 03:26:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 10:06:53 GMT
style.css
s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/styles/ Frame 5BA2 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/styles/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
509018bc2582b008cd57929864258266d08d82352ddcefe0d67b48d13d1aa1fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 10:05:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243223
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1653
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:13:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 10:05:56 GMT
brand.css
s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/ Frame 5BA2 		0
0
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 5BA2 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 Jan 2023 05:39:39 GMT
easepack_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 5BA2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/easepack_3.5.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1356
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:22:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 18 Jan 2023 05:39:39 GMT
initialLoader.min.js
s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/scripts/ Frame 5BA2 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/scripts/initialLoader.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27f5b100c25a8ef97876750b81222227c7d5ff0da6626d5fdfa8d4819738d4d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 10:04:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156910
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1989
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:13:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 16 Jan 2024 10:04:29 GMT
fontfaceobserver.standalone.js
s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/scripts/ Frame 5BA2 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/scripts/fontfaceobserver.standalone.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e1adee22626162c0fb089096a3bd419c5a57d50043e31bf6e7b2ea292f6341f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 05:38:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
86443
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1674
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:13:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 05:38:56 GMT
custom.js
s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/scripts/ Frame 5BA2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/scripts/custom.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec4da734410948861d16c114b2b6cf5ad702c04ef2c0f5c51edf3cfc6d1461db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 10:04:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
156910
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1204
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:13:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 16 Jan 2024 10:04:29 GMT
logic.js
s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/scripts/ Frame 5BA2 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/scripts/logic.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ca03fa3c72e338653e246e887f62ae3f989595684fad728f1c84647f10255fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 00:10:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19735
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2305
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:13:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Jan 2024 00:10:44 GMT
messaging.js
s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/scripts/ Frame 5BA2 		3 KB
1009 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/scripts/messaging.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f5fbe5d6977e2d9badb51c299286eaf31cafa9dc63730be785ef0b6b790cd74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 14:17:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55342
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
980
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:13:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 17 Jan 2024 14:17:17 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 54E4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsugR_2WNXnS8bkHgfSzkeSaCvuRLHuNOCNdnky5L90n8mjUBn_LlB87g_RZM-ChRl_zQ4p-J-aTxNkmpnRyqHwPSbtXwADAFW3oSFATo1TtT6oufu1SeM2CjqquYHr9_s_V0xvXJPDcwdlgxEd-hvOXV1Hu055V5KOyXva9zU77Lup9BaYjDSum5suOwqx57jr7LGku0jVHLyEfAGDwctfZID3HBpMfNSpVeOwvW40oA5iInFCoVQVnaubhLmh7Sts0tanIJAkpGHwc3zsSzOX--RREflUc4LV2E-gpwVeAaQE_ep9ZN0gc56sB-t9epRTRA_jvMW_u&sai=AMfl-YSAuoD9eop2JAPNy5TIeKPZltfqds-k24BXIHAh4TtZjf7sPte4o_VQwBZeIpDgo1FhL168b0t9x7WetlmPJF-wvVy9JHC4IHMspKn3YUJjhZXBhGRW_y38bJMJ9WMb&sig=Cg0ArKJSzCQBXCU03SfIEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame 54E4 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 10:36:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68589
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 10:36:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 54E4 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49309
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1673441803913192"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 05:39:40 GMT
dv-measurements3414.js
cdn.doubleverify.com/ Frame 8E18 		558 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3414.js
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::217:9a8a -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c5b6598bb3fd9be4f047ef800229bc4be9a8427eae76e3008d66a3a41d947c6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Wed, 18 Jan 2023 05:39:40 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15 Jan 2023 10:41:13 GMT
Server
Microsoft-IIS/10.0
ETag
"806a3de3cd28d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
109205
dv-measurements3414.js
cdn.doubleverify.com/ Frame 7D6B 		558 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements3414.js
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:11a::217:9a8a -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c5b6598bb3fd9be4f047ef800229bc4be9a8427eae76e3008d66a3a41d947c6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Wed, 18 Jan 2023 05:39:40 GMT
Content-Encoding
gzip
Last-Modified
Sun, 15 Jan 2023 10:41:13 GMT
Server
Microsoft-IIS/10.0
ETag
"806a3de3cd28d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
109205
i.match
s.tribalfusion.com/z/ Frame AE81
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKnnfDJ31GkA1aFdzijsGVY&google_cver=1&google_push=AavPq0M3efxBhR3TJ-fOqLGVFfSx7NdpcKE9YxvYHYU0QQ6v6_Qt53y3DLMphERhP0ZyJw0hQd2tQuRqprOroqNQV7wJ8dhYfrdOD...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKnnfDJ31GkA1aFdzijsGVY&google_cver=1&google_push=AavPq0M3efxBhR3TJ-fOqLGVFfSx7NdpcKE9YxvYHYU0QQ6v6_Qt53y3DLMphERhP0ZyJw0hQd2tQuRqprOroqNQV7wJ8dhYfrd...
43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKnnfDJ31GkA1aFdzijsGVY&google_cver=1&google_push=AavPq0M3efxBhR3TJ-fOqLGVFfSx7NdpcKE9YxvYHYU0QQ6v6_Qt53y3DLMphERhP0ZyJw0hQd2tQuRqprOroqNQV7wJ8dhYfrdODw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0M3efxBhR3TJ-fOqLGVFfSx7NdpcKE9YxvYHYU0QQ6v6_Qt53y3DLMphERhP0ZyJw0hQd2tQuRqprOroqNQV7wJ8dhYfrdODw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:40 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
78b4fdd18abc2c3a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:40 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
442
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKnnfDJ31GkA1aFdzijsGVY&google_cver=1&google_push=AavPq0M3efxBhR3TJ-fOqLGVFfSx7NdpcKE9YxvYHYU0QQ6v6_Qt53y3DLMphERhP0ZyJw0hQd2tQuRqprOroqNQV7wJ8dhYfrdODw&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0M3efxBhR3TJ-fOqLGVFfSx7NdpcKE9YxvYHYU0QQ6v6_Qt53y3DLMphERhP0ZyJw0hQd2tQuRqprOroqNQV7wJ8dhYfrdODw%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
78b4fdcf98d02c3a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AE81
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WThlR0d3QUFBVFFfSlFBRg==&google_gid=CAESEA5URhbn9_2LwSIXESOTtGo&google_cver=1&google_push=AavPq0NpCFys289D1E38s7vhvIqXUiv_nu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WThlR0d3QUFBVFFfSlFBRg==&google_gid=CAESEA5URhbn9_2LwSIXESOTtGo&google_cver=1&google_push=AavPq0NpCFys289D1E38s7vhvIqXUiv_nugG8n6YUUfQ8m3h5GjUhcA0FzXsYHO4BBDA8jWrGcVU3lsgCdE7Vk6jI255k8H-GsrKeg
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-hhn-etou8220053-HHN
pragma
no-cache
date
Wed, 18 Jan 2023 05:39:40 GMT
via
1.1 varnish
server
Varnish
x-timer
S1674020380.080785,VS0,VE0
x-cache
HIT
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=WThlR0d3QUFBVFFfSlFBRg==&google_gid=CAESEA5URhbn9_2LwSIXESOTtGo&google_cver=1&google_push=AavPq0NpCFys289D1E38s7vhvIqXUiv_nugG8n6YUUfQ8m3h5GjUhcA0FzXsYHO4BBDA8jWrGcVU3lsgCdE7Vk6jI255k8H-GsrKeg
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame AE81
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEL4qwffallbg4APGkkA7Eos&google_cver=1&google_push=AavPq0Ovuw_M4bN5XRkg0v_KxA5ZTGK0D27H-kqDV4igl7B_WuM1KunU1TW2wWs5Kcy_UL0ko0e4M7T_jg1_JIuLhAkRV9m...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0Ovuw_M4bN5XRkg0v_KxA5ZTGK0D27H-kqDV4igl7B_WuM1KunU1TW2wWs5Kcy_UL0ko0e4M7T_jg1_JIuLhAkRV9mwCpEQbA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0Ovuw_M4bN5XRkg0v_KxA5ZTGK0D27H-kqDV4igl7B_WuM1KunU1TW2wWs5Kcy_UL0ko0e4M7T_jg1_JIuLhAkRV9mwCpEQbA
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AavPq0Ovuw_M4bN5XRkg0v_KxA5ZTGK0D27H-kqDV4igl7B_WuM1KunU1TW2wWs5Kcy_UL0ko0e4M7T_jg1_JIuLhAkRV9mwCpEQbA
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame AE81
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=f97sp8sOSnGYwIDpHe046g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=f97sp8sOSnGYwIDpHe046g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0Mm21fagNJF6Rcfo1-2UrI9R-g_-gWS7CiPN33XtciohbF0s04gnPdTxNxRB0LXM1DPzwPtA2NGrC67W7pmwBqHMoUWplJA
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=f97sp8sOSnGYwIDpHe046g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0Mm21fagNJF6Rcfo1-2UrI9R-g_-gWS7CiPN33XtciohbF0s04gnPdTxNxRB0LXM1DPzwPtA2NGrC67W7pmwBqHMoUWplJA
date
Wed, 18 Jan 2023 05:39:38 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame AE81
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFOT8u3QB0yKbiH9qhOuxho&google_cver=1&google_push=AavPq0OSjJjtQlm3toBm1bQdZgikF8IoXzEoGXQFzLclUfG8FscnzNLwHLLSLLiVff2rtuEG9xdgzVVdhBBaUZ5oG...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0OSjJjtQlm3toBm1bQdZgikF8IoXzEoGXQFzLclUfG8FscnzNLwHLLSLLiVff2rtuEG9xdgzVVdhBBaUZ5oGK78oYnnavo06g&google_hm=GAVzvGZHiAds3QEsQse5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0OSjJjtQlm3toBm1bQdZgikF8IoXzEoGXQFzLclUfG8FscnzNLwHLLSLLiVff2rtuEG9xdgzVVdhBBaUZ5oGK78oYnnavo06g&google_hm=GAVzvGZHiAds3QEsQse5Kv6H
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 18 Jan 2023 05:39:40 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AavPq0OSjJjtQlm3toBm1bQdZgikF8IoXzEoGXQFzLclUfG8FscnzNLwHLLSLLiVff2rtuEG9xdgzVVdhBBaUZ5oGK78oYnnavo06g&google_hm=GAVzvGZHiAds3QEsQse5Kv6H
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame AE81
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEIvPrrkBtMwrD4-xniEDbiQ&google_cver=1&google_push=AavPq0P4fT_BF2LULmsgsi0-1MlJ3vG1SpS--uwrYE6jU-fhNIHE-eo9WCHOVvuyqhYamKToLE...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RSHI1ZFpaRTJ1RjZ1MGk5VG16aTRCMy4yY2twZnBaQn5B&google_push=AavPq0P4fT_BF2LULmsgsi0-1MlJ3vG1SpS--uwrYE6jU-fhNIHE-eo9W...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RSHI1ZFpaRTJ1RjZ1MGk5VG16aTRCMy4yY2twZnBaQn5B&google_push=AavPq0P4fT_BF2LULmsgsi0-1MlJ3vG1SpS--uwrYE6jU-fhNIHE-eo9WCHOVvuyqhYamKToLEEry7m4ZedeFkJo41CgrCTS_4xVhEc
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1RSHI1ZFpaRTJ1RjZ1MGk5VG16aTRCMy4yY2twZnBaQn5B&google_push=AavPq0P4fT_BF2LULmsgsi0-1MlJ3vG1SpS--uwrYE6jU-fhNIHE-eo9WCHOVvuyqhYamKToLEEry7m4ZedeFkJo41CgrCTS_4xVhEc
date
Wed, 18 Jan 2023 05:39:40 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
report
sync.teads.tv/um/ Frame AE81
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEHvCyjwk2ho6oo5dQH3T4qs&...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=AavPq0Oni0QAjly7sWlOQG5gYwchhyAKcN0SEkk3CXwQucay9mGKkbUXPw2fo5rnC5bF1OrfGKCQqlHrbTNqupSdQTQr8366GQwvt6g
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
23.203.125.36 -, , ASN (),
Reverse DNS
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

expires
Wed, 18 Jan 2023 05:39:40 GMT
pragma
no-cache
date
Wed, 18 Jan 2023 05:39:40 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:40 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame AE81 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KPZg94waoRrDPWG4jj_EkrTbBaREOcNLS-nlzpOyoj1VPEkTGyNs7n-b6SJMb-kd-VLyolJZ8
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 9D3A
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELaGFrIZPW0PjS2POVMGjNM&google_cver=1&google_push=AavPq0O96boC1D6wfhNAnaG_3angnG1pErq5hQUBfFWsoy7HtXLIimCMcz...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0O96boC1D6wfhNAnaG_3angnG1pErq5hQUBfFWsoy7HtXLIimCMczS7Zo8Ztw_swn4CkBBPLgJuPbaHc-xuK9_8oEUIIDwZ&google_hm=pb5vrVlp28Fz...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0O96boC1D6wfhNAnaG_3angnG1pErq5hQUBfFWsoy7HtXLIimCMczS7Zo8Ztw_swn4CkBBPLgJuPbaHc-xuK9_8oEUIIDwZ&google_hm=pb5vrVlp28Fz6MxAAfLgHw
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AavPq0O96boC1D6wfhNAnaG_3angnG1pErq5hQUBfFWsoy7HtXLIimCMczS7Zo8Ztw_swn4CkBBPLgJuPbaHc-xuK9_8oEUIIDwZ&google_hm=pb5vrVlp28Fz6MxAAfLgHw
pragma
no-cache
date
Wed, 18 Jan 2023 05:39:40 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
466606.gif
id.rlcdn.com/ Frame 9D3A 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAavPq0MT9SH6V74NlzDXoIC6itwfdT39pdAROz9dhOkx3a147wfOVZXoqe6h8GFv5JHMvRWHwgzIafeedKPu52jlcz98BjcjPdcx&google_gid=CAESEIYUH75xIIpZ3jjA9rcuCWU&google_cver=1
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 9D3A
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAavPq0PUBiyS...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAavPq0PUBiyS...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAxMTgwNTM5NDAwMDAxMDY4OTA3NjQyNw%3D%3D&google_push=AavPq0PUBiySNPoFt4U10ntsRL5ZhLEmmaTDsszRVp88FG0fU1P-lxcBIlegI4-HnudsU3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAxMTgwNTM5NDAwMDAxMDY4OTA3NjQyNw%3D%3D&google_push=AavPq0PUBiySNPoFt4U10ntsRL5ZhLEmmaTDsszRVp88FG0fU1P-lxcBIlegI4-HnudsU3jJL5-a-aqMegdNS4OLfN8qVFfTWEw0
Protocol
H3
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzAxMTgwNTM5NDAwMDAxMDY4OTA3NjQyNw%3D%3D&google_push=AavPq0PUBiySNPoFt4U10ntsRL5ZhLEmmaTDsszRVp88FG0fU1P-lxcBIlegI4-HnudsU3jJL5-a-aqMegdNS4OLfN8qVFfTWEw0
pragma
no-cache
date
Wed, 18 Jan 2023 05:39:40 GMT
cache-control
max-age=0, no-cache, no-store
strict-transport-security
max-age=2628000
content-length
0
expires
Wed, 18 Jan 2023 05:39:40 GMT
dds
rtb.openx.net/sync/ Frame 9D3A 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEGnJDIXsqNUYa_QwTeLcFxs&google_cver=1&google_push=AavPq0NbyL3MXQlUy9YKM7ZWH8u0Kr7pzN8d_Oq87dWTfeXQXX9Caa1-711DedVkZJLs-E8SBev_ZRAv5kh9irhr0DI9tTQj3NVT
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:39 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
4raumq410siup154taho0m9k116j4h8g
pixel
cm.g.doubleclick.net/ Frame 9D3A
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Nz9i3jiJQTqanqAS_A8kWw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Nz9i3jiJQTqanqAS_A8kWw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0MPZvePiv7zI3qcCBGPWWqDSXofdE3Tnsbte0j0AcMmfZ-jU7UpF9S7UyYotYxm3Y8uPFF_U7GAn1lmE7plhcFT93exCfj9
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Nz9i3jiJQTqanqAS_A8kWw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0MPZvePiv7zI3qcCBGPWWqDSXofdE3Tnsbte0j0AcMmfZ-jU7UpF9S7UyYotYxm3Y8uPFF_U7GAn1lmE7plhcFT93exCfj9
date
Wed, 18 Jan 2023 05:39:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 9D3A
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECIA3Spa6cqZjJ78FyfHnUw&google_cver=1&google_push=AavPq0MHon9TkKhLoaNlFs4WKmHBW_7sx50MOfxoAX1ocOKJdHQXRQkKQYN9V0Ky3m_b_oF4y4t...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQxOElHOU4tNS02WjJT&google_push=AavPq0MHon9TkKhLoaNlFs4WKmHBW_7sx50MOfxoAX1ocOKJdHQXRQkKQYN9V0Ky3m_b_oF4y4t370eXcsNdRnmmjIF-wSAMWVe_
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQxOElHOU4tNS02WjJT&google_push=AavPq0MHon9TkKhLoaNlFs4WKmHBW_7sx50MOfxoAX1ocOKJdHQXRQkKQYN9V0Ky3m_b_oF4y4t370eXcsNdRnmmjIF-wSAMWVe_
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEQxOElHOU4tNS02WjJT&google_push=AavPq0MHon9TkKhLoaNlFs4WKmHBW_7sx50MOfxoAX1ocOKJdHQXRQkKQYN9V0Ky3m_b_oF4y4t370eXcsNdRnmmjIF-wSAMWVe_
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame 9D3A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJRnpIttTXNm759J83SyFy8&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJRnpIttTXNm759J83SyFy8&google_push=Aa...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJRnpIttTXNm759J83SyFy8&google_hm=Y8eGHAHHdOeRBRadr76vogAABJEAAAAB&google_nid=index&google_push=AavPq0PThzFBqIGnCL18ErewxAQmeKNVfvROG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJRnpIttTXNm759J83SyFy8&google_hm=Y8eGHAHHdOeRBRadr76vogAABJEAAAAB&google_nid=index&google_push=AavPq0PThzFBqIGnCL18ErewxAQmeKNVfvROGAWk7SRX9gPb1KnMamSrrYrNOBHAM-Hy93f4B4XfjqaXGARg4ClfdoaGqa4KevK9
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WWsoXsLRuSOUrMCeb7r7x0Bvoku8Ukiaf1E39bsI9zqFLOhxDEXqm2Q0EWrdlYabvcNLigMs1RbVsMK9XorXAd8HBUw9cbjIsMibrDiyEMPRvbUmCu954trKPM9lUMpPXvelo8udcwPwmw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJRnpIttTXNm759J83SyFy8&google_hm=Y8eGHAHHdOeRBRadr76vogAABJEAAAAB&google_nid=index&google_push=AavPq0PThzFBqIGnCL18ErewxAQmeKNVfvROGAWk7SRX9gPb1KnMamSrrYrNOBHAM-Hy93f4B4XfjqaXGARg4ClfdoaGqa4KevK9
cache-control
no-cache
cf-ray
78b4fdd1ac93910a-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 9D3A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KGWirkxfYqv_M9kioqqJqc2oSequFsGojiY8v2H_YQAagXOXbIeg3E7LZu--TS5tP9sdML
Requested by
Host: 08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
URL: https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
pagead2.googlesyndication.com/bg/ Frame EE58 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 17:00:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45553
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16095
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Jan 2024 17:00:27 GMT
player.js
player.aniview.com/script/6.1/ 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js
Requested by
Host: tg1.selectmedia.asia
URL: https://tg1.selectmedia.asia/api/adserver/spt?AV_TAGID=60e7ec078903a3059a28136d&AV_PUBLISHERID=5f69ee2786f50a6e302c104c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8fdebdb653ac2917fd6373766a74ed807b1df2b03fc20e7c9240932318bcd88f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Wed, 18 Jan 2023 05:39:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Jan 2023 11:39:33 GMT
ETag
"1673869173"
X-HW
1674020380.dop220.lo4.t,1674020380.cds056.lo4.shn,1674020380.dop220.lo4.t,1674020380.cds264.lo4.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
10381
track
track1.aniview.com/ Frame C6DB 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5f69ee2786f50a6e302c104c&cid=637a30c6a5b7384b2a30c874&cb=1674020380101&r=inews.hket.com&stagid=60e7ec078903a3059a28136d&stplid=637a3a93fda2bc1cf6683a53&d35=&d65=&e=playerLoaded
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.83.62.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
track-selectmedia.com/trackv2/ Frame C6DB 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv2/?url=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%3Fr%3Dcpsdlc&publisher=5f69ee2786f50a6e302c104c&channel=637a30c6a5b7384b2a30c874&tag=60e7ec078903a3059a28136d&template=637a3a93fda2bc1cf6683a53&errorType=Missing&selector=.content%20p%3Anth-of-type(6)%2C%20.article-detail-content-container%20p%2C%20.template-default.hket-row.feature-topic%40before%2C%20.template_item%3Anth-of-type(4)%2C%20.items-area%20.item-area%2C%20.realtime-stock-market-indexes-area&selectorPriority=0&p1=p1
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.33.6 -, , ASN (),
Reverse DNS
Software
fasthttp /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
via
1.1 google
server
fasthttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
integrator.js
adservice.google.de/adsid/ Frame 9C8E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=inews.hket.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 -, , ASN (),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9C8E 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=inews.hket.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 9C8E 		333 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3527826757056788&correlator=2709928529076685&output=ldjh&gdfp_req=1&vrg=2023011001&ptt=17&impl=fif&iu_parts=21927187246%2C549921_hket.com_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=1373936127&sfv=1-0-40&sc=1&cookie=ID%3D3e60d30139bf569d%3AT%3D1674020377%3AS%3DALNI_Mbp2zYSQ5IdlTAKieBSTQb7F8Of7A&gpic=UID%3D00000ba4a3d57d02%3AT%3D1674020377%3ART%3D1674020377%3AS%3DALNI_Ma7GyIoHEMBuOx2sQizeZxrOzLgNg&abxe=1&dt=1674020380373&lmt=1674020380&dlt=1674020378836&idt=1270&adxs=637&adys=2709&biw=1600&bih=1200&isw=1&ish=1&scr_x=0&scr_y=0&btvi=1&ucis=yon3qxximc0t&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%3Fr%3Dcpsdlc&ref=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%3Fr%3Dcpsdlc&top=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%3Fr%3Dcpsdlc&frm=23&vis=1&psz=0x0&msz=1x0&fws=256&ohw=0&ea=0&ga_vid=383476091.1674020377&ga_sid=1674020380&ga_hid=1369986966&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd613120d73632e2cd2695221af7e32ff44f3a395435578eb444f2d5a453bcf8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35736
x-xss-protection
0
google-lineitem-id
5939040204
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138383445689
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://inews.hket.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e1056743d6f65dd29dd2bd1d16e6e1d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F344 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e1056743d6f65dd29dd2bd1d16e6e1d2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://inews.hket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 18 Jan 2023 05:39:40 GMT
expires
Thu, 18 Jan 2024 05:39:40 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame CF04 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
30916876
x-guploader-uploadid
ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F98L24XazGJkbaOBNNn90ImWUG7W2pZ8mngQB0L59tfZkcZm8NxiS2dOsemeBr3fttCMaouZMgv53nK%2FYyu3s%2FFVIKtNXn%2FBQ%2BkKa0FhotAMPH3XPq7jCEVbRGmxM3bPYM1P5A5P3mtVIc6B%2FxdkdaT7"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
78b4fdd18b8930d8-FRA
expires
Wed, 25 Jan 2023 09:38:24 GMT
OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
pagead2.googlesyndication.com/bg/ Frame E9C1 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/OU_aD-3-G2pcaJqwlUagl315JVS_daCE4k47Wxj7Xso.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 17:00:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
45553
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16095
x-xss-protection
0
last-modified
Tue, 03 Jan 2023 14:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 17 Jan 2024 17:00:27 GMT
frame.html
ad4m.at/ Frame 86CA 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1848865
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
78b4fdd19eed8ffa-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 18 Jan 2023 05:39:40 GMT
expires
Sat, 26 Nov 2022 23:36:57 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RUT2lrfV6K7IMPIa3M4OKeFzPb4o8dDGN78wR2lsdj%2F95vwDZy12u%2BrdQDIIiWgV2xlGz5wL%2Ffy3R%2FFsBdWfv2RLaIZtVTEt3eBoDOjlotI9PfD9vhDYsKUxvXnavF5EYdlPLAI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
frame.html
ad4m.at/ Frame AB69 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1848865
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
78b4fdd19eef8ffa-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Wed, 18 Jan 2023 05:39:40 GMT
expires
Sat, 26 Nov 2022 23:36:57 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRc1FKBI7PfqL48bQr%2BrDtBE2QPgCWthMOkHteBmiwMMH6pbPJURIyS4aV790mFIEs8bsrerfG6aC67vhIryqKllviGxuz36XjcHaWHUdVFq5z5Iwk7vgCthMAvTpRsuTRPDBQc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
chevron.png
s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/images/ Frame 8F23 		190 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/images/chevron.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/styles/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14245eab55603b4b55aac867e5afeceeaf955a8157979939ce375e3fba70a8fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/styles/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 06:27:16 GMT
x-content-type-options
nosniff
age
601944
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
190
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 03:26:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 06:27:16 GMT
aldine_light.woff2
s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/fonts/ Frame 8F23 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/fonts/aldine_light.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/styles/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
173332e93cda257ff7e87e0e21b0b2d164217742f8002933ef6fb2f8f4e5c498
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/styles/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 10:06:53 GMT
x-content-type-options
nosniff
age
588767
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24316
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 03:26:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 10:06:53 GMT
visit.js
tps.doubleverify.com/ Frame 8E18 		1008 B
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=394&ttfrms=38&brid=3&brver=109.0.5414.74&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3A%3F6HD%5D9%3C6E%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3A%3F6HD%5D9%3C6E%5D4%40%3ETar9EEADTbpTauTau_g7_5ce%60b66c64g37caac33ecdgeeadg%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau%3A%3F6HD%5D9%3C6E%5D4%40%3ETau2CE%3A4%3D6Taubcbghad&srcurlD=0&aUrlD=-1&ssl=https:&dfs=301&ddur=612&uid=1674020380468567&jsCallback=dvCallback_1674020380468881&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.74%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3414&tgjsver=3414&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=17&brh=2&sdf=2&dvp_epl=299&noc=4&nav_pltfrm=Win32&ctx=13361095&cmp=28887302&sid=443002&plc=353276808&crt=182017995&btreg=544407136&btadsrv=doubleclick&adsrv=1&advid=8650961&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=1621248200699.5051&dvp_tukv=54188068.0060263&dvp_uuid=524240194.3453427&dvp_strhd=0.7999992370605469&dvpx_strhd=0.7999992370605469&dvp_tuid=1238110327931&jurtd=2454100432
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3414.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.25 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
5546ef4fe55e4ac52b2529ab6fd4d567b3297ed9153f03e15e9895b9daef56f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Jan 2023 05:39:41 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Expires
01/17/2023 05:39:40
config.js
s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/config/ Frame 8F23 		944 B
556 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/config/config.js?r=0.05116006352447422
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/scripts/logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
153ad13938fbd67629df67b2c2836633ee74b91a4afa26547d17a8f66922a107
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
527
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 03:26:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Jan 2024 05:39:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 54E4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVy9fK7wwX20tTI1RdLpIiJeIVez6WPe2tiCN5YLQHAHTJrVhhK5wnkbH06dRA6U5Qa2fXSu9IE0RKtbwQZbqYsN2KZi3hUzXXKdWZHWFA_Qp-2natkCIDgMbpiuMzgWOwqH02XKt_h2Yp1Kwel9iSkTtk8TMK-K7gf3aG4CpOzDLed1aF-oki6UqdGmm2c6LR2gx_zdohm5etKQ0E6q_4sDXmgZ4UswwyNOsw3y573pFPgkwWQAIJvWVHpnLWVZjHA9w_LkZr-3AZqX9cKCFJoQQjOY87jlUnw_Bu4GWlgLT-Whl64nrCycn-iKyVpM9Y9ckOLPjHaZE&sai=AMfl-YQCIqY_527E6zm5yAcqgbUUcorNbWHK2eTckOHTakUVgKuUgraFji-ifMCXQskcgGFNa72CIH7t90w3lhhPCf15tiH2VNUHwA1zi9XxZS66CloyQBeMZWdITbxBUtRy&sig=Cg0ArKJSzKX6wlKlffsSEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 18 Jan 2023 05:39:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame DFCF 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsurCeyE8bdwjSt0fLw0w8WvNeAGOeQAA6igKf-GcOFcVbLRPA9O_EpfwjcwC6jqJxolnvIEpod6WIJAPjtsPMb-8LIHCWaOPcrVx8V74ho03oIjW6EajqxxdfonR9x_JNKP_IKU52m_EFmk0aAgNOjrVhYVbmXuaMDDOZdcHswXEwkTcYyuJXOCQWojlN-r1DqFA9V8ryiTZXKBCUEfNRvftHeNnZdxmqKzsA0lBPUTK7950UL9wXZbGsDpARaAw5az-kd2IY0CzYj1tVPPb1NAsPEQS0QF_vsgxtluBZX_hJU9UfgUb951D8tRr8t2NuBdg6A12T7NCwVdf7dWJesn-A2wjJe4Deo&sai=AMfl-YTvggiv0aEN5CXgFGPncsHiNi64Lm6SdQyj-qIg1FgEfcS-FMJTx0RbNHsxuFs56FVRmUVk_FdWc-zwI15Q6cEDn38kZqliAm74Bx6JI1pahVTfjHbzwHcqMt7y2tsI&sig=Cg0ArKJSzJV060U0D7UAEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 18 Jan 2023 05:39:40 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame DFCF 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76c6d47763b287f92fc311096fde139b91400e1f5214fca2b4b6ed77094368a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11095
x-xss-protection
0
visit.js
tps.doubleverify.com/ Frame 7D6B 		1008 B
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=471&ttfrms=6&brid=3&brver=109.0.5414.74&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3A%3F6HD%5D9%3C6E%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3A%3F6HD%5D9%3C6E%5D4%40%3ETar9EEADTbpTauTau_g7_5ce%60b66c64g37caac33ecdgeeadg%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTau%3A%3F6HD%5D9%3C6E%5D4%40%3ETau2CE%3A4%3D6Taubcbghad&srcurlD=0&aUrlD=-1&ssl=https:&dfs=305&ddur=591&uid=1674020380534105&jsCallback=dvCallback_1674020380534910&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F109.0.5414.74%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=600&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3414&tgjsver=3414&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&fcifrms=17&brh=2&sdf=2&dvp_epl=299&noc=4&nav_pltfrm=Win32&ctx=13361095&cmp=28887302&sid=443002&plc=352921673&crt=181655972&btreg=544401832&btadsrv=doubleclick&adsrv=1&advid=8650961&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=12278515613.673208&dvp_tukv=29050146527.61209&dvp_uuid=228958286.03990683&dvp_strhd=0.39999961853027344&dvpx_strhd=0.39999961853027344&dvp_tuid=688808182746&jurtd=3935214180
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3414.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.25 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
28917fe73c4bb5e6c16897c992ce0c8ead44fe23ff5230af9f2eef2cbbfd88e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 18 Jan 2023 05:39:38 GMT
Content-Encoding
br
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Expires
01/17/2023 05:39:40
view
securepubads.g.doubleclick.net/pcs/ Frame 1038 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKSogsXMJU8BTBVussVIzcEdDxySGEDkkeDKDiDVoOgmj69-nkdI0nsoIRGzeR9_Bw3sw8CRb-a3mMH89RTEltwjyLCVMZG1RnF8TWNDb0bsuS3mh0y4DkTvzHOEhHDtxaq5QExKy8P8ODRf7rD5Y4KPvOdM6copHhPTHBWy8a6AiIyqhP04UEkewdXA1w2_v8hCdLr7OUE-LlGazTYjloL0YVDjpQR19Wvh98T3EPTpwDWxCftR7IX75w0yNw_2Ci6_9Q5RBzy7_3NO5FfYkl-Tjjy_DFp0B5QpTaej8Be-NNwDbO-7AhrnGo64cbHfesLUBJiAZz8jNmog&sai=AMfl-YQ75rnu4O7WHgTT8DP5rliv1B9KfqCN2zV2CLUR1LwE0lEUYEpksCNnwA0IrgqV4gAJdcY8jTRFOjJETshi2z1pLJ-xe4mXBeT9d-ZfFRQJ-dDZE1JNF5OQ4SggTgXO&sig=Cg0ArKJSzE5wMIPjC_T6EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ Frame 1038 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Tue, 17 Jan 2023 10:36:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
68589
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 17 Jan 2024 10:36:31 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1038 		157 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49309
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1673441803913192"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 05:39:40 GMT
chevron.png
s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/images/ Frame 5BA2 		190 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/images/chevron.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/styles/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14245eab55603b4b55aac867e5afeceeaf955a8157979939ce375e3fba70a8fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/styles/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 10:05:56 GMT
x-content-type-options
nosniff
age
243224
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
190
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:13:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 10:05:56 GMT
aldine_light.woff2
s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/fonts/ Frame 5BA2 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/fonts/aldine_light.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/styles/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
173332e93cda257ff7e87e0e21b0b2d164217742f8002933ef6fb2f8f4e5c498
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/styles/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 10:04:29 GMT
x-content-type-options
nosniff
age
156911
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24316
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:13:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 16 Jan 2024 10:04:29 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DFCF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 05:39:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame C6DB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuv8a05e8j2SlqXNLfvSjHxbapXSvbIyO_vVPRgc5imdZwgtHqbCHPbTbTtGOTMw1OkyABrUzii5mkPhBnJzBW7ZoLlkukTTFQlHNX1U7K8cxYC9pysTowymCU9PuHwoFdiveLpuMjFnkZ6lhK803gSnCeraJ3Bu_rKZzP2zrJHR91sSe3gwR8QZ8TsAjJgCwKWgvgSDZ8-gS9eN9shTts44KQWfjPmoBYFAc7SVaod63_mJlMHq1KYvR7Xkfit1XEq7-VA4YEv0CHb36XMVffZ9Z-rQZVi1fXt0LWhGRsMzc18IjIXfImpP-Oi07n64Bja8RgfFOQckR7IX5s9z1jvc1YXmZiYBkOl&sai=AMfl-YSAr15r96FK0_MCm19qoksEAgGAdOD1Vgp9rZVAkj1Or8YmYp6b_cQUh-Kc5pRGP2XEG5cdI2x3DbEftfqNOvFFR-hlAnaDG90hMssjooH3GEhPXcOvYyaSnK2-Z7kl&sig=Cg0ArKJSzCI6YD3hAX9fEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 18 Jan 2023 05:39:40 GMT
config.js
s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/config/ Frame 5BA2 		732 B
498 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/config/config.js?r=0.2549959410733367
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/scripts/logic.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
251e23220f8b0c7dd2a363422610e911ca4a8ebb0ec036d32d821dbb5dbc0da9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
466
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:13:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 18 Jan 2024 05:39:40 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame 7BBD 		432 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f69ee2786f50a6e302c104c
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ca01b2bf4b39731266cb0b009375ced6630ecc36b7623802f47036fe172499d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Wed, 18 Jan 2023 05:39:40 GMT
Content-Encoding
gzip
Last-Modified
Mon, 16 Jan 2023 11:39:33 GMT
ETag
"1673869173"
X-HW
1674020380.dop220.lo4.t,1674020380.cds056.lo4.shn,1674020380.dop220.lo4.t,1674020380.cds274.lo4.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=600
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
118542
coupleHoldingHands-tier1-874x108.jpg
s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/images/ Frame 8F23 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/images/coupleHoldingHands-tier1-874x108.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
12b80fdc79fc51393b9f956c71cb2a6187bff74aad1ba070982c5ef05058561f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 16:09:13 GMT
x-content-type-options
nosniff
age
135027
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17958
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 03:26:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 16 Jan 2024 16:09:13 GMT
connector.png
s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/images/ Frame 8F23 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/images/connector.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f2847813534152374df0ae61a153d09fc73c4d3b654b8d4e65adce47ba4ad00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 10:07:24 GMT
x-content-type-options
nosniff
age
243136
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76141
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 03:26:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 10:07:24 GMT
aldine_light_italic.woff2
s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/fonts/ Frame 8F23 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/fonts/aldine_light_italic.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/styles/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d648af4f9d9a671112b42da882063bace254931e0674e8700d59ed05ce526d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/styles/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 10:06:53 GMT
x-content-type-options
nosniff
age
588767
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26720
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 03:26:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 10:06:53 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 1038 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyyn7cxTCDpBYiw1jzQvp8S-o31x4GSkM0oA98bRvdXiyWvFcbLPTZu_E6X5tR2xAi7F52b1UfbrZPV-liGlNX-XNW34vAtkN77Y2r3UsesyrdHk2wZA7wntDwoE1PlnAFSjJpObWbv5RH5AW0bcNUaFv7MREJZRff0dR4-W-_SnpRd-hW-p2mkBneYItGDvYHUkLJHQdRm-_fcM1CtiEsSkDPM5MQdb3fVxLdSyE70YIu4x-lGPPWwXtBLs0DFghc0IN9lQmEq_D8U6LuhiqSy_jsE2s7m05bVv3BGyhYuu8uUxBYuX6v6VzJbLfknF7xe4ptOsKn7vIZUCZu&sai=AMfl-YTaucQc1odkXOTwTzo4YeH1L68GiF4lmC6D0lKMDDxKCQPNV9gBCMm7CrwuXU8K_J3D11iGvAwKjQgJKcpHz0AKPJph6vtKtM6Xjv58223ZFBWLI-t8R5wGSmXBSt2a&sig=Cg0ArKJSzDakq_Yl04YOEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 18 Jan 2023 05:39:40 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9C8E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswllncZbIXhCRTsfIQUDxcnDD34JAPdxwOgFOD0fjH1It20DeocX4gAOUAty1hDUofouJ9903Dp4owm3iaQsGIOBLvfKQMPKyxJCpJl-1sAC0oimvCGzD1bqeTf_bA-GjRfasnAuAJdGrC41k4e6-sK2ZiXBAVrs_ZgLTNhIhArAnVzALEQjpCGCcLjx-ZhNe9AmHCnq4JwDj70ybHAfpNHE6gAhBbYMoVNkCNLHeOPnjVdQQZ-arljLGO0fvwOhoMPLi7ybtlrbYtkWwutaIMQrMSMSbBNWhUjE0fnNNwnf0WebnNTOhT4EpTDLJmfUfRVtcEWY6JRybcfvBVU-Kmy91Qv2bo&sai=AMfl-YSEI__-ZqlEpj2e7arfVwg1Bil4ZbGg1n_XkvKBgeaA8sCMX3VVQSb00veQvItZGeM9QPwy6ZEBES9bmPieBm4akDL2UhR1Pm2WWevsjbnS8nstVXhJ5f08JdXvtilU&sig=Cg0ArKJSzAQ9VLYHJbL5EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 18 Jan 2023 05:39:40 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9C8E 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011001&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc54bb80c94127617cc0f018af91f09c6e2906affafb3a09191cdf2d574a0397
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11075
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7061 		13 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://inews.hket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
24416
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Jan 2023 22:52:44 GMT
expires
Wed, 17 Jan 2024 22:52:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7A4B 		783 B
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-seLhtuS8tMRG4beZVAAg1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://inews.hket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-seLhtuS8tMRG4beZVAAg1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 18 Jan 2023 05:39:40 GMT
expires
Wed, 18 Jan 2023 05:39:40 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
coupleHoldingHands-tier1-360x720.jpg
s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/images/ Frame 5BA2 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/images/coupleHoldingHands-tier1-360x720.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06aa0595d899b7218859aeea75cc08f72856ef5e57947b7c267f73a85ced0c15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Mon, 16 Jan 2023 10:04:29 GMT
x-content-type-options
nosniff
age
156911
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49958
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:13:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 16 Jan 2024 10:04:29 GMT
connector.png
s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/images/ Frame 5BA2 		74 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/images/connector.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f2847813534152374df0ae61a153d09fc73c4d3b654b8d4e65adce47ba4ad00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 10:05:56 GMT
x-content-type-options
nosniff
age
243224
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76141
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:13:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 10:05:56 GMT
hotel_names.json
s0.2mdn.net/json/ Frame 8F23 		43 B
66 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/json/hotel_names.json
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/scripts/custom.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:29:17 GMT
x-content-type-options
nosniff
server
sffe
age
623
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Wed, 18 Jan 2023 05:44:17 GMT
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		740 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		782 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type
image/svg+xml
vidsplay_auto_pass_pre.txt
play.selectmedia.asia/58fcbed1073ef420086c9d08/61ee65872a8cca2e222014bb/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.selectmedia.asia/58fcbed1073ef420086c9d08/61ee65872a8cca2e222014bb/vidsplay_auto_pass_pre.txt
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5f69ee2786f50a6e302c104c
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:4::212:4f0e -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
91946212df335b6ff69f60002e3681e7ff5f95e2b2c2c6397a55128daaffbbae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Wed, 18 Jan 2023 05:39:41 GMT
Content-Encoding
gzip
X-GUploader-UploadID
ADPycduXHmsT0KxuBt2YQR8oDAV6LynMUbf7UrQvHD3w18MptCYoprBFb3JIKDDcbHki6hukdqzNOMSOoPvcZ5lWbkMzXgRQ3Bzp
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
1085
Last-Modified
Thu, 16 Jun 2022 10:24:04 GMT
Server
UploadServer
ETag
"a6155ee0fc17b8949feb30f9078476da"
Vary
Accept-Encoding
x-goog-generation
1655375044784411
x-goog-hash
crc32c=ipMucA==, md5=phVe4PwXuJSf6zD5B4R22g==
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, range
Cache-Control
public, max-age=1800
x-goog-stored-content-length
3151
Accept-Ranges
bytes
Content-Type
text/plain
Expires
Wed, 18 Jan 2023 06:09:41 GMT
/
go1.aniview.com/api/adserver/tag/ 		0
0
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=inews.hket.com&sn=&ic=0&tgt=0&app=&wi=640&he=360&test=&d36=6.2.74&apppkg=&fv=3&proto=https&clsid=67711c1c-1359-43da-9c43-3056b5299462&rando=17&pid=5f69ee2786f50a6e302c104c&cid=637a30c6a5b7384b2a30c874&stagid=60e7ec078903a3059a28136d&stplid=637a3a93fda2bc1cf6683a53&e=inventory&vi=0&cb=1674020380864
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.83.62.214 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
rs
ad4m.at/ Frame CF04 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
c940b5d6fc4e7d2f6b146c721f7d41698aad374e429f75f24af28a1ad04c5f00

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7bse9mp3BNMdH7TtpEhCGZ%2B7SuILBYui5cJQJyBeZgXQV54P%2F1JN00F4OvQpaDTak77FQla9NHhH%2Bq%2BO5SDhu%2BnLT4ZjRVFkpW4N6O1LLp6I0t78anulL8E8EQXNjw6LO8DFNWU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
78b4fdd4ccf691fc-FRA
x-backend-server
aa-reachservice-group-europe-west1-gxt5
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 5206 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2acd82ee52e265eae032ffcb67857ac6cab1cc111b5190f104c6271c9a6826b6

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QCZg%2FtjULnhLmU1EIsuJ3yq8HQ5f4uJF4BGZ3PBDwjr65nzDWhZUdVJDjKTUcBWSgqKsw02ZJl90%2BZn8gm2ExDQ6YKFe5zAwLGWM8ywR1%2Fh4935qnyTzV%2FdR5mc0bb8sard2fNQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
78b4fdd4ccf591fc-FRA
x-backend-server
aa-reachservice-group-europe-west1-tv6f
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
78b4fdd49cd591fc-FRA
content-length
24
content-type
text/plain
date
Wed, 18 Jan 2023 05:39:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKPeavem8jNr4y%2BQuPzo6MAsWhnwAbFcgOmSiX2UUlTzF1MPUdy4RkN1zhmsrKj50mraXbZpxTUNC32ber9cYskyq%2BBGC2dePBp0jBe7rvSdT4U3IGYnlDAq0BPcJ%2FpeV5c%2FqVo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-gxt5
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
78b4fdd49cd691fc-FRA
content-length
24
content-type
text/plain
date
Wed, 18 Jan 2023 05:39:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWQFOeUuCJhpR2wWCDbY3iGD4xIelOTHqViFqhl1WKlbpi80d%2BwSpb6NyrkPrycvs2CpCQjEv0cwxQrcZ88cIh%2FTsucUqDF8fq4Djet%2B5EXwO9RERQjQTram2Ec%2FruYO2ji%2FUl8%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-gxt5
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9C8E 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 18 Jan 2023 05:39:40 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E14C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuIEhFABaAUfyJx54zXXsTdhe6ZJuHv7JYQfxrgKZbXYKZyWQ96u98EkUfBGEUY9rN-ZJ46R5IKcOwFFbJBR4zhbiVgL-5IyIAorKeWD9S5oSRKH36qhDB6P6gSpRR1mKdSRmJzkoIX1EKF9dL56oB-Ey7Bq3UUgbUJmv6r6d4YCsPNRnxBlTg0fJS63Seh5kpkmvU-fuIz&sai=AMfl-YSl5YRHpgaZJkyCW-gEocXu65vPVC2xgVskdhVMcXDomMf8Devf0JKb4PxgTbxbx8OrP0uqcu04cuBZJDQh5c5DkMbZc8DQ3XD9amD8lteyqeP4YQBZEukTs21zkw&sig=Cg0ArKJSzE0mhx8OWd9jEAE&cid=CAQSOwDq26N974o112-g9uQ1aYunTA2ruGns02HXEzDymALbjufRDCZlg34NMfjBHatJf7e3-JUry9aJ0aY_GAEgEw&id=lidar2&mcvt=1080&p=363,1160,963,1460&mtos=1080,1080,1080,1080,1080&tos=1080,0,0,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2412761339&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674020378846&rpt=970&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame D700 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUlZYBV89U3S8brdpWtQ_OSzEVr98zMJMyuyIvmnDXkMd69HnlwFuzAmP7b4-1EtPHhN4r-MrKIzPQSuXuD6PSa3x63dzLiUp0COuA9O4_IdXHvBecHlHuuWSa0XRs8z96PTDndCcvb0u0EpyW9KfOK1pQVCeGiARk27HLHrKtNRbos1nXM2GdioLE6PncWql8m6QVwnCD&sai=AMfl-YR40BHNW9Ld3LzffR8UQU87VfydKi-WKEWfjdVZnkExfbsYOXVpmqu0AkFw2EceFUIVBOLphntE9-r4xRm72VxJ9LSfLFEPJjMy4_iPw7ECLc4et1ziQTbdinxMHQ&sig=Cg0ArKJSzHHu9Y2MkC7EEAE&cid=CAQSOwDq26N974o112-g9uQ1aYunTA2ruGns02HXEzDymALbjufRDCZlg34NMfjBHatJf7e3-JUry9aJ0aY_GAEgEw&id=lidar2&mcvt=1082&p=95,436,185,1164&mtos=1082,1082,1082,1082,1082&tos=1082,0,0,0,0&v=20230111&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3110530066&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674020378829&rpt=920&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 18 Jan 2023 05:39:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aldine_light_italic.woff2
s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/fonts/ Frame 5BA2 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/fonts/aldine_light_italic.woff2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/styles/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d648af4f9d9a671112b42da882063bace254931e0674e8700d59ed05ce526d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/styles/style.css
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 06:26:49 GMT
x-content-type-options
nosniff
age
601971
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26720
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:13:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 11 Jan 2024 06:26:49 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame DFCF 		0
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 54E4 		0
0
prebid-custom.js
rtbpass-us.andbeyond.media/ 		579 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbpass-us.andbeyond.media/prebid-custom.js
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86d3f947bf8f90984ba2f5e095e54416161bd19abcbe8e3e6137e76772206bbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date
Wed, 18 Jan 2023 05:39:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Sep 2022 05:05:05 GMT
Server
AmazonS3
x-amz-request-id
W476A4Y2Q9X1T9X2
ETag
"9fb8da6fcf32018d4c93d5df53a0b36d"
X-HW
1674020380.dop252.lo4.t,1674020381.cds089.lo4.shn,1674020381.dop252.lo4.t,1674020381.cds315.lo4.c
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=20474751
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
180108
x-amz-id-2
wuZRXnJU+lZWKzYp/Q9LavzF1aHvRJFRz8oZwueTuIkm2s/a4iLPuBFHYs75UsgPE9xRyiSSu4M=
apstag.js
c.amazon-adsystem.com/aax2/ 		179 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: inews.hket.com
URL: https://inews.hket.com/article/3438925?r=cpsdlc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a1a74eef6e94e2e8414e313d3dac9c34b11fccf52909e9eb833ce2cf70ced650

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 04:56:56 GMT
content-encoding
gzip
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Tue, 17 Jan 2023 22:31:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-C2
age
2565
etag
W/"09722bdf068e1f62e3d9a9e39a8dde87"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
0YXUu7D74Vcb1zfRrdOzopUENnp7JXX_WrTUNH3Bc81AaFtw0hzhyQ==
rar
as.ad4m.at/ad/ Frame C07D 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=22451&b=Px5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9&f=bMAtQfZfmzVaYHbHzt8Cpb1tbSJTMdzuKqMV&c=320&d=50&e=&g=349ad5d528f47fe8cb37ca6f15d6cd4d%2F16884170306485953979&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1674020380942&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1js8224arvftmx6ayrm81s12ey2aa7qpd88mmqawtb40d13wpvw7v5aw99a0bzvae1ysav0vfbtqxz3pxyt44mvy99afprshn1yace8z8zsjqmr1xgk26k72ja6qb8g1mtnzd0hmxmhdeg8xqj1ae6ym840dkf8e6yk433znes7ke1srtht95ca8rmy2w2vxwx9b54caqrf88jaba3jddg1cme802kx9a2qmbmqajyyvgrsd6v333d4qe53f8mw4mfh6aggry0k8bz1axc0cqafr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzdU4GobHY575AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoElAJP0ORworuMb0fTEP7VvFUP-niJ9zwulYy4g32aa7l5lDbG_-OO0UmrfASuec35eN96vy-8Lz7e6RcKF8Ab0BOyX81Tl0_cl9txhLNtcAmLGYcrRCFHQl2huY7hfqupBkEmvZRxHnuaoxDVfUE1ivsR12RSQHdLHUUTHYPPaoLzggbBNIRmnY1_w1EnooLyg2ajRJ49xt-y8Yqa_GEvnxdMScwayAGB8SX3QpNedLDOR4NYnG1K1d5My2TsUvu0-79vtrIrXDkpQKBe685miYeDIYS7DwGi3r-KoWwJ1Qjw56TkkxGrSZhx-Ct3Xd7h-8P3_s92Ccx4H8YJJyyixSoxlIXrz4FPKFKDvdwFijjWY6n_8_7gBAGABsXvqpes6vKmHKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2gHV6SwhRhS6kMjFVTMwY5XbJtvg%2526client%253Dca-pub-9387637170231181%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ed8e615dc00c73098b49dd59279c21dc80d3b849b3a03efe45bcb0d4d8fe23c
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1h7rt67gtd2zemrg8tyf78ydgkjz1wpqbptr87s4jhrg336vxgp7sqeajjr9b642x93wjd75q9gr9bzj7kj81np32ad16rvv1e3k7ctz902vg7v1dqamz2hny3a96hvajt7ac119qyc5z0wb70vq3h9a9btgynxbefb5dszk6ad3dyb4tfqmvsey3ja9r3n80thqxpaq23qg1syeaajbbmsm8vzk48s3g956bhf8ec43k5sjnxks6fxpe10c90ztnenpf4zh9mpxwt6d3mp3haxjp97kxpqh99zy1sxjjfcs11y7g2hnswjp2v5ytwwnf3g921gw71vg1b3wpfb33rermkdf014b0q55f75ma4cfpej1p9h69ejp2mg4hcd0m3xsrg7f8tnbmhhdn6spypq926qj58gngn4v6kkzb259kspd9t6b0tsn8xfx1j8c7k5abtb8&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCzdU4GobHY575AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoElAJP0ORworuMb0fTEP7VvFUP-niJ9zwulYy4g32aa7l5lDbG_-OO0UmrfASuec35eN96vy-8Lz7e6RcKF8Ab0BOyX81Tl0_cl9txhLNtcAmLGYcrRCFHQl2huY7hfqupBkEmvZRxHnuaoxDVfUE1ivsR12RSQHdLHUUTHYPPaoLzggbBNIRmnY1_w1EnooLyg2ajRJ49xt-y8Yqa_GEvnxdMScwayAGB8SX3QpNedLDOR4NYnG1K1d5My2TsUvu0-79vtrIrXDkpQKBe685miYeDIYS7DwGi3r-KoWwJ1Qjw56TkkxGrSZhx-Ct3Xd7h-8P3_s92Ccx4H8YJJyyixSoxlIXrz4FPKFKDvdwFijjWY6n_8_7gBAGABsXvqpes6vKmHKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2gHV6SwhRhS6kMjFVTMwY5XbJtvg%26client%3Dca-pub-9387637170231181%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
78b4fdd519f68ffa-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 18 Jan 2023 05:39:40 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
rar
as.ad4m.at/ad/ Frame DFCD 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=23576%2C14019%2C117569&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6735ce30a525b229d1d175685a37bfa6%2F15922239561918514587&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674020380946&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g44waf0mgenr3tvk3pgz51d6tryq360v6hd31w3hexqtpz0w33t3t3fsk28494vnyadykvsaz72e1a8ks4mxet5pkm1nmnx77f527d5zznpbq48g2nzgm3f6kd10yn0jjw1me0fs9jm893kbmsd35c8axzfd5bh02k1ktnpq1rakfktn72taq16krnvwwpbnhbhfrnqxdzn9bh2b22j7pkp7s4jz5jw0e7g8py743q3tqmk9g269z033ygr7qgrzf2fdd93f83sny7tkehgqn0s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtqMNGobHY5f4AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoEmwJP0P9GOtZK7fHAWboLM6tdCMf5z4nBlNZd2FRlfaLc6KP40JtE9GFHZV6dtQ-wffJzyNEH0CIMQCjf7_OgbcD683SFYrhLk_kBfp_TfENMEfDhFdvScnkHTrgMxwXvnj_z96TGvw3XCuDikx7ARYW7DG_-ZlSIO0JI5dIMaA0cnK33QyokzUtb41d6uun0KMJwS99B2UV6gsEMS6FDOokvFdIJ-o4cunU8DVmk2zw3sOz4Ctb9CX0raN3_l-yTSh3y9EGFZpc5iebg095FtJwimxn40Bqo2p7hqy419BNXX8cqnVN31djmI8lZv9pBmlspsm2ndVLI-8XLkaFu_LUMKWvaK3oRAS5sBf7pJjcP7_4vr43r9lVypzv44AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_23Pcm1DvU3Kps2EM8DGneUQaFdAQ%2526client%253Dca-pub-9387637170231181%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
488dad46f21756e1e4b6f48b39e4aacffe5f15fc2be403311fa856e999930b77
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1kdmf9xm4q5kdzsr8nkg3z0vhwfdv4mdh88j6gp4hws9mq4xzp65v1fxkyy56rdqrh7a8yff77jcpk2n3g3yzx3ftmvdpm0dgpj0fzyf9sp2jpqnhcb4rmyc042p53dghsdqwat37332bra6y300rmv11jgprv49341qk53545jr0eddnkmxrxng0ztcnhsw7vcj9reyhdkfd42bnmsprq146h7xpn5ndbv1fzrqdd9nk0yay7pn2ya5ahwbppynhp8s0jzyccs76j11a33p19btnf6q3s4a2k2bwgeb9kxcjmsxym3bt81yeak2dmtqp54yfg6n5hdcc1tc0ffaf552587sea504x62y4pqt33wvkqpawn5ch50zf0ehae8158qgc86ggscfp0v1qkwr5925szacyyf4qrghxzt75wp2m75ksyppagberetfz46zb3q8nfn&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtqMNGobHY5f4AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoEmwJP0P9GOtZK7fHAWboLM6tdCMf5z4nBlNZd2FRlfaLc6KP40JtE9GFHZV6dtQ-wffJzyNEH0CIMQCjf7_OgbcD683SFYrhLk_kBfp_TfENMEfDhFdvScnkHTrgMxwXvnj_z96TGvw3XCuDikx7ARYW7DG_-ZlSIO0JI5dIMaA0cnK33QyokzUtb41d6uun0KMJwS99B2UV6gsEMS6FDOokvFdIJ-o4cunU8DVmk2zw3sOz4Ctb9CX0raN3_l-yTSh3y9EGFZpc5iebg095FtJwimxn40Bqo2p7hqy419BNXX8cqnVN31djmI8lZv9pBmlspsm2ndVLI-8XLkaFu_LUMKWvaK3oRAS5sBf7pJjcP7_4vr43r9lVypzv44AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_23Pcm1DvU3Kps2EM8DGneUQaFdAQ%26client%3Dca-pub-9387637170231181%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
78b4fdd52a018ffa-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Wed, 18 Jan 2023 05:39:41 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
logo.png
s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/images/ Frame 8F23 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/images/logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
085bf9ca7dac86b02f69100debdf190e2a26033a81436267724f1d3de91b2a1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 10:07:24 GMT
x-content-type-options
nosniff
age
243136
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1673
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 03:26:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 10:07:24 GMT
hotel_names.json
s0.2mdn.net/json/ Frame 5BA2 		43 B
66 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/json/hotel_names.json
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/scripts/custom.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:29:17 GMT
x-content-type-options
nosniff
server
sffe
age
624
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=900
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Wed, 18 Jan 2023 05:44:17 GMT
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame C07D 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451&b=Px5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9&f=bMAtQfZfmzVaYHbHzt8Cpb1tbSJTMdzuKqMV&c=320&d=50&e=&g=349ad5d528f47fe8cb37ca6f15d6cd4d%2F16884170306485953979&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1674020380942&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1js8224arvftmx6ayrm81s12ey2aa7qpd88mmqawtb40d13wpvw7v5aw99a0bzvae1ysav0vfbtqxz3pxyt44mvy99afprshn1yace8z8zsjqmr1xgk26k72ja6qb8g1mtnzd0hmxmhdeg8xqj1ae6ym840dkf8e6yk433znes7ke1srtht95ca8rmy2w2vxwx9b54caqrf88jaba3jddg1cme802kx9a2qmbmqajyyvgrsd6v333d4qe53f8mw4mfh6aggry0k8bz1axc0cqafr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzdU4GobHY575AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoElAJP0ORworuMb0fTEP7VvFUP-niJ9zwulYy4g32aa7l5lDbG_-OO0UmrfASuec35eN96vy-8Lz7e6RcKF8Ab0BOyX81Tl0_cl9txhLNtcAmLGYcrRCFHQl2huY7hfqupBkEmvZRxHnuaoxDVfUE1ivsR12RSQHdLHUUTHYPPaoLzggbBNIRmnY1_w1EnooLyg2ajRJ49xt-y8Yqa_GEvnxdMScwayAGB8SX3QpNedLDOR4NYnG1K1d5My2TsUvu0-79vtrIrXDkpQKBe685miYeDIYS7DwGi3r-KoWwJ1Qjw56TkkxGrSZhx-Ct3Xd7h-8P3_s92Ccx4H8YJJyyixSoxlIXrz4FPKFKDvdwFijjWY6n_8_7gBAGABsXvqpes6vKmHKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2gHV6SwhRhS6kMjFVTMwY5XbJtvg%2526client%253Dca-pub-9387637170231181%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=22451&b=Px5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9&f=bMAtQfZfmzVaYHbHzt8Cpb1tbSJTMdzuKqMV&c=320&d=50&e=&g=349ad5d528f47fe8cb37ca6f15d6cd4d%2F16884170306485953979&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1674020380942&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1js8224arvftmx6ayrm81s12ey2aa7qpd88mmqawtb40d13wpvw7v5aw99a0bzvae1ysav0vfbtqxz3pxyt44mvy99afprshn1yace8z8zsjqmr1xgk26k72ja6qb8g1mtnzd0hmxmhdeg8xqj1ae6ym840dkf8e6yk433znes7ke1srtht95ca8rmy2w2vxwx9b54caqrf88jaba3jddg1cme802kx9a2qmbmqajyyvgrsd6v333d4qe53f8mw4mfh6aggry0k8bz1axc0cqafr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzdU4GobHY575AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoElAJP0ORworuMb0fTEP7VvFUP-niJ9zwulYy4g32aa7l5lDbG_-OO0UmrfASuec35eN96vy-8Lz7e6RcKF8Ab0BOyX81Tl0_cl9txhLNtcAmLGYcrRCFHQl2huY7hfqupBkEmvZRxHnuaoxDVfUE1ivsR12RSQHdLHUUTHYPPaoLzggbBNIRmnY1_w1EnooLyg2ajRJ49xt-y8Yqa_GEvnxdMScwayAGB8SX3QpNedLDOR4NYnG1K1d5My2TsUvu0-79vtrIrXDkpQKBe685miYeDIYS7DwGi3r-KoWwJ1Qjw56TkkxGrSZhx-Ct3Xd7h-8P3_s92Ccx4H8YJJyyixSoxlIXrz4FPKFKDvdwFijjWY6n_8_7gBAGABsXvqpes6vKmHKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2gHV6SwhRhS6kMjFVTMwY5XbJtvg%2526client%253Dca-pub-9387637170231181%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
159749
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tv7LAiPhY87y%2F6BpG4Dl7D199ehcGbIEJF2xu1fEBPG%2FzN2%2FofOhXEWE5gC3giNKx07SZ15eEqPyPy%2FtO16cEZdkIqaplEvBa2jtDibP45wiDUP3Wp70AbnGugy1rUVNsFxgpO8O21Y%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
78b4fdd58a618ffa-FRA
expires
Wed, 18 Jan 2023 06:39:41 GMT
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame C07D 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451&b=Px5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9&f=bMAtQfZfmzVaYHbHzt8Cpb1tbSJTMdzuKqMV&c=320&d=50&e=&g=349ad5d528f47fe8cb37ca6f15d6cd4d%2F16884170306485953979&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1674020380942&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1js8224arvftmx6ayrm81s12ey2aa7qpd88mmqawtb40d13wpvw7v5aw99a0bzvae1ysav0vfbtqxz3pxyt44mvy99afprshn1yace8z8zsjqmr1xgk26k72ja6qb8g1mtnzd0hmxmhdeg8xqj1ae6ym840dkf8e6yk433znes7ke1srtht95ca8rmy2w2vxwx9b54caqrf88jaba3jddg1cme802kx9a2qmbmqajyyvgrsd6v333d4qe53f8mw4mfh6aggry0k8bz1axc0cqafr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzdU4GobHY575AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoElAJP0ORworuMb0fTEP7VvFUP-niJ9zwulYy4g32aa7l5lDbG_-OO0UmrfASuec35eN96vy-8Lz7e6RcKF8Ab0BOyX81Tl0_cl9txhLNtcAmLGYcrRCFHQl2huY7hfqupBkEmvZRxHnuaoxDVfUE1ivsR12RSQHdLHUUTHYPPaoLzggbBNIRmnY1_w1EnooLyg2ajRJ49xt-y8Yqa_GEvnxdMScwayAGB8SX3QpNedLDOR4NYnG1K1d5My2TsUvu0-79vtrIrXDkpQKBe685miYeDIYS7DwGi3r-KoWwJ1Qjw56TkkxGrSZhx-Ct3Xd7h-8P3_s92Ccx4H8YJJyyixSoxlIXrz4FPKFKDvdwFijjWY6n_8_7gBAGABsXvqpes6vKmHKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2gHV6SwhRhS6kMjFVTMwY5XbJtvg%2526client%253Dca-pub-9387637170231181%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
647984
cf-polished
qual=85, origFmt=jpeg, origSize=16723
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8354
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T97QesZfPmFTVpOq%2Bojh%2BY722fQJW0GQde3wgEtHbuY4mfqPlj2%2FlpUUBbHl6o8%2Bmtttw5Agwylmisls50OZkXdSe2v7iODRg0tPmppZuyFsicODOI3kZ7D2yv4sq7flrmqdyn1jL6dYs49a"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78b4fdd59e209b1f-FRA
expires
Thu, 19 Jan 2023 05:39:41 GMT
FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame C07D 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=22451&b=Px5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9&f=bMAtQfZfmzVaYHbHzt8Cpb1tbSJTMdzuKqMV&c=320&d=50&e=&g=349ad5d528f47fe8cb37ca6f15d6cd4d%2F16884170306485953979&i=25174&j=16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach118_EXTRAPUSH&r=1674020380942&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1js8224arvftmx6ayrm81s12ey2aa7qpd88mmqawtb40d13wpvw7v5aw99a0bzvae1ysav0vfbtqxz3pxyt44mvy99afprshn1yace8z8zsjqmr1xgk26k72ja6qb8g1mtnzd0hmxmhdeg8xqj1ae6ym840dkf8e6yk433znes7ke1srtht95ca8rmy2w2vxwx9b54caqrf88jaba3jddg1cme802kx9a2qmbmqajyyvgrsd6v333d4qe53f8mw4mfh6aggry0k8bz1axc0cqafr%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCzdU4GobHY575AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoElAJP0ORworuMb0fTEP7VvFUP-niJ9zwulYy4g32aa7l5lDbG_-OO0UmrfASuec35eN96vy-8Lz7e6RcKF8Ab0BOyX81Tl0_cl9txhLNtcAmLGYcrRCFHQl2huY7hfqupBkEmvZRxHnuaoxDVfUE1ivsR12RSQHdLHUUTHYPPaoLzggbBNIRmnY1_w1EnooLyg2ajRJ49xt-y8Yqa_GEvnxdMScwayAGB8SX3QpNedLDOR4NYnG1K1d5My2TsUvu0-79vtrIrXDkpQKBe685miYeDIYS7DwGi3r-KoWwJ1Qjw56TkkxGrSZhx-Ct3Xd7h-8P3_s92Ccx4H8YJJyyixSoxlIXrz4FPKFKDvdwFijjWY6n_8_7gBAGABsXvqpes6vKmHKAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2gHV6SwhRhS6kMjFVTMwY5XbJtvg%2526client%253Dca-pub-9387637170231181%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2021512
cf-polished
qual=85, origFmt=jpeg, origSize=81547
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30226
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Apr 2020 08:50:22 GMT
server
cloudflare
etag
"f7c8b1c28756e1f042414e043a02e1fa"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DnNEE0EwLdlwzXjyW1K%2FMtrAcXwuwM%2BX1RJ%2BMCiV2AVki44z6DdZhKAgNhW6IxLUw1Eof%2F7Y68Y06IMZs33NUGORI9kPevBsnZMQBNtgyT76x1hoBnwx8TYe3cZaPf1HEECxWQ7h9hVhzbU2"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78b4fdd5daa08ffa-FRA
expires
Thu, 19 Jan 2023 05:39:41 GMT
B22845801.273544483;dc_pre=CJu7qPGz0PwCFViVdwods5oEOg;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/ Frame C07D
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJu7qPGz0PwCFViVdwods5oEOg;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
0
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C557 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://inews.hket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
24417
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Jan 2023 22:52:44 GMT
expires
Wed, 17 Jan 2024 22:52:44 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 02C9 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WVJn9Pt-VPUW97UcuZYpng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://inews.hket.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-WVJn9Pt-VPUW97UcuZYpng' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 18 Jan 2023 05:39:41 GMT
expires
Wed, 18 Jan 2023 05:39:41 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.27/one-ad/ Frame DFCD 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.27/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C14019%2C117569&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6735ce30a525b229d1d175685a37bfa6%2F15922239561918514587&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674020380946&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g44waf0mgenr3tvk3pgz51d6tryq360v6hd31w3hexqtpz0w33t3t3fsk28494vnyadykvsaz72e1a8ks4mxet5pkm1nmnx77f527d5zznpbq48g2nzgm3f6kd10yn0jjw1me0fs9jm893kbmsd35c8axzfd5bh02k1ktnpq1rakfktn72taq16krnvwwpbnhbhfrnqxdzn9bh2b22j7pkp7s4jz5jw0e7g8py743q3tqmk9g269z033ygr7qgrzf2fdd93f83sny7tkehgqn0s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtqMNGobHY5f4AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoEmwJP0P9GOtZK7fHAWboLM6tdCMf5z4nBlNZd2FRlfaLc6KP40JtE9GFHZV6dtQ-wffJzyNEH0CIMQCjf7_OgbcD683SFYrhLk_kBfp_TfENMEfDhFdvScnkHTrgMxwXvnj_z96TGvw3XCuDikx7ARYW7DG_-ZlSIO0JI5dIMaA0cnK33QyokzUtb41d6uun0KMJwS99B2UV6gsEMS6FDOokvFdIJ-o4cunU8DVmk2zw3sOz4Ctb9CX0raN3_l-yTSh3y9EGFZpc5iebg095FtJwimxn40Bqo2p7hqy419BNXX8cqnVN31djmI8lZv9pBmlspsm2ndVLI-8XLkaFu_LUMKWvaK3oRAS5sBf7pJjcP7_4vr43r9lVypzv44AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_23Pcm1DvU3Kps2EM8DGneUQaFdAQ%2526client%253Dca-pub-9387637170231181%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=23576%2C14019%2C117569&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6735ce30a525b229d1d175685a37bfa6%2F15922239561918514587&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674020380946&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g44waf0mgenr3tvk3pgz51d6tryq360v6hd31w3hexqtpz0w33t3t3fsk28494vnyadykvsaz72e1a8ks4mxet5pkm1nmnx77f527d5zznpbq48g2nzgm3f6kd10yn0jjw1me0fs9jm893kbmsd35c8axzfd5bh02k1ktnpq1rakfktn72taq16krnvwwpbnhbhfrnqxdzn9bh2b22j7pkp7s4jz5jw0e7g8py743q3tqmk9g269z033ygr7qgrzf2fdd93f83sny7tkehgqn0s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtqMNGobHY5f4AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoEmwJP0P9GOtZK7fHAWboLM6tdCMf5z4nBlNZd2FRlfaLc6KP40JtE9GFHZV6dtQ-wffJzyNEH0CIMQCjf7_OgbcD683SFYrhLk_kBfp_TfENMEfDhFdvScnkHTrgMxwXvnj_z96TGvw3XCuDikx7ARYW7DG_-ZlSIO0JI5dIMaA0cnK33QyokzUtb41d6uun0KMJwS99B2UV6gsEMS6FDOokvFdIJ-o4cunU8DVmk2zw3sOz4Ctb9CX0raN3_l-yTSh3y9EGFZpc5iebg095FtJwimxn40Bqo2p7hqy419BNXX8cqnVN31djmI8lZv9pBmlspsm2ndVLI-8XLkaFu_LUMKWvaK3oRAS5sBf7pJjcP7_4vr43r9lVypzv44AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_23Pcm1DvU3Kps2EM8DGneUQaFdAQ%2526client%253Dca-pub-9387637170231181%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:41 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1670930538
age
159749
cf-polished
origSize=91628
x-guploader-uploadid
ADPycduR5Ol9pg3grc4HAIdmrbMEndwceyBRaKPEzp4btA3cKENGM-ZcNqNRgrH_pFRA6eQ6LFPYNJBaKno_nvJ48NOr
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 13 Dec 2022 11:22:46 GMT
server
cloudflare
etag
W/"575def06e70febb0cbd25403e37880bf"
vary
Accept-Encoding
x-goog-generation
1670930566724484
content-type
text/css
x-goog-hash
crc32c=ttlcew==, md5=V13vBucP67DL0lQD43iAvw==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l7dqjV5SQbP0JcDwT1QFfgCiZOMbMtXIIBnlK3zYkNlafItWdWKyZU1hWXQQwHhKtM1IkAA7%2FOUCy28JHwd8ypUrLCdUlI0JAiW%2FFc%2F58Dxd96EqIS1wwy08ZIoe%2FjOcjYag3ZkUoHI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
91628
cf-ray
78b4fdd59a718ffa-FRA
expires
Wed, 18 Jan 2023 06:39:41 GMT
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame DFCD 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C14019%2C117569&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6735ce30a525b229d1d175685a37bfa6%2F15922239561918514587&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674020380946&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g44waf0mgenr3tvk3pgz51d6tryq360v6hd31w3hexqtpz0w33t3t3fsk28494vnyadykvsaz72e1a8ks4mxet5pkm1nmnx77f527d5zznpbq48g2nzgm3f6kd10yn0jjw1me0fs9jm893kbmsd35c8axzfd5bh02k1ktnpq1rakfktn72taq16krnvwwpbnhbhfrnqxdzn9bh2b22j7pkp7s4jz5jw0e7g8py743q3tqmk9g269z033ygr7qgrzf2fdd93f83sny7tkehgqn0s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtqMNGobHY5f4AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoEmwJP0P9GOtZK7fHAWboLM6tdCMf5z4nBlNZd2FRlfaLc6KP40JtE9GFHZV6dtQ-wffJzyNEH0CIMQCjf7_OgbcD683SFYrhLk_kBfp_TfENMEfDhFdvScnkHTrgMxwXvnj_z96TGvw3XCuDikx7ARYW7DG_-ZlSIO0JI5dIMaA0cnK33QyokzUtb41d6uun0KMJwS99B2UV6gsEMS6FDOokvFdIJ-o4cunU8DVmk2zw3sOz4Ctb9CX0raN3_l-yTSh3y9EGFZpc5iebg095FtJwimxn40Bqo2p7hqy419BNXX8cqnVN31djmI8lZv9pBmlspsm2ndVLI-8XLkaFu_LUMKWvaK3oRAS5sBf7pJjcP7_4vr43r9lVypzv44AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_23Pcm1DvU3Kps2EM8DGneUQaFdAQ%2526client%253Dca-pub-9387637170231181%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
317824
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omuOmFAT6wSbmpfYn664kPMDdwa8XGXNIXED2Pu1dUJAppF6PPA3goHq%2BVfE5Q6yY6ghRmkfOywtcGKfViuxPrMotwfn9QOPKEvgPKqh5xWfKisTfDlIjMYk%2F9z1Mb4gIq8ROGAcFtaLqPsX"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78b4fdd59e2a9b1f-FRA
expires
Thu, 19 Jan 2023 05:39:41 GMT
F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
assets.ad4m.at/product_image/ Frame DFCD 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/F62A1DE9558535D0FF655677BD09A3CC277ACE3637CF682E0D52C0F5BBA2668E34C6194AEF65CBBC1F6ECA33D1332A3C8BE1215EA4AB0FD0FBE5F5B485AF1875
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C14019%2C117569&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6735ce30a525b229d1d175685a37bfa6%2F15922239561918514587&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674020380946&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g44waf0mgenr3tvk3pgz51d6tryq360v6hd31w3hexqtpz0w33t3t3fsk28494vnyadykvsaz72e1a8ks4mxet5pkm1nmnx77f527d5zznpbq48g2nzgm3f6kd10yn0jjw1me0fs9jm893kbmsd35c8axzfd5bh02k1ktnpq1rakfktn72taq16krnvwwpbnhbhfrnqxdzn9bh2b22j7pkp7s4jz5jw0e7g8py743q3tqmk9g269z033ygr7qgrzf2fdd93f83sny7tkehgqn0s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtqMNGobHY5f4AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoEmwJP0P9GOtZK7fHAWboLM6tdCMf5z4nBlNZd2FRlfaLc6KP40JtE9GFHZV6dtQ-wffJzyNEH0CIMQCjf7_OgbcD683SFYrhLk_kBfp_TfENMEfDhFdvScnkHTrgMxwXvnj_z96TGvw3XCuDikx7ARYW7DG_-ZlSIO0JI5dIMaA0cnK33QyokzUtb41d6uun0KMJwS99B2UV6gsEMS6FDOokvFdIJ-o4cunU8DVmk2zw3sOz4Ctb9CX0raN3_l-yTSh3y9EGFZpc5iebg095FtJwimxn40Bqo2p7hqy419BNXX8cqnVN31djmI8lZv9pBmlspsm2ndVLI-8XLkaFu_LUMKWvaK3oRAS5sBf7pJjcP7_4vr43r9lVypzv44AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_23Pcm1DvU3Kps2EM8DGneUQaFdAQ%2526client%253Dca-pub-9387637170231181%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2023626
cf-polished
qual=85, origFmt=jpeg, origSize=132437
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
23154
cf-bgj
imgq:85,h2pri
last-modified
Thu, 09 Dec 2021 17:51:23 GMT
server
cloudflare
etag
"c348b177953ac5720836c04e1a21673d"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXnZKfpsA97yTEg2ykuNmSsOX6PTUc6uCbATLQ29r%2FZiOO3HUblMv6sHHN2PSTGuSTrwQAK6aegn79irwd9QLOPHmx%2BArZImut%2B0vkuIbBg2ebNVP5Cluwe1D70XshGD%2F8sZBWmR3w7sw%2FN0"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78b4fdd5eaaa8ffa-FRA
expires
Thu, 19 Jan 2023 05:39:41 GMT
B25220131.345081615;dc_pre=CO27qPGz0PwCFauSdwodOlQJiw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/ Frame DFCD
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CO27qPGz0PwCFauSdwodOlQJiw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
0
0
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame DFCD 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C14019%2C117569&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6735ce30a525b229d1d175685a37bfa6%2F15922239561918514587&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674020380946&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g44waf0mgenr3tvk3pgz51d6tryq360v6hd31w3hexqtpz0w33t3t3fsk28494vnyadykvsaz72e1a8ks4mxet5pkm1nmnx77f527d5zznpbq48g2nzgm3f6kd10yn0jjw1me0fs9jm893kbmsd35c8axzfd5bh02k1ktnpq1rakfktn72taq16krnvwwpbnhbhfrnqxdzn9bh2b22j7pkp7s4jz5jw0e7g8py743q3tqmk9g269z033ygr7qgrzf2fdd93f83sny7tkehgqn0s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtqMNGobHY5f4AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoEmwJP0P9GOtZK7fHAWboLM6tdCMf5z4nBlNZd2FRlfaLc6KP40JtE9GFHZV6dtQ-wffJzyNEH0CIMQCjf7_OgbcD683SFYrhLk_kBfp_TfENMEfDhFdvScnkHTrgMxwXvnj_z96TGvw3XCuDikx7ARYW7DG_-ZlSIO0JI5dIMaA0cnK33QyokzUtb41d6uun0KMJwS99B2UV6gsEMS6FDOokvFdIJ-o4cunU8DVmk2zw3sOz4Ctb9CX0raN3_l-yTSh3y9EGFZpc5iebg095FtJwimxn40Bqo2p7hqy419BNXX8cqnVN31djmI8lZv9pBmlspsm2ndVLI-8XLkaFu_LUMKWvaK3oRAS5sBf7pJjcP7_4vr43r9lVypzv44AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_23Pcm1DvU3Kps2EM8DGneUQaFdAQ%2526client%253Dca-pub-9387637170231181%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
53625
cf-polished
origFmt=png, origSize=65187
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44710
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 14:45:52 GMT
server
cloudflare
etag
"99941d3864a6d6ef01023c96e0475815"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQNbZhkzJDcmWLy4okWX2Ks%2FZsG0jqdtTp6p1zPDvNuDlfaXwzjjbQtYtOBUEG3rKJDIY0SqBY4VgCr0uPVzVNBNX4GTlpKRSeqnsS6AKyG%2FjMaXvf85VV0YK7NEfS8dD4cfVGMNi2IMwaY3"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78b4fdd5eaaf8ffa-FRA
expires
Thu, 19 Jan 2023 05:39:41 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame DFCD 		222 KB
222 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C14019%2C117569&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6735ce30a525b229d1d175685a37bfa6%2F15922239561918514587&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674020380946&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g44waf0mgenr3tvk3pgz51d6tryq360v6hd31w3hexqtpz0w33t3t3fsk28494vnyadykvsaz72e1a8ks4mxet5pkm1nmnx77f527d5zznpbq48g2nzgm3f6kd10yn0jjw1me0fs9jm893kbmsd35c8axzfd5bh02k1ktnpq1rakfktn72taq16krnvwwpbnhbhfrnqxdzn9bh2b22j7pkp7s4jz5jw0e7g8py743q3tqmk9g269z033ygr7qgrzf2fdd93f83sny7tkehgqn0s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtqMNGobHY5f4AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoEmwJP0P9GOtZK7fHAWboLM6tdCMf5z4nBlNZd2FRlfaLc6KP40JtE9GFHZV6dtQ-wffJzyNEH0CIMQCjf7_OgbcD683SFYrhLk_kBfp_TfENMEfDhFdvScnkHTrgMxwXvnj_z96TGvw3XCuDikx7ARYW7DG_-ZlSIO0JI5dIMaA0cnK33QyokzUtb41d6uun0KMJwS99B2UV6gsEMS6FDOokvFdIJ-o4cunU8DVmk2zw3sOz4Ctb9CX0raN3_l-yTSh3y9EGFZpc5iebg095FtJwimxn40Bqo2p7hqy419BNXX8cqnVN31djmI8lZv9pBmlspsm2ndVLI-8XLkaFu_LUMKWvaK3oRAS5sBf7pJjcP7_4vr43r9lVypzv44AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_23Pcm1DvU3Kps2EM8DGneUQaFdAQ%2526client%253Dca-pub-9387637170231181%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2021353
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
226950
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XE%2BmUKpXtqwlZSqz6JfO5XpYxGi3rDZxcGtp8Mcjp4wrXlS5TQvWWUKCThpW9seCMm3fzp48bTH1HUQufsXgbO0si8KUV5KDBdJEBMQfy7VSP6KIC1cdD2QtTKMzYAwgiyB325PK6uVvOOWX"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78b4fdd5eab08ffa-FRA
expires
Thu, 19 Jan 2023 05:39:41 GMT
cshow.php
www.awin1.com/ Frame DFCD 		0
0
A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
assets.ad4m.at/logo/ Frame DFCD 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/A0843E9156C9D7335C02FDBAB8781B4AFFEEE9E59ABD085E1EDF62037D970710A817E95DBBFD727CE4E28B26524C9A8F4A33EB1E826BD3A7B2541F094E39D266
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C14019%2C117569&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6735ce30a525b229d1d175685a37bfa6%2F15922239561918514587&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674020380946&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g44waf0mgenr3tvk3pgz51d6tryq360v6hd31w3hexqtpz0w33t3t3fsk28494vnyadykvsaz72e1a8ks4mxet5pkm1nmnx77f527d5zznpbq48g2nzgm3f6kd10yn0jjw1me0fs9jm893kbmsd35c8axzfd5bh02k1ktnpq1rakfktn72taq16krnvwwpbnhbhfrnqxdzn9bh2b22j7pkp7s4jz5jw0e7g8py743q3tqmk9g269z033ygr7qgrzf2fdd93f83sny7tkehgqn0s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtqMNGobHY5f4AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoEmwJP0P9GOtZK7fHAWboLM6tdCMf5z4nBlNZd2FRlfaLc6KP40JtE9GFHZV6dtQ-wffJzyNEH0CIMQCjf7_OgbcD683SFYrhLk_kBfp_TfENMEfDhFdvScnkHTrgMxwXvnj_z96TGvw3XCuDikx7ARYW7DG_-ZlSIO0JI5dIMaA0cnK33QyokzUtb41d6uun0KMJwS99B2UV6gsEMS6FDOokvFdIJ-o4cunU8DVmk2zw3sOz4Ctb9CX0raN3_l-yTSh3y9EGFZpc5iebg095FtJwimxn40Bqo2p7hqy419BNXX8cqnVN31djmI8lZv9pBmlspsm2ndVLI-8XLkaFu_LUMKWvaK3oRAS5sBf7pJjcP7_4vr43r9lVypzv44AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_23Pcm1DvU3Kps2EM8DGneUQaFdAQ%2526client%253Dca-pub-9387637170231181%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1135358
cf-polished
origFmt=png, origSize=9357
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2330
cf-bgj
imgq:85,h2pri
last-modified
Thu, 08 Apr 2021 14:26:03 GMT
server
cloudflare
etag
"8cc161b392f5744da5319a4da549b763"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BkcpbSPK6yR2HgB4yjUzDjQVmk%2BfngivglcXbe0%2BhbbmSccgnQho2H3AiIMJCfkzm3x3EEz9dyF4Kn911Tr0BVrAz2XDPaCw9FMAqJDlFDfavfggLVhySbDoIJQw%2Fy2TqiZVxLCqWVfk8uo7"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78b4fdd5eab18ffa-FRA
expires
Thu, 19 Jan 2023 05:39:41 GMT
B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
assets.ad4m.at/product_image/ Frame DFCD 		339 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/B0EFBB0208E9EF8D30A7C89B72C086F1DD36F5D7A5F0A9551729DDFC67E85BCDECDB196EB4EAB3FEC6BC55A4A1442682559F8312D8959CED1C6B0F52B22CF45C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=23576%2C14019%2C117569&b=1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQ%2C3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3%2CJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eY&f=w7DHdfjf8V8cEHRH2tEC447HzSATmm3aKJ23%2CWPefrfdfPDghYH5HjtDCXjeH3SETVVmU9Q8W%2CG1rtBfpf6g8PcKHeHGtBC7qzTZSYTJJkCQV5M&c=728&d=90&e=&g=6735ce30a525b229d1d175685a37bfa6%2F15922239561918514587&i=20774%2C21596%2C29981&j=14%2C16%2C16&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1674020380946&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g44waf0mgenr3tvk3pgz51d6tryq360v6hd31w3hexqtpz0w33t3t3fsk28494vnyadykvsaz72e1a8ks4mxet5pkm1nmnx77f527d5zznpbq48g2nzgm3f6kd10yn0jjw1me0fs9jm893kbmsd35c8axzfd5bh02k1ktnpq1rakfktn72taq16krnvwwpbnhbhfrnqxdzn9bh2b22j7pkp7s4jz5jw0e7g8py743q3tqmk9g269z033ygr7qgrzf2fdd93f83sny7tkehgqn0s%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCtqMNGobHY5f4AfWy9u8PhNCm6AmQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi05Mzg3NjM3MTcwMjMxMTgxyAEJqQKgrFhCcR2yPuACAKgDAaoEmwJP0P9GOtZK7fHAWboLM6tdCMf5z4nBlNZd2FRlfaLc6KP40JtE9GFHZV6dtQ-wffJzyNEH0CIMQCjf7_OgbcD683SFYrhLk_kBfp_TfENMEfDhFdvScnkHTrgMxwXvnj_z96TGvw3XCuDikx7ARYW7DG_-ZlSIO0JI5dIMaA0cnK33QyokzUtb41d6uun0KMJwS99B2UV6gsEMS6FDOokvFdIJ-o4cunU8DVmk2zw3sOz4Ctb9CX0raN3_l-yTSh3y9EGFZpc5iebg095FtJwimxn40Bqo2p7hqy419BNXX8cqnVN31djmI8lZv9pBmlspsm2ndVLI-8XLkaFu_LUMKWvaK3oRAS5sBf7pJjcP7_4vr43r9lVypzv44AQBgAa56rLB19OOur4BoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_23Pcm1DvU3Kps2EM8DGneUQaFdAQ%2526client%253Dca-pub-9387637170231181%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 05:39:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1646038
cf-polished
origFmt=png, origSize=563367
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
347098
cf-bgj
imgq:85,h2pri
last-modified
Fri, 09 Apr 2021 07:22:09 GMT
server
cloudflare
etag
"ff5ac113643d20bec15acfffe32cb75e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2BnQUbzg27vaJ%2Fc3UKlxsU3c84nW7va6XlnDHFpnPPpTy0S6w1yWVQhjRJOjFK8JAk9c7LK79Qk04PfkTaRaGkItWqWt8YVLImsZRQvbj4ZQgRYsoyWoU3vEyBN7VSa75HFbzdDIeGuk85Ko"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
78b4fdd5eab38ffa-FRA
expires
Thu, 19 Jan 2023 05:39:41 GMT
cshow.php
www.awin1.com/ Frame DFCD 		0
0
config
c.amazon-adsystem.com/cdn/prod/ 		385 B
742 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Finews.hket.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
17c1a65dfc520d641ac19f90acbbb439bd737a4e0bfbbffad3733203abe9280e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://inews.hket.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Wed, 18 Jan 2023 03:43:10 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
age
6990
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://inews.hket.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
385
x-amz-cf-id
_DcNBM83C4kDv-TSyg1ZIUE3f_wTEq9HSKlUFDnYsADDmxmGYIokAw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		0
0
logo.png
s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/images/ Frame 5BA2 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/images/logo.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 10:05:57 GMT
x-content-type-options
nosniff
age
243224
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1836
x-xss-protection
0
last-modified
Wed, 09 Nov 2022 04:13:52 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 15 Jan 2024 10:05:57 GMT
5f69ee2786f50a6e302c104c.json
serv-selectmedia.com/cdn/mcm/ Frame 65DA 		0
0
aliexpress300x250.jpg
play.selectmedia.asia/58fcbed1073ef420086c9d08/5aeadebd28a0617c737bddc6/ Frame 65DA 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame EE58 		0
0
id5-api.js
cdn.id5-sync.com/api/1.0/ 		0
0
wrapper.html
wrappers.geoedge.be/ 		0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 02C9 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
plus.hket.com
URL
https://plus.hket.com/anonymous_identity/SaveControl
Domain
ad.atdmt.com
URL
https://ad.atdmt.com/i/img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=28887302;s.a=443002;p.a=353276808;a.a=544407136;cache=3302127397;
Domain
ad.atdmt.com
URL
https://ad.atdmt.com/i/img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=28887302;s.a=443002;p.a=352921673;a.a=544401832;cache=3686821635;
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/brand.css
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/brand.css
Domain
go1.aniview.com
URL
https://go1.aniview.com/api/adserver/tag/?AV_TAGID=60e7ec078903a3059a28136d&AV_PUBLISHERID=5f69ee2786f50a6e302c104c&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Finews.hket.com%2Farticle%2F3438925%3Fr%3Dcpsdlc&AV_CHANNELID=637a30c6a5b7384b2a30c874&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=inews.hket.com&AV_DADPOS=3&AV_TAG=60e7ec078903a3059a28136d&AV_TEMPLATE=637a3a93fda2bc1cf6683a53&d36=6.2.74&responsive=1&sver=4&avtoken=380863&omv=1.0.1&clsid=67711c1c-1359-43da-9c43-3056b5299462&rando=17&AV_WIDTH=640&AV_HEIGHT=360&AV_DNT=0&cb=1674020380865&wfc=1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvKzAM0E_NQ1tAE2zc6_-IjCN89V9ZBTmUf8_HDDNUUb6gCE_ERdVyXV17Fcnt9kKSaLdSs-rEUJ_KpfzFpZWNUq4JQfCDVJIwIo9ZqCxBiwUF92WtX&sig=Cg0ArKJSzLjz7juhh1w_EAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230111&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=754225060&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1674020378819&rpt=1703&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&spb=0
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2InAv2yWo6hqLa1RILFuelqnbe-r4XuU1V2PekiqX6NNsxx6HgAtAZSx9m1mSObQ7GVE9i_9OVjBx3vAk2NEWC0ELi0-KhnqE7DRxqbVIvnfm1kQW&sig=Cg0ArKJSzKuahJ6flS3WEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20230111&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=2430662450&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1674020380001&rpt=518&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&spb=0
Domain
ad.doubleclick.net
URL
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CJu7qPGz0PwCFViVdwods5oEOg;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidPx5HBfbfM5Qa9HjHbtMtR5KaJS9TDbgf6RW9oneid__suite_Netmix_Reach118_EXTRAPUSH&gdpr_consent=&gdpr=0&gdpr_pd=0
Domain
ad.doubleclick.net
URL
https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CO27qPGz0PwCFauSdwodOlQJiw;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D120211V1226132702M%26subid%3Dviewoneid1QYtbfKfXzXs9HdH9tAt22rh2SKTGG8Sx7XQoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0
Domain
www.awin1.com
URL
https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneid3qjcpf4f9pqf7HrHAtEt9REtPSWTKKMsg2Y3oneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Domain
www.awin1.com
URL
https://www.awin1.com/cshow.php?s=2767075&v=20044&q=402224&r=412871&pv=1&pref3=oneidJMQTzf5f6Qp9cBH6H7tptMXKcxSgT44JcP3eYoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
Domain
c.amazon-adsystem.com
URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Domain
serv-selectmedia.com
URL
https://serv-selectmedia.com/cdn/mcm/5f69ee2786f50a6e302c104c.json
Domain
play.selectmedia.asia
URL
https://play.selectmedia.asia/58fcbed1073ef420086c9d08/5aeadebd28a0617c737bddc6/aliexpress300x250.jpg
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkUdFGobHY4v0AfWy9u8PhNCm6AkAAAAAOAHgBAI&bg=!GRqlGl7NAAYDMoyoIzI7ACkAdvg8WsiKB7O1pm9ZrhkWfLpnN41z3YB6lLFzvXEX1Hwc4AaW3-Rl-QIAAAIIUgAAAAJoAQcKAD_3GT39DMhGCPMnRfz1KZkfFV3dTkt8srA0pn4xvlsRGKgY5B7Egs8fOkPxchGiMgswBCA_MMcnY9wpvoEkdnKZAxd4in_Kge8Em-02U2ZEsJnd0kv2su51PFWj-Gk29aHqMMp8hzCXLyUyI1McTowAa6wAVEtDS4KWdV4JsgvR2_jGPF4JDjr3Rb6NOv69rzzHgQOUIt2Q1L-2lFqvQvB07jQA2VSV4IVIzC4AHW-c7WcK46EM_k_lSLaJe1_3TsRaOIqLSxMA_pvUUMgHLrxC126ZBYAPZswrQK1PvVy71H9ieJuGpgCTDqNZEk1en6n0clcgl8_Jz2XRtcbfrgI_imGosVGtwz09Hi0eIAWifOediGDj5bxtFEhB6sLfYVMe1w9jQ2ZEdNp0cdQLxjbq_UNyQDbyya717IGyo9m9mCjD7EQ0ldNfaQzddugIF7Qk6Fi4LYSSMblIqCZ2tzN_2A64z0RhvCfZ2XFYj0a_H-xNPpKtSlhSpHHT1WFkld5aM-kNWHOUPMHyeI8FHSUoqWd_7R4zK-yIdV1SJaZ2BfCI3KxIoz2VmK-vbL6R7fSoB7ak4sIJY6VEkrLyA-Iarzlam9fPG-bSbj983x1NQoPFJn8sDTyrr6AabzDrWfZ_-6GOYcdVHJ6b-xpvFhMZeA7UXZ3jGIu9XpO9dGLjXfHDep34XwXgyhd2d_OPOsaMxhdnb7E5H6fn_wsbOsQOAbB2b0hrU66yw-ngm0kRkcwF1Quy40glEWXcU60QYQyZqGUA0nG_yHYW-OM06bNxS_G9MlJjzNrQU3adZyQse8D6uQCer5Gmb5nOxk0kBncOvriTXrVzpV3C6WCXhlW4PpEbF8NX3VHCdYAjyYIXwBrk166v14abAB9D-bo8tsstwVHjrkOstbNf9z7kzx7SLCXFqtcqmLyOQm2ixIK4DjKUNg_8O5WFAxLNGU-QUn29W8soa2B5q8ho0ul95mymzILtm9YQDedX_DteR8QtBu_j5xs5VS9gsv8okr2sUb8qpbnZaIplXhOmRc3biH1ItJ_ZZwdVGsJ8BKc_cqi3gXSKXYW7IC2sSnHeo2Y9xSVg3er9rzJZx9E6I034LG-UjB-41pYMDtOXb6ezg9wTmtHbIAFgcW2-hw
Domain
cdn.id5-sync.com
URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Domain
wrappers.geoedge.be
URL
https://wrappers.geoedge.be/wrapper.html
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023011001&jk=3527826757056788&rc=

Verdicts & Comments Add Verdict or Comment

253 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| oncontentvisibilityautostatechange boolean| subscribed boolean| isMobileOrTablet boolean| isIos string| adUnitsMapKey string| adPageCode string| sectionCode string| articleId string| headline object| contentTagId object| adHocTag object| stock_id object| keywords string| channelName string| channelId boolean| hasPopupPanel string| referer object| extraTarget object| article_basic_info string| articleContendAd function| _googCsa function| initGtm number| googleNDT_ number| googleAltLoader object| google function| initFaceBook object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent function| QR8bitByte function| QRCode object| QRMode object| QRErrorCorrectLevel object| QRMaskPattern object| QRUtil object| QRMath function| QRPolynomial function| QRRSBlock function| QRBitBuffer object| dialogConfig object| dialogUnitsMap object| adUnitsSizeMap object| googletag function| initHotChart function| initMmenu function| initHamburgerMenu function| facebookShare function| setCookie function| getCookie function| popupToast function| copyUrl function| commonCallbackMap object| adUnitsMap object| pageConfig undefined| timeoutResize undefined| windowWidthResize function| initGoogleTag function| buildAdTarget function| reduceLine function| showSharePopup function| closeSharePopup function| openSearchBar function| closeSearchBar function| initflickity function| initRealtimeQuotes function| initSimpleSearchForm function| initGoToTopButton function| initIEMessage function| controlBanner function| initMobileSlider function| popupCenter function| initThirdParty function| initSmartBanner function| isElementInViewport function| initReadyVideoCheck function| htmlEncode function| initEmailSubscriptionBox function| initAppRedirectPanel function| initAppOnlyPanel function| genQrCodes function| placeArticleExtendButton function| initAppDownloadBannerHeader function| $ undefined| jQuery function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| imagesLoaded object| lazySizesConfig object| lazySizes object| toastr object| popup function| Delay object| ViewportHandler function| tabBar object| MouseToTouch object| floatVideo object| HeaderHandler object| SearchSuggestionHandler object| jQuery112408902444915440277 object| sectionWidgetSticky function| OpenMmenu function| CloseMmenu function| PopupHamburgerMenu function| OpenHotChart object| $ipyhkDropdownContainer object| ggeac object| google_tag_data undefined| google_measure_js_timing function| getRequestParam function| highlightKeyword function| printArticle function| updateFreeQuotaVariable function| duplicateMobileContent function| initPullDownMenu function| genAppOnlyQrCode function| PhotoSwipe function| PhotoSwipeUI_Default object| YouTubeIframeLoader function| Hls object| vttjs function| WebVTT function| videojs function| videojsIma function| videojsContribAds object| FontSizeAdjust object| AwsVideo object| playerHketConfig function| _getHketConfig function| _getEnvironment function| _buildImagePath function| _buildManualListImagePath function| _buildSourcePath function| _buildAds function| _bufferDebug function| _initInlog object| YoutubeVideo object| PhotoSwipeHket object| DomText object| Knowledge object| ProgressBar object| MobileShareBtn object| AutoplayScroll object| popUpBox function| genArticleUrl object| InfinityScroll object| $currentArticle object| $currentPvArticle object| $this object| googleTagTarget object| closure_lm_822942 function| processGoogleToken object| googleToken object| googleIMState object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| closure_lm_998768 object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ number| previousOffset object| dataLayer number| google_unique_id object| gaGlobal object| FB object| __buffer object| google_tag_manager function| hj object| _hjSettings function| fbq function| _fbq function| pushJQueryReadyEvent string| GoogleAnalyticsObject function| ga object| date string| expires object| photoswipeGTMEvent function| cookieAgree object| GoogleGcLKhOms string| url string| path object| gaplugins object| gaData object| google_image_requests object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| _paq string| isVideoLoggingChannel string| currentVideoTitle object| cookieHelper function| videoInit object| miniApp undefined| videoId number| customDimensionId string| customDimensionValue object| sm_tag_tag_fe55081e-be50-473d-8f11-22935e7a7a9a

31 Cookies

Domain/Path Name / Value
inews.hket.com/ Name: BIGipServerpool_http_hketinews_prod
Value: 1107404992.59425.0000
.hket.com/ Name: hket-currentFontSize
Value: 3
.youtube.com/ Name: YSC
Value: KDG60U1WsMY
.youtube.com/ Name: DEVICE_INFO
Value: ChxOekU0T1RnMk1qYzJORGt6TmpBek9UQXlOUT09EJeMnp4GGJeMnp4G
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: gcr2CotViOk
.doubleclick.net/ Name: IDE
Value: AHWqTUlUW3WEGDcVWhkWjczKYByjZmzLqXM6acRhXqvuZgY-z-P6HIBuTYerkaaqwTM
.hket.com/ Name: __gads
Value: ID=3e60d30139bf569d:T=1674020377:S=ALNI_Mbp2zYSQ5IdlTAKieBSTQb7F8Of7A
.hket.com/ Name: __gpi
Value: UID=00000ba4a3d57d02:T=1674020377:RT=1674020377:S=ALNI_Ma7GyIoHEMBuOx2sQizeZxrOzLgNg
.hket.com/ Name: hket-plus-anonymous
Value: 69b4f3af-ebdd-4b3a-2037749
.hket.com/ Name: _ga_FW085S0G3K
Value: GS1.1.1674020377.1.0.1674020377.0.0.0
.hket.com/ Name: _ga
Value: GA1.2.383476091.1674020377
.hket.com/ Name: _gid
Value: GA1.2.2146965406.1674020378
.hket.com/ Name: _gat_UA-5159780-1
Value: 1
.hket.com/ Name: _gat_UA-5159780-34
Value: 1
.hket.com/ Name: _fbp
Value: fb.1.1674020377683.1218425194
.hket.com/ Name: _hjSessionUser_834550
Value: eyJpZCI6IjU0OTE2Yjc2LTFiMWYtNTZjMS1hM2IxLWNhZmM0NjQzNjE1MyIsImNyZWF0ZWQiOjE2NzQwMjAzNzg1MjcsImV4aXN0aW5nIjpmYWxzZX0=
.hket.com/ Name: _hjFirstSeen
Value: 1
inews.hket.com/ Name: _hjIncludedInSessionSample
Value: 0
.hket.com/ Name: _hjSession_834550
Value: eyJpZCI6ImY2MWI2NDc4LTYxYWItNDQ2MS04ZmM3LTY0NTBiYjg2ZjQwMiIsImNyZWF0ZWQiOjE2NzQwMjAzNzg1NTIsImluU2FtcGxlIjpmYWxzZX0=
.hket.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
viselb01.hket.com/ Name: _AISID_
Value: null6D6B3DE4CF26A13A7305622B21E4675C
.hket.com/ Name: _AISID_
Value: null6D6B3DE4CF26A13A7305622B21E4675C
.lijit.com/ Name: ljt_reader
Value: GAVzvGZHiAds3QEsQse5Kv6H
.quantserve.com/ Name: d
Value: EDoBCQGKKIEA
.quantserve.com/ Name: mc
Value: 63c7861b-aebcc-0d906-adb8c
.simpli.fi/ Name: suid
Value: D0C0910075CA4319842E86169EAD484E
.de17a.com/ Name: guid
Value: 1.4054999620621288745
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%22D27677B4-D027-437C-AE16-C508BA4D1C05%22%7D
.360yield.com/ Name: tuuid
Value: bcb74f26-c48e-4720-8b16-2a8c811b0824
.360yield.com/ Name: tuuid_lu
Value: 1674020379
.yahoo.com/ Name: A3
Value: d=AQABBBuGx2MCEFkveq9l_TLhrAkX_QCx580FEgEBAQHXyGPRYwAAAAAA_eMAAA&S=AQAAAgl6X-E6tSQ9Trt4lfUMvrg

10 Console Messages

Source Level URL
Text
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 474)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
javascript error URL: https://inews.hket.com/article/3438925?r=cpsdlc
Message:
Access to XMLHttpRequest at 'https://plus.hket.com/anonymous_identity/SaveControl' from origin 'https://inews.hket.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://plus.hket.com/anonymous_identity/SaveControl
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ad.atdmt.com/i/img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=28887302;s.a=443002;p.a=353276808;a.a=544407136;cache=3302127397;
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://ad.atdmt.com/i/img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=28887302;s.a=443002;p.a=352921673;a.a=544401832;cache=3686821635;
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/index.html
Message:
Refused to apply style from 'https://s0.2mdn.net/sadbundle/11808949574055724151/Marriott-Global_Marriott-APD-2022_Display-Tool_728x90_V4Z3FY/brand.css' because its MIME type ('image/gif') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
security error URL: https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/index.html
Message:
Refused to apply style from 'https://s0.2mdn.net/sadbundle/859195233417467994/Marriott-Global_Marriott-APD-2022_Display-Tool_300x600_MMBohG/brand.css' because its MIME type ('image/gif') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAavPq0MT9SH6V74NlzDXoIC6itwfdT39pdAROz9dhOkx3a147wfOVZXoqe6h8GFv5JHMvRWHwgzIafeedKPu52jlcz98BjcjPdcx&google_gid=CAESEIYUH75xIIpZ3jjA9rcuCWU&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://s0.2mdn.net/json/hotel_names.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://s0.2mdn.net/json/hotel_names.json
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

08f0d4613ee4ec8bf4224bb645866258.safeframe.googlesyndication.com
851367f547691d98e6d8be48752e6c5a.safeframe.googlesyndication.com
a.tribalfusion.com
ad.atdmt.com
ad.doubleclick.net
ad4m.at
ads.travelaudience.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
ap.lijit.com
as.ad4m.at
assets.ad4m.at
c.amazon-adsystem.com
cdn.doubleverify.com
cdn.id5-sync.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
d5p.de17a.com
dclk-match.dotomi.com
dw.hketgroup.com
e.dlx.addthis.com
e1056743d6f65dd29dd2bd1d16e6e1d2.safeframe.googlesyndication.com
go1.aniview.com
googleads4.g.doubleclick.net
id.rlcdn.com
image6.pubmatic.com
imasdk.googleapis.com
inews.hket.com
inlog01.hket.com
match.360yield.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.rubiconproject.com
play.selectmedia.asia
player.aniview.com
plus.hket.com
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pubads.g.doubleclick.net
region1.google-analytics.com
rtb.openx.net
rtbpass-us.andbeyond.media
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
script.hotjar.com
securepubads.g.doubleclick.net
serv-selectmedia.com
sm1.selectmedia.asia
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.hotjar.com
static.xx.fbcdn.net
static01-proxy.hket.com
static04.hket.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.teads.tv
tg1.selectmedia.asia
tpc.googlesyndication.com
tps.doubleverify.com
track-selectmedia.com
track1.aniview.com
um.simpli.fi
ups.analytics.yahoo.com
vars.hotjar.com
viselb01.hket.com
wrappers.geoedge.be
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
ad.atdmt.com
ad.doubleclick.net
c.amazon-adsystem.com
cdn.id5-sync.com
go1.aniview.com
pagead2.googlesyndication.com
play.selectmedia.asia
plus.hket.com
s0.2mdn.net
serv-selectmedia.com
wrappers.geoedge.be
www.awin1.com
104.111.217.14
104.18.33.19
118.143.30.165
118.143.30.223
13.32.28.197
142.250.181.226
142.250.185.226
143.204.215.65
143.204.215.7
143.204.23.90
151.101.2.49
16.163.89.66
18.156.0.31
185.64.190.78
2001:4860:4802:32::36
213.155.156.180
213.254.244.25
216.52.2.39
23.203.125.36
2600:1901:0:76b9::
2600:9000:206f:200:19:debb:5bc0:93a1
2606:4700:20::681a:71b
2606:4700:20::681a:bd1
2606:4700:20::ac43:4a81
2606:4700::6812:18ad
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:800::2006
2a00:1450:4001:801::2004
2a00:1450:4001:801::200a
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::200a
2a00:1450:4001:827::2001
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c0b::9b
2a00:1450:400d:80e::200e
2a02:26f0:11a::217:9a8a
2a02:26f0:f700:4::212:4f0d
2a02:26f0:f700:4::212:4f0e
2a02:fa8:8806:16::1400
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a05:d018:d29:3605:dde3:6cb:7910:6ee0
3.83.62.214
34.107.214.50
34.117.33.6
34.91.62.186
35.190.0.66
35.227.252.103
35.244.174.68
51.89.9.254
52.212.129.166
52.222.214.13
52.223.40.198
65.9.66.92
69.16.175.10
69.173.144.138
98.98.134.243
99.86.240.114
047a6e554be18f88c8362e0aa1524b9adcd6c24a1e1c8a0d665c343c8f66b5fa
05dd0e0b8b94d061f9fba3d42c6fc2078e5dbb5d0e70e6aae2bf0d2c2b8280ab
06aa0595d899b7218859aeea75cc08f72856ef5e57947b7c267f73a85ced0c15
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
085bf9ca7dac86b02f69100debdf190e2a26033a81436267724f1d3de91b2a1c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10f02eb25f535059852c491b933586a756a14bc084810b00cac2be5f750cfc00
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12b80fdc79fc51393b9f956c71cb2a6187bff74aad1ba070982c5ef05058561f
14245eab55603b4b55aac867e5afeceeaf955a8157979939ce375e3fba70a8fe
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
153ad13938fbd67629df67b2c2836633ee74b91a4afa26547d17a8f66922a107
15bd42f008acb27168641cab6c1ef33f51944899c1256345d04f3c543ee73682
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
168365d0bb98b9bddebae0e9ba4cfb3bbfb42d387cc452a4899ff01a47b0e868
173332e93cda257ff7e87e0e21b0b2d164217742f8002933ef6fb2f8f4e5c498
17c1a65dfc520d641ac19f90acbbb439bd737a4e0bfbbffad3733203abe9280e
1a6043c48761c2330b12351dee5f354ff1832c1b26fb4b0eb1bca43a902ecbe9
1e7cc7a8f5a3f6076a6d6722fbdddc34746f420e1c73117ee8904d09c14dc825
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
23aba93a57ec8a4e277062af494f64d3a5bb85321a1fa060af94377c03ef7c71
251e23220f8b0c7dd2a363422610e911ca4a8ebb0ec036d32d821dbb5dbc0da9
27f5b100c25a8ef97876750b81222227c7d5ff0da6626d5fdfa8d4819738d4d9
28917fe73c4bb5e6c16897c992ce0c8ead44fe23ff5230af9f2eef2cbbfd88e3
2acd82ee52e265eae032ffcb67857ac6cab1cc111b5190f104c6271c9a6826b6
2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31f156db29bc341d3ac71ffb27acc694482e3246d062b6ee74782b2a0514c519
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
35f59a0671297463bedd4e40d1348403847c8b22bf90589084e2f21d6ed47ddc
38b38a8ae55647809ed664e492da29d628e1e93c3d869cfd50b1430796c5c5ac
394fda0fedfe1b6a5c689ab09546a0977d792554bf75a084e24e3b5b18fb5eca
39ae6b1a1ba72fc9d48b1848e9bc88f4b9da10688232ccca39d85b878db7af32
39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533
3e525277f007e12a1b10ef1e7da9577f4a6b14a562b80891149486de64febb6c
3ed8e615dc00c73098b49dd59279c21dc80d3b849b3a03efe45bcb0d4d8fe23c
44ce63bfabae9c230c65b20616e6884c681e5c526eb9d60bac1acdc43f3e8160
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46ba64e62c70a82fa989df35b3d2419e6017a40248d3680b86ddc352b154cae5
488dad46f21756e1e4b6f48b39e4aacffe5f15fc2be403311fa856e999930b77
4971e9fc754d2504d1ea41e28651652135710c47d6a5a9388699c56ac15e0691
4ab995345cf38f3951bc840ab2c0d043269e700e59f1c6d6cb7fb8946268b358
4c5ae6869b92973a0712aaed5a086d6928aed327fca5981ae839507ea05df674
4d648af4f9d9a671112b42da882063bace254931e0674e8700d59ed05ce526d3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
509018bc2582b008cd57929864258266d08d82352ddcefe0d67b48d13d1aa1fc
5546ef4fe55e4ac52b2529ab6fd4d567b3297ed9153f03e15e9895b9daef56f1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5684247e2e75ce3caade635dbe5910388671f7825215e86c6220ee763760ac49
5852f2c7092bd92c4b0cae00fca6d8f08e2e13b33fd60f742e9751c77e4c1752
593acdfeb9ef6a7c6f80c1918c52734d3b62e7c2319d54bb0f4ae8199f8fbea4
594cc5532c6f20e29ef1ac3e1ff3da02324d3baa8ed286c254b3792c05f4847c
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
600e39b64933dc44a03fab891f3979d6058caa1de3b00bc4fdc121aa9e2737e4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
64597fd148b2edfa22406f019255340d5b0b27390ee60a06523d4381ea143502
64e6cabf96617a453bcc3a1cc85522e76aface53316ca208d0fdd54fd3240581
6705b8781ba706f654fe7632dfef69c200c124efe2427ca6145abacce52193c8
682b54b5c9a38b017d9063f27038dbcabea5b3e2cd1e52c852514757d7e335f2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e44f7406ddff0ef14e5855d7d864a57e341a2716a264a59a195e17ab3f506a1
6e8556e923475a6bb83130c18d46ea34e686bfbd0a384804030b8abe0fd2a1eb
6f054007841af3fdd6b522b432dbff5a656e2823d4290b37a25edcd570cbeb1d
6f2847813534152374df0ae61a153d09fc73c4d3b654b8d4e65adce47ba4ad00
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
736fb641f5fababcf00f66eb53ef4bdff641a632bcea9a3d254b0b36e6271543
7560d43acee2597d64340cb009a174d404e1b500cd50c78b8494f4703748c582
76c6d47763b287f92fc311096fde139b91400e1f5214fca2b4b6ed77094368a0
79fd5090a5c6183320b1f33277853bae56cf68f320de8f7d68be080d2cae837c
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7e1adee22626162c0fb089096a3bd419c5a57d50043e31bf6e7b2ea292f6341f
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8342ee2a9f9695a268adafd8c87219e4b74b60e31d232533c88f993d27faa5ae
839f3e8fe56ca86d68e5a380a5d7609ec160e17d7e6796d2c98d0066931b163e
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
86d3f947bf8f90984ba2f5e095e54416161bd19abcbe8e3e6137e76772206bbf
8942ef222b34092b3c7dd7fd27010d431cdb1fc74c6db71bafb44c664fed4692
8ca03fa3c72e338653e246e887f62ae3f989595684fad728f1c84647f10255fc
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8f33b0376b952ae01acc10dc1d4bcebbe09d0b238e99f7e6d54aa8b04e441e90
8f5fbe5d6977e2d9badb51c299286eaf31cafa9dc63730be785ef0b6b790cd74
8fdebdb653ac2917fd6373766a74ed807b1df2b03fc20e7c9240932318bcd88f
91946212df335b6ff69f60002e3681e7ff5f95e2b2c2c6397a55128daaffbbae
96c0e8060c6da011e7ea61c4d27ec79695a890b053ef52889dc2967003efefea
9815c8482429960d87a5462c9a314f5b90f2e61a863bf0c0acacdad98ba29419
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
9ca01b2bf4b39731266cb0b009375ced6630ecc36b7623802f47036fe172499d
9d12bd846df1d9a7ee82214a4c6886e01ab5a98d49cd45e7631b2b6c04300b65
9fb5446b1834bd10e06ebccd98e42d110fcc701c088564da1afab2febacd3754
a006ec02817e554d0edcd85d7d4664b37959c24ac71072bb5b29277ce3797ffb
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1a74eef6e94e2e8414e313d3dac9c34b11fccf52909e9eb833ce2cf70ced650
a252f82913b2a56fd3c3895ae50a646f93c7aae48b8fe90316cb4e5b1e12e6bb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4eab65bcba6718b0cefc357596bd0b1436e9f3655929d13f1caa5580bbd2052
a6449d02e0aa44eb841020ebf9c1511913db90bfd6a5099c8422c55089f432a4
a7a41f2b53566d14932b1e38f9d3a5aa2030402730e8a67968b74110fadf2e37
a8d502e3699dfe24ccbc688aebc53f2971090ee299fc78dacc043cb167d22902
a92688eb1a244a52a91bee325394d97216716299f7a60ac8d9be2e40ddc5854b
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af7a66542220ecfb2b8fa0286b60ffa95c1c8047df094654a90e1ff75f848ef5
b175924be49b60de2bd4d746960aac08d31823a4a2b983874ae50df496701731
b17be775bd4f9ab557ee65d7d9871607bde1fb2f57bef0934e5b2c68ea705f1a
b3a7ec7dd95f82b5a09b67f1a438e5e5f5c6b048bbb9a707da06792d1488fc82
b401ed697c8d5b9e2e6b8dd3791b93c28fd88c85904ff567418193755ae989f4
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5a7c319902844a075d808b576761551eeb01120b6e2495505b757bf25133c2b
ba08a3d19225206e1f616f14c7d6e4f214002374c7086834026cb977a09748fc
bc54bb80c94127617cc0f018af91f09c6e2906affafb3a09191cdf2d574a0397
be5a37614c475bd6f4a155365709a9d8ea9b80e361793686d79f5e177b754a35
be6cfa7666c6ba6b7600d3fc9530900c6bdd9c7407dfd56143a9fdec67dff356
bed71600978f9e4ab1348d53a31cafab200245dd08441eb2a553ad8b4d5992c5
bff70cc67f36c252a4a1053f3047356ca99d93d7e37ff6fc0df8ad6b33ee530c
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba
c5b6598bb3fd9be4f047ef800229bc4be9a8427eae76e3008d66a3a41d947c6b
c77afa2076f3fa1141361c67ba162e03ce4001e3e32d48c45a2e3e6b7e22728b
c88797fe877f620ae2963c981693d3f3f5ce6aed03f79bc13f05f3f21b0249f7
c940b5d6fc4e7d2f6b146c721f7d41698aad374e429f75f24af28a1ad04c5f00
c98cf17b8ba96caea0ac708c699d34a4d0de7d9ae8f434d69b04eb4e754eebd0
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
cbffce6f8642619af7ed7335e32750f7f2933765d32c113115da0710aa7deadc
cd613120d73632e2cd2695221af7e32ff44f3a395435578eb444f2d5a453bcf8
cdf10f2d2c2627b33f59c5110c744cc586c01cc00616a689c81b818255de09b5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e1095db72bc8fceef234016ad7dd4afd2f479579f2fbbcc00925f2c1099a86
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d6fd1b5f03b568e242e07a3300aef8116c4526570116de1cd4559101f6f666eb
d9b4ed6bb59d1c0c75a130ca947ef90a06e253c7e8b841810b68c24d24fe6b3f
daf8261e9896ce069e367b1a64b35b853faf682a4b60e52bb0a8481d33741005
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e31ff0f1ed5deac538c532c50e7c2522edf24a7d2d418351cc4ff8e050b9cc98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8547d8c362cb1ff8e66f2aa33fe6797fafdda2fece2a8f63db602dd0525af9e
eb3377bdad82644bb7121f668d56bf53c81e31c7b495e65d0e594495fe7df3ad
ec4da734410948861d16c114b2b6cf5ad702c04ef2c0f5c51edf3cfc6d1461db
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f222874d6d14a9cbf8adc5b1cd25424f0e41ef61e7dbfd2e060aa42c1486fd39
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
fc68c3423fc3956bb2d36bf1e17d50a45c7f339d8a71f2d543c791cdf5baafdc
fcb2a2d76154a28aee5a1e84fce890f1e5bd8ef41d5a7c8368f1db418409cc83
fd2470950d6eeb8e50c84405c3cc2597dadebabe7c2019ec572fc651beb42aa3
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2