service.hket.com Open in urlscan Pro
118.143.30.228 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://service.hket.com/
Submission: On September 10 via manual (September 10th 2021, 4:27:50 am UTC) from HK — Scanned from DE

Summary HTTP 80 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 15 domains to perform 80 HTTP transactions. The main IP is 118.143.30.228, located in Central, Hong Kong and belongs to HUTCHISON-AS-AP HGC Global Communications Limited, HK. The main domain is service.hket.com.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 29th 2021. Valid for: a year.

This is the only time service.hket.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	118.143.30.228 118.143.30.228	9304 (HUTCHISON...) (HUTCHISON-AS-AP HGC Global Communications Limited)
11	2600:9000:218... 2600:9000:218e:5c00:19:debb:5bc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4007:80d::200a	15169 (GOOGLE) (GOOGLE)
6	142.250.74.226 142.250.74.226	15169 (GOOGLE) (GOOGLE)
2	118.143.30.165 118.143.30.165	9304 (HUTCHISON...) (HUTCHISON-AS-AP HGC Global Communications Limited)
2	2a00:1450:400... 2a00:1450:4007:817::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4007:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4007:807::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4007:81a::2001	15169 (GOOGLE) (GOOGLE)
1	13.225.25.50 13.225.25.50	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f03... 2a03:2880:f030:13:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
16	2a00:1450:400... 2a00:1450:4007:815::200e	15169 (GOOGLE) (GOOGLE)
2 4	52.222.158.53 52.222.158.53	16509 (AMAZON-02) (AMAZON-02)
2	18.138.210.132 18.138.210.132	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4007:818::2002	15169 (GOOGLE) (GOOGLE)
1	52.222.158.124 52.222.158.124	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4007:805::2001	15169 (GOOGLE) (GOOGLE)
1	52.222.149.70 52.222.149.70	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	52.222.149.30 52.222.149.30	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4007:80e::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4007:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4007:805::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4007:808::2003	15169 (GOOGLE) (GOOGLE)
80	26

1 118.143.30.228 (Central, Hong Kong)

ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK)

service.hket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:218e:5c00:19:debb:5bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static01-proxy.hket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:80d::200a (Ireland)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.74.226 (United States)

ASN15169 (GOOGLE, US)
PTR: par10s40-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 118.143.30.165 (Central, Hong Kong)

ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK)

inlog01.hket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4007:817::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4007:813::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4007:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:81a::2001 (Ireland)

ASN15169 (GOOGLE, US)

868a857eb87f881f49544a92926ec00d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.25.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-25-50.cdg3.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f030:13:face:b00c:0:3 (France)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4007:815::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.158.53 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-53.cdg52.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.138.210.132 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-138-210-132.ap-southeast-1.compute.amazonaws.com

viselb01.hket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4007:818::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.158.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-158-124.cdg52.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4007:805::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.149.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-70.cdg52.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11f:83:face:b00c:0:25de (Pantin, France)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.149.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-149-30.cdg52.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:80e::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4007:811::2001 (Ireland)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:805::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4007:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	google-analytics.com www.google-analytics.com	21 KB
16	hket.com service.hket.com static01-proxy.hket.com inlog01.hket.com viselb01.hket.com plus.hket.com Failed	265 KB
11	googlesyndication.com 868a857eb87f881f49544a92926ec00d.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	56 KB
7	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	177 KB
5	ampproject.org cdn.ampproject.org	102 KB
4	facebook.com www.facebook.com	662 B
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com	1 KB
3	facebook.net connect.facebook.net	201 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	62 KB
3	google.com adservice.google.com www.google.com	2 KB
2	gstatic.com fonts.gstatic.com	43 KB
2	google.de adservice.google.de	1018 B
2	googletagmanager.com www.googletagmanager.com	151 KB
2	googleapis.com imasdk.googleapis.com fonts.googleapis.com	121 KB
1	hotjar.io vc.hotjar.io	257 B
80	15

	Domain	Requested by
16	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
11	static01-proxy.hket.com	service.hket.com
6	securepubads.g.doubleclick.net	static01-proxy.hket.com securepubads.g.doubleclick.net service.hket.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com service.hket.com
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	www.facebook.com
4	sb.scorecardresearch.com	2 redirects
3	connect.facebook.net	service.hket.com connect.facebook.net
2	fonts.gstatic.com	fonts.googleapis.com
2	viselb01.hket.com	static01-proxy.hket.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	www.googletagmanager.com	service.hket.com www.googletagmanager.com
2	inlog01.hket.com	static01-proxy.hket.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	vc.hotjar.io	script.hotjar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	www.googletagmanager.com
1	868a857eb87f881f49544a92926ec00d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	imasdk.googleapis.com	service.hket.com
1	service.hket.com
0	plus.hket.com Failed	static01-proxy.hket.com
80	26

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net
adssettings.google.com

Subject Issuer	Validity	Valid
*.hket.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-29` - `2022-07-07`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.hotjar.io Amazon	`2021-08-17` - `2022-09-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://service.hket.com/
Frame ID: FD1BA35F156754637B360D75DF3AF666
Requests: 74 HTTP requests in this frame

Frame: https://868a857eb87f881f49544a92926ec00d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 486DC371CF53A7C83DDBA1D9675163B4
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: 0E11D42E40223E32F7F1A4560A3B50C6
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: C67E589FD80F158857868D7D90585453
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2A5C7EA6DC269F9158105A50FC44D6E3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

80
Requests

99 %
HTTPS

64 %
IPv6

15
Domains

26
Subdomains

26
IPs

6
Countries

1204 kB
Transfer

3809 kB
Size

18
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=CX7QYxN46YdrcDYfeb-jVmhiJi5L0ZInokMuxDZSaq_jaIhABIMLz4CtglfrwgYwHoAHMyveLA8gBCakCB83bTkvWsz7gAgCoAwHIAwqqBMcBT9BC4ft32DeCxER4RN_BgGMIiVTjnF7DP4VDjBubFB_5no6VfFT0ZgUUYRi8hWhojBQvk7UFUqFNYjbTI_J2Kfg6E7oWnS1LN_gOgQTTljEASM-5uJBqUHi_9Y5vj4a7q9092_zoqm1U0be8-qcqSlf15Tp9WngeMDo861w8LHhUL8KL12Ep8Sq6loac7OQT22_YdmJUo_FAmOUFqh4cZpaNRYEG_acoqi1eRze6mQ3-rEMpef93bEE2PPZ3iyrVvEs1hOtP7sAE4ZqLxMgD4AQBoAYugAectYh0qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2xCdkXkD7KtkahgAoDmAsByAsBgAwBuAwBuBOIJ9gTDYgUAtAVAZgWAYAXAQ&ae=1&num=1&sig=AOD64_2JtjamaQCQaGCJf75--j8QjeEnwQ&client=ca-pub-9387637170231181&nb=9&adurl=https://www.mobile.de/verkaufen/a/fahrzeug/start%3Fi%3Dlisting%26mga_d89%3D_kid%3D2811746_bid%3D_cat%3DBehavioral%26gclid%3DEAIaIQobChMI2s6Wzcjz8gIVB-8bCh3oqgYDEAEYASAAEgIJBfD_BwE

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=CX7QYxN46YdrcDYfeb-jVmhiJi5L0ZInokMuxDZSaq_jaIhABIMLz4CtglfrwgYwHoAHMyveLA8gBCakCB83bTkvWsz7gAgCoAwHIAwqqBMcBT9BC4ft32DeCxER4RN_BgGMIiVTjnF7DP4VDjBubFB_5no6VfFT0ZgUUYRi8hWhojBQvk7UFUqFNYjbTI_J2Kfg6E7oWnS1LN_gOgQTTljEASM-5uJBqUHi_9Y5vj4a7q9092_zoqm1U0be8-qcqSlf15Tp9WngeMDo861w8LHhUL8KL12Ep8Sq6loac7OQT22_YdmJUo_FAmOUFqh4cZpaNRYEG_acoqi1eRze6mQ3-rEMpef93bEE2PPZ3iyrVvEs1hOtP7sAE4ZqLxMgD4AQBoAYugAectYh0qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2xCdkXkD7KtkahgAoDmAsByAsBgAwBuAwBuBOIJ9gTDYgUAtAVAZgWAYAXAQ&ae=1&num=1&sig=AOD64_2JtjamaQCQaGCJf75--j8QjeEnwQ&client=ca-pub-9387637170231181&nb=0&adurl=https://www.mobile.de/verkaufen/a/fahrzeug/start%3Fi%3Dlisting%26mga_d89%3D_kid%3D2811746_bid%3D_cat%3DBehavioral%26gclid%3DEAIaIQobChMI2s6Wzcjz8gIVB-8bCh3oqgYDEAEYASAAEgIJBfD_BwE
Title: Erfolgreich Auto inserieren

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=CX7QYxN46YdrcDYfeb-jVmhiJi5L0ZInokMuxDZSaq_jaIhABIMLz4CtglfrwgYwHoAHMyveLA8gBCakCB83bTkvWsz7gAgCoAwHIAwqqBMcBT9BC4ft32DeCxER4RN_BgGMIiVTjnF7DP4VDjBubFB_5no6VfFT0ZgUUYRi8hWhojBQvk7UFUqFNYjbTI_J2Kfg6E7oWnS1LN_gOgQTTljEASM-5uJBqUHi_9Y5vj4a7q9092_zoqm1U0be8-qcqSlf15Tp9WngeMDo861w8LHhUL8KL12Ep8Sq6loac7OQT22_YdmJUo_FAmOUFqh4cZpaNRYEG_acoqi1eRze6mQ3-rEMpef93bEE2PPZ3iyrVvEs1hOtP7sAE4ZqLxMgD4AQBoAYugAectYh0qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2xCdkXkD7KtkahgAoDmAsByAsBgAwBuAwBuBOIJ9gTDYgUAtAVAZgWAYAXAQ&ae=1&num=1&sig=AOD64_2JtjamaQCQaGCJf75--j8QjeEnwQ&client=ca-pub-9387637170231181&nb=7&adurl=https://www.mobile.de/verkaufen/a/fahrzeug/start%3Fi%3Dlisting%26mga_d89%3D_kid%3D2811746_bid%3D_cat%3DBehavioral%26gclid%3DEAIaIQobChMI2s6Wzcjz8gIVB-8bCh3oqgYDEAEYASAAEgIJBfD_BwE
Title: Jetzt Dein Auto per Inserat zum bestmöglichen Preisverkaufen - auf mobile.de

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=CX7QYxN46YdrcDYfeb-jVmhiJi5L0ZInokMuxDZSaq_jaIhABIMLz4CtglfrwgYwHoAHMyveLA8gBCakCB83bTkvWsz7gAgCoAwHIAwqqBMcBT9BC4ft32DeCxER4RN_BgGMIiVTjnF7DP4VDjBubFB_5no6VfFT0ZgUUYRi8hWhojBQvk7UFUqFNYjbTI_J2Kfg6E7oWnS1LN_gOgQTTljEASM-5uJBqUHi_9Y5vj4a7q9092_zoqm1U0be8-qcqSlf15Tp9WngeMDo861w8LHhUL8KL12Ep8Sq6loac7OQT22_YdmJUo_FAmOUFqh4cZpaNRYEG_acoqi1eRze6mQ3-rEMpef93bEE2PPZ3iyrVvEs1hOtP7sAE4ZqLxMgD4AQBoAYugAectYh0qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2xCdkXkD7KtkahgAoDmAsByAsBgAwBuAwBuBOIJ9gTDYgUAtAVAZgWAYAXAQ&ae=1&num=1&sig=AOD64_2JtjamaQCQaGCJf75--j8QjeEnwQ&client=ca-pub-9387637170231181&nb=1&adurl=https://www.mobile.de/verkaufen/a/fahrzeug/start%3Fi%3Dlisting%26mga_d89%3D_kid%3D2811746_bid%3D_cat%3DBehavioral%26gclid%3DEAIaIQobChMI2s6Wzcjz8gIVB-8bCh3oqgYDEAEYASAAEgIJBfD_BwE
Title: Mobile.de MotorVerkauf

Search URL Search Domain Scan URL

URL: https://adclick.g.doubleclick.net/aclk?sa=l&ai=CX7QYxN46YdrcDYfeb-jVmhiJi5L0ZInokMuxDZSaq_jaIhABIMLz4CtglfrwgYwHoAHMyveLA8gBCakCB83bTkvWsz7gAgCoAwHIAwqqBMcBT9BC4ft32DeCxER4RN_BgGMIiVTjnF7DP4VDjBubFB_5no6VfFT0ZgUUYRi8hWhojBQvk7UFUqFNYjbTI_J2Kfg6E7oWnS1LN_gOgQTTljEASM-5uJBqUHi_9Y5vj4a7q9092_zoqm1U0be8-qcqSlf15Tp9WngeMDo861w8LHhUL8KL12Ep8Sq6loac7OQT22_YdmJUo_FAmOUFqh4cZpaNRYEG_acoqi1eRze6mQ3-rEMpef93bEE2PPZ3iyrVvEs1hOtP7sAE4ZqLxMgD4AQBoAYugAectYh0qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB2xCdkXkD7KtkahgAoDmAsByAsBgAwBuAwBuBOIJ9gTDYgUAtAVAZgWAYAXAQ&ae=1&num=1&sig=AOD64_2JtjamaQCQaGCJf75--j8QjeEnwQ&client=ca-pub-9387637170231181&nb=8&adurl=https://www.mobile.de/verkaufen/a/fahrzeug/start%3Fi%3Dlisting%26mga_d89%3D_kid%3D2811746_bid%3D_cat%3DBehavioral%26gclid%3DEAIaIQobChMI2s6Wzcjz8gIVB-8bCh3oqgYDEAEYASAAEgIJBfD_BwE
Title: Weitere Infos

Search URL Search Domain Scan URL

URL: https://adssettings.google.com/whythisad?reasons=AB3afGEAAATTW1tbW251bGwsWzQ3XV0sW251bGwsImh0dHBzOi8vZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0L3BhZ2VhZC9pbnRlcmFjdGlvbi8_YWk9Q1g3UVl4TjQ2WWRyY0RZZmViLWpWbWhpSmk1TDBaSW5va011eERaU2FxX2phSWhBQklNTHo0Q3RnbGZyd2dZd0hvQUhNeXZlTEE4Z0JDYWtDQjgzYlRrdldzejdnQWdDb0F3SElBd3FxQk1jQlQ5QkM0ZnQzMkRlQ3hFUjRSTl9CZ0dNSWlWVGpuRjdEUDRWRGpCdWJGQl81bm82VmZGVDBaZ1VVWVJpOGhXaG9qQlF2azdVRlVxRk5ZamJUSV9KMktmZzZFN29XblMxTE5fZ09nUVRUbGpFQVNNLTV1SkJxVUhpXzlZNXZqNGE3cTkwOTJfem9xbTFVMGJlOC1xY3FTbGYxNVRwOVduZ2VNRG84NjF3OExIaFVMOEtMMTJFcDhTcTZsb2FjN09RVDIyX1lkbUpVb19GQW1PVUZxaDRjWnBhTlJZRUdfYWNvcWkxZVJ6ZTZtUTMtckVNcGVmOTNiRUUyUFBaM2l5clZ2RXMxaE90UDdzQUU0WnFMeE1nRDRBUUJvQVl1Z0FlY3RZaDBxQWZWeVJ1b0JfRFpHNmdIOHRrYnFBZU96aHVvQjVQWUc2Z0h1Z2FvQi02V3NRS29CNmEtRzZnSDg5RWJxQWVXMkJ1b0I2cWJzUUtvQjktZnNRTFlCd0RTQ0FrSWdPR0FFQkFCR0IyeENka1hrRDdLdGthaGdBb0RtQXNCeUFzQmdBd0J1QXdCdUJPSUo5Z1REWWdVQXRBVkFaZ1dBWUFYQVFcdTAwMjZzaWdoPVM2TzJJaU9GdEZBXHUwMDI2Y2lkPUNBUVNQQUNOSXJMTXAyX01TNzJWNmlLU0hWQW8xSERDSmk0R1RHZGFseExHM3RFblZoNFVIR2N5TXNWcXA4MElRVVU4bmJKVUVibE01MzV3c1ZRbHhnIixbbnVsbCxudWxsLG51bGwsImh0dHBzOi8vZGlzcGxheWFkcy1mb3JtYXRzLmdvb2dsZXVzZXJjb250ZW50LmNvbS9hZHMvcHJldmlldy9jb250ZW50LmpzP2NsaWVudD13dGFcdTAwMjZvYmZ1c2NhdGVkQ3VzdG9tZXJJZD01NjUzODY0ODcxXHUwMDI2Y3JlYXRpdmVJZD01MDQwMzUxMzg4MzVcdTAwMjZ2ZXJzaW9uSWQ9Mlx1MDAyNmFkR3JvdXBDcmVhdGl2ZUlkPTQ1OTk4NzQ5Nzk5M1x1MDAyNmh0bWxQYXJlbnRJZD1wcmV2LTBcdTAwMjZoZWlnaHQ9MjUwXHUwMDI2d2lkdGg9OTcwXHUwMDI2c2lnPUFDaVZCX3p2bkVNVVU4T0IyeVBVcXIzY0FOV2pOUWV5aEEiXSxudWxsLG51bGwsMSwiWEtyTThwUm1rQ0VJaWVpUXk3RU5FSXlUdmNRdUdOX0RwM1FpQ1cxdlltbHNaUzVrWlRJSUNBVVRHTENxRFJSQ0YyTmhMWEIxWWkwNU16ZzNOak0zTVRjd01qTXhNVGd4U0J4WUxtQ0lKM0FCIiwiMTI0OTE2MzkxODAiXV1dLFsxLDEsMSwxXV08fH2OqcCSMe8uSCEUnFxUX_OKoNixvsA7L2rAykV5F_tO12BjNYs5cnMc8BexX0qkdLC9hWvhSCfr1pP0CAJnP0dl3ZfWprfEWyghjnY42R8vET-AmufL2CgyqXBFk3eTO7ta0eRn4-KyIyb57L-0UZkfwlaA5MaiF09JgZ7PEE-GePBWO43ehtnS-AQrWLpiIz3agqDvjbweDoAMQreXx-cXvp_Q2TiTl4En5AV-Y117FgJdsmSzbg1PDe53MlfwwZcYeQ_Sp4TmhGslHa8wHdLwRa6J29pt14QK83201mV12ocRkc5RqniISZ1kEV5mJRel8zdPEWqVQ124wbqG,VkuVKfiX9ROphYh9LKickg&source=display

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://sb.scorecardresearch.com/b?c1=2&c2=17708049&ns__t=1631248067608&ns_c=UTF-8&c8=%E6%96%87%E7%AB%A0%E6%90%9C%E5%B0%8B%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20hket.com&c7=https%3A%2F%2Fservice.hket.com%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=17708049&ns__t=1631248067608&ns_c=UTF-8&c8=%E6%96%87%E7%AB%A0%E6%90%9C%E5%B0%8B%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20hket.com&c7=https%3A%2F%2Fservice.hket.com%2F&c9=

Request Chain 30

https://sb.scorecardresearch.com/c2/17708049/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

80 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
service.hket.com/ 63 KB
11 KB 2828ms
291ms Document
text/html 118.143.30.228
HUTCHISON-AS-AP H...

General

Check archive.org

Show headers Download Go to

Full URL

https://service.hket.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

118.143.30.228 Central, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),

Reverse DNS

Software

Apache-Coyote/1.1 /

Resource Hash

0a6675782230613a072d87b2e7c70f43f8ee81d4ba16706a1d5d2c0b06dd5132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Host: service.hket.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: Apache-Coyote/1.1
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
ETag: "0e5c08b15f759a5e0e0341d4eadb6cb80"
Content-Type: text/html;charset=UTF-8
Content-Language: de-DE
Transfer-Encoding: chunked
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Fri, 10 Sep 2021 04:27:42 GMT
Set-Cookie: BIGipServerpool_http_hketservice_prod=1208068288.33825.0000; path=/; Httponly; Secure

GET
H2 200 hket-icon-06.ttf
static01-proxy.hket.com/res/v3/dist/common/fonts/ 51 KB
51 KB 994ms
693ms Font
application/x-font-ttf 2600:9000:218e:5c00:19:debb:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static01-proxy.hket.com/res/v3/dist/common/fonts/hket-icon-06.ttf
Requested by: Host: service.hket.com
URL: https://service.hket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:5c00:19:debb:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13 /
Resource Hash: e7de5bd12e7bc7daa2ceeb6c6ab2c12e2f7fb711fc9b55eb532a370932db3385

Request headers

Referer: https://service.hket.com/
Origin: https://service.hket.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:45 GMT
via: 1.1 59217f0941f089caa7fbc6da584e0d2f.cloudfront.net (CloudFront)
last-modified: Fri, 10 Sep 2021 02:04:23 GMT
server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13
x-amz-cf-pop: CDG52-P1
etag: "caf0-5cb9a88bc57c0"
x-cache: RefreshHit from cloudfront
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 51952
x-amz-cf-id: mUrl1QEQNVVT2771a4HAyW-AvEPkpjw6gcQhx3Bv8ORLxvy_jvERMg==
expires: Sun, 10 Oct 2021 04:27:45 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 346 KB
120 KB 107ms
33ms Script
text/javascript 2a00:1450:4007:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: service.hket.com
URL: https://service.hket.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80d::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe08c3a5fd2d4a0c5a4f33864bbb3bddc095f87d1aba54a588163f3370b33ff4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121963
x-xss-protection: 0
expires: Fri, 10 Sep 2021 04:27:44 GMT

GET
H2 200 common-style-62cf5b63.min.js Show response
static01-proxy.hket.com/res/v3/dist/common/js/ 251 KB
38 KB 347ms
48ms Script
application/javascript 2600:9000:218e:5c00:19:debb:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static01-proxy.hket.com/res/v3/dist/common/js/common-style-62cf5b63.min.js
Requested by: Host: service.hket.com
URL: https://service.hket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:5c00:19:debb:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13 /
Resource Hash: cbeeef864f83669fd0424f78a2754f807a87467420281c68e6186649d531ec7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:44 GMT
content-encoding: gzip
last-modified: Fri, 03 Sep 2021 02:28:41 GMT
server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13
x-amz-cf-pop: CDG52-P1
etag: "3edca-5cb0e0ec00840-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f2d6260772a832e76c8c1c6e49903138.cloudfront.net (CloudFront)
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 38112
x-amz-cf-id: cmWW_ifakofSFU6cI4hwLG4SsPwXV_x5jZftdht_FmMSSLJNwmttpA==
expires: Sun, 10 Oct 2021 04:26:18 GMT

GET
H2 200 search-style-ca5c73a4.min.js Show response
static01-proxy.hket.com/res/v3/dist/common/js/ 55 KB
9 KB 964ms
665ms Script
application/javascript 2600:9000:218e:5c00:19:debb:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static01-proxy.hket.com/res/v3/dist/common/js/search-style-ca5c73a4.min.js
Requested by: Host: service.hket.com
URL: https://service.hket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:5c00:19:debb:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13 /
Resource Hash: 5c6ccf6127a1346abab94ed4902071dc2890a34830f94163fa821cb297d37067

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:45 GMT
content-encoding: gzip
last-modified: Tue, 07 Sep 2021 02:17:01 GMT
server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13
x-amz-cf-pop: CDG52-P1
etag: "db53-5cb5e5c646140-gzip"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 f2d6260772a832e76c8c1c6e49903138.cloudfront.net (CloudFront)
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8450
x-amz-cf-id: m1NAQd6pS34Eom6krO05ziC0riTPGuQ9iIZDVHVt8GiEpUlaYIG5oA==
expires: Sun, 10 Oct 2021 04:27:45 GMT

GET
H2 200 common-cb573edf.min.js Show response
static01-proxy.hket.com/res/v3/dist/common/js/ 280 KB
67 KB 328ms
30ms Script
application/javascript 2600:9000:218e:5c00:19:debb:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static01-proxy.hket.com/res/v3/dist/common/js/common-cb573edf.min.js
Requested by: Host: service.hket.com
URL: https://service.hket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:5c00:19:debb:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13 /
Resource Hash: e602b572f84811d9576d87f9612f0889d76cae977b7ae41cc24f32229437046d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:44 GMT
content-encoding: gzip
last-modified: Fri, 03 Sep 2021 02:25:19 GMT
server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13
x-amz-cf-pop: CDG52-P1
etag: "45fc4-5cb0e02b5c1c0-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f2d6260772a832e76c8c1c6e49903138.cloudfront.net (CloudFront)
cache-control: max-age=2592000
accept-ranges: bytes
x-amz-cf-id: IuK2GPX_ln0ZEDpzrWozaSx-DUnOL8CKF9py7RBWsnH2eZeuT1OkRw==
expires: Sun, 10 Oct 2021 04:26:18 GMT

GET
H2 200 search-18cbcef2.min.js Show response
static01-proxy.hket.com/res/v3/dist/common/js/ 71 KB
19 KB 990ms
692ms Script
application/javascript 2600:9000:218e:5c00:19:debb:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static01-proxy.hket.com/res/v3/dist/common/js/search-18cbcef2.min.js
Requested by: Host: service.hket.com
URL: https://service.hket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:5c00:19:debb:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13 /
Resource Hash: d538658698c9d0ac92c7aa6ae6aebb8fde2845fbab772520dc819a7b0fcf98d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:45 GMT
content-encoding: gzip
last-modified: Tue, 07 Sep 2021 02:17:01 GMT
server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13
x-amz-cf-pop: CDG52-P1
etag: "11df5-5cb5e5c646140-gzip"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 f2d6260772a832e76c8c1c6e49903138.cloudfront.net (CloudFront)
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 19254
x-amz-cf-id: La5O0i9LuI6CkrYth0q5YOnAalu1j4qbVeLwt-R93z-0Q0EFAxQY0Q==
expires: Sun, 10 Oct 2021 04:27:45 GMT

GET
H2 200 inlog-v1.4.min.js Show response
static01-proxy.hket.com/res/v3/script/common/inlog/ 3 KB
2 KB 349ms
50ms Script
application/javascript 2600:9000:218e:5c00:19:debb:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static01-proxy.hket.com/res/v3/script/common/inlog/inlog-v1.4.min.js
Requested by: Host: service.hket.com
URL: https://service.hket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:5c00:19:debb:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13 /
Resource Hash: 1e7cc7a8f5a3f6076a6d6722fbdddc34746f420e1c73117ee8904d09c14dc825

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:44 GMT
content-encoding: gzip
last-modified: Thu, 19 Sep 2019 02:07:25 GMT
server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13
x-amz-cf-pop: CDG52-P1
etag: "b09-592de6a28b140-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 f2d6260772a832e76c8c1c6e49903138.cloudfront.net (CloudFront)
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1121
x-amz-cf-id: pYQVYO_EB_Vk7skRlyvJV9IR8P2AaYFT6GEdz2yQBSLQyGyMFvukGQ==
expires: Sun, 10 Oct 2021 04:26:18 GMT

GET
H2 200 hket-top-logo-v2.png
static01-proxy.hket.com/res/v3/dist/common/images/ 3 KB
4 KB 30ms
30ms Image
image/png 2600:9000:218e:5c00:19:debb:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01-proxy.hket.com/res/v3/dist/common/images/hket-top-logo-v2.png
Requested by: Host: service.hket.com
URL: https://service.hket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:5c00:19:debb:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13 /
Resource Hash: a006ec02817e554d0edcd85d7d4664b37959c24ac71072bb5b29277ce3797ffb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:44 GMT
via: 1.1 f2d6260772a832e76c8c1c6e49903138.cloudfront.net (CloudFront)
last-modified: Fri, 10 Sep 2021 02:04:23 GMT
server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13
x-amz-cf-pop: CDG52-P1
etag: "cd3-5cb9a88bc57c0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3283
x-amz-cf-id: Zo--eHWRhsGry4g8SpeL65SaZE9yyQVJwgBgfqNubb1xxNdgoddNQw==
expires: Sun, 10 Oct 2021 04:26:20 GMT

GET
H2 200 hket-channel-v7.png
static01-proxy.hket.com/res/v3/dist/common/images/ 31 KB
32 KB 28ms
28ms Image
image/png 2600:9000:218e:5c00:19:debb:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01-proxy.hket.com/res/v3/dist/common/images/hket-channel-v7.png
Requested by: Host: service.hket.com
URL: https://service.hket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:5c00:19:debb:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13 /
Resource Hash: 5c6770e47fcfa1087b2b00286cb96059882f7751c4b433275be7e882cfcc4a79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:44 GMT
via: 1.1 f2d6260772a832e76c8c1c6e49903138.cloudfront.net (CloudFront)
last-modified: Fri, 10 Sep 2021 02:04:23 GMT
server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13
x-amz-cf-pop: CDG52-P1
etag: "7d9c-5cb9a88bc57c0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 32156
x-amz-cf-id: ok_oBlQaiCKp2DhJWlaQ0aLCgIJNDUSJQXu5daYrZYvNlKxd-_cTOA==
expires: Sun, 10 Oct 2021 04:26:20 GMT

GET
H2 200 multi-devices-05.png
static01-proxy.hket.com/res/v3/dist/common/images/ 5 KB
6 KB 26ms
26ms Image
image/png 2600:9000:218e:5c00:19:debb:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01-proxy.hket.com/res/v3/dist/common/images/multi-devices-05.png
Requested by: Host: service.hket.com
URL: https://service.hket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:5c00:19:debb:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13 /
Resource Hash: efd171944a55f94ae92763532eeb98ea43634ea8dc211053e9e68ec032203086

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:44 GMT
via: 1.1 f2d6260772a832e76c8c1c6e49903138.cloudfront.net (CloudFront)
last-modified: Fri, 10 Sep 2021 02:04:23 GMT
server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13
x-amz-cf-pop: CDG52-P1
etag: "15f1-5cb9a88bc57c0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 5617
x-amz-cf-id: fyuz5X6aRHgib_JVXpYVjAazWEChP8xwHyXWWrwk3qZhO9SOuiu0eQ==
expires: Sun, 10 Oct 2021 04:26:20 GMT

GET
H2 200 hket-logo-mmenu.png
static01-proxy.hket.com/res/v3/dist/common/images/ 1 KB
2 KB 36ms
36ms Image
image/png 2600:9000:218e:5c00:19:debb:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static01-proxy.hket.com/res/v3/dist/common/images/hket-logo-mmenu.png
Requested by: Host: service.hket.com
URL: https://service.hket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:5c00:19:debb:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13 /
Resource Hash: 9d12bd846df1d9a7ee82214a4c6886e01ab5a98d49cd45e7631b2b6c04300b65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:44 GMT
via: 1.1 f2d6260772a832e76c8c1c6e49903138.cloudfront.net (CloudFront)
last-modified: Fri, 10 Sep 2021 02:04:23 GMT
server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13
x-amz-cf-pop: CDG52-P1
etag: "494-5cb9a88bc57c0"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1172
x-amz-cf-id: YIIqHK8lR9juMt533c3ozAi_ZCb6yNxyWJsSY3tk0chVYxAAc8YRcA==
expires: Sun, 10 Oct 2021 04:26:20 GMT

GET
H2 200 weather.ttf
static01-proxy.hket.com/res/v3/dist/common/fonts/ 24 KB
25 KB 675ms
674ms Font
application/x-font-ttf 2600:9000:218e:5c00:19:debb:5bc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static01-proxy.hket.com/res/v3/dist/common/fonts/weather.ttf
Requested by: Host: service.hket.com
URL: https://service.hket.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:218e:5c00:19:debb:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13 /
Resource Hash: a6449d02e0aa44eb841020ebf9c1511913db90bfd6a5099c8422c55089f432a4

Request headers

Referer: https://service.hket.com/
Origin: https://service.hket.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:45 GMT
via: 1.1 59217f0941f089caa7fbc6da584e0d2f.cloudfront.net (CloudFront)
last-modified: Fri, 10 Sep 2021 02:04:23 GMT
server: Apache/2.4.16 (Unix) OpenSSL/1.0.1e-fips PHP/5.6.13
x-amz-cf-pop: CDG52-P1
etag: "61c8-5cb9a88bc57c0"
x-cache: Miss from cloudfront
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 25032
x-amz-cf-id: KtJPOHrKzCe_emgOvQKMkEk6l8_cBWwZ86oyWiVRqR7gCPfvu0O1qQ==
expires: Sun, 10 Oct 2021 04:27:45 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 71 KB
25 KB 99ms
31ms Script
text/javascript 142.250.74.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: static01-proxy.hket.com
URL: https://static01-proxy.hket.com/res/v3/dist/common/js/common-cb573edf.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

par10s40-in-f2.1e100.net

Software

sffe /

Resource Hash

4fa9c8fff3e63917de071d4d610fcc11d924bc216fa9e8d9c4e94e64a5b65dd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "983 / 97 of 1000 / last-modified: 1631225918"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25021
x-xss-protection: 0
expires: Fri, 10 Sep 2021 04:27:45 GMT

GET
H2 200 pubads_impl_2021090701.js Show response
securepubads.g.doubleclick.net/gpt/ 333 KB
117 KB 26ms
25ms Script
text/javascript 142.250.74.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

par10s40-in-f2.1e100.net

Software

sffe /

Resource Hash

ac8d2f2be577b89fdbd26a497ece0c0bc127dd2ed5676119e0055b62e4daf48e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 07 Sep 2021 08:38:19 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119497
x-xss-protection: 0
expires: Fri, 10 Sep 2021 04:27:45 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 141 B
133 B 53ms
27ms XHR
application/json 142.250.74.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=service.hket.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

par10s40-in-f2.1e100.net

Software

cafe /

Resource Hash

de9f512ceeb28d0a51e4505860079f1e09193cc286580c2a2c22c9bc73410e11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Sep 2021 04:27:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108
x-xss-protection: 0
expires: Fri, 10 Sep 2021 04:27:45 GMT

POST
H/1.1 200
OK weblog Show response
inlog01.hket.com/inlog/log/ 7 B
243 B 198ms
197ms XHR
text/html 118.143.30.165
HUTCHISON-AS-AP H...

General

Check archive.org

Show headers Download Go to

Full URL: https://inlog01.hket.com/inlog/log/weblog
Requested by: Host: static01-proxy.hket.com
URL: https://static01-proxy.hket.com/res/v3/dist/common/js/common-cb573edf.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 118.143.30.165 Central, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Access-Control-Allow-Origin: https://inlog01.hket.com/inlog/log/weblog
Accept: text/html, */*; q=0.01
Referer: https://service.hket.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://service.hket.com
Date: Fri, 10 Sep 2021 04:27:47 GMT
Access-Control-Allow-Credentials: true
Server: Apache-Coyote/1.1
Content-Length: 7
Vary: Origin
Content-Type: text/html

OPTIONS
H/1.1 200
OK weblog
inlog01.hket.com/inlog/log/ Frame 0
0 1062ms
197ms Preflight 118.143.30.165
HUTCHISON-AS-AP H...

General

Check archive.org

Show headers Download Go to

Full URL: https://inlog01.hket.com/inlog/log/weblog
Protocol: HTTP/1.1
Server: 118.143.30.165 Central, Hong Kong, ASN9304 (HUTCHISON-AS-AP HGC Global Communications Limited, HK),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin,content-type
Origin: https://service.hket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Apache-Coyote/1.1
Access-Control-Allow-Origin: https://service.hket.com
Vary: Origin
Access-Control-Allow-Methods: GET,PUT,POST
Access-Control-Allow-Headers: access-control-allow-origin, content-type
Access-Control-Allow-Credentials: true
Access-Control-Max-Age: 1600
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Content-Length: 0
Date: Fri, 10 Sep 2021 04:27:47 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 490 KB
96 KB 122ms
54ms Script
application/javascript 2a00:1450:4007:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WX5N6M

Requested by

Host: service.hket.com
URL: https://service.hket.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:817::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

81a980020e7be0424bbd6ce763c91ef4af434bdc20a130ae9dc93a0b81e62520

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:47 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97408
x-xss-protection: 0
expires: Fri, 10 Sep 2021 04:27:47 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 105ms
30ms Script
application/javascript 2a00:1450:4007:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=service.hket.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:813::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Sep 2021 04:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 102ms
31ms Script
application/javascript 2a00:1450:4007:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=service.hket.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Sep 2021 04:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 459 B
273 B 176ms
176ms XHR
text/plain 142.250.74.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4151163366187771&correlator=1707711277937390&output=ldjh&impl=fifs&eid=31062297&vrg=2021090701&ptt=17&sc=1&sfv=1-0-38&ecs=20210910&iu_parts=183518426%2Chket2_webrp_search_stickytop&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x160%7C970x90%7C970x250%7C728x90&eri=1&cust_params=inskin_yes%3Dtrue%26visitor_key%3DBeforeLogin%26section%3D%25E6%2596%2587%25E7%25AB%25A0%25E6%2590%259C%25E5%25B0%258B%2520-%2520%25E9%25A6%2599%25E6%25B8%25AF%25E7%25B6%2593%25E6%25BF%259F%25E6%2597%25A5%25E5%25A0%25B1%2520hket.com&cookie_enabled=1&bc=31&abxe=1&lmt=1631248067&dt=1631248067441&dlt=1631248064184&idt=1395&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=433756689&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fservice.hket.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x20&msz=0x0&ga_vid=483770306.1631248067&ga_sid=1631248067&ga_hid=1218854760&ga_fc=false&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

par10s40-in-f2.1e100.net

Software

cafe /

Resource Hash

b3d5fc8008f34260f28dcb84c5e1775247f8728af24eae75abf3ded44eecdc4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:47 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 243
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://service.hket.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
868a857eb87f881f49544a92926ec00d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 486D 6 KB
3 KB 120ms
29ms Document
text/html 2a00:1450:4007:81a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://868a857eb87f881f49544a92926ec00d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:81a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 868a857eb87f881f49544a92926ec00d.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://service.hket.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 10 Sep 2021 04:27:47 GMT
expires: Sat, 10 Sep 2022 04:27:47 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 hotjar-834550.js Show response
static.hotjar.com/c/ 4 KB
2 KB 107ms
42ms Script
application/javascript 13.225.25.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-834550.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5N6M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.25.50 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-25-50.cdg3.r.cloudfront.net

Software

Resource Hash

a552c797ea2258ecd3fac3d9e377a74c29f0a54f5e972e6f341c7a0f872c5252

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:47 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: CDG3-C2
etag: W/0005b2aaf18b99fca476aeb0e082d81d
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1911
via: 1.1 4448f6f0cf46259e83792c753f97a4df.cloudfront.net (CloudFront)
x-amz-cf-id: WDayo4bosIMcUIpw29SY1VnogMmM1ZIL-tvWMfYGGyUuNvB_O0JBJw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 72ms
16ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: service.hket.com
URL: https://service.hket.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25999
x-xss-protection: 0
pragma: public
x-fb-debug: T+ej6qjLBcdPACOToXVeSohpND5qLEcd2Igm84YxKJO3CO1Mzbr02pbWm08TbaO6ThnMnwx/DAPNdJAUhOx86g==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 10 Sep 2021 04:27:47 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 95ms
24ms Script
text/javascript 2a00:1450:4007:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5N6M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:815::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 6507
date: Fri, 10 Sep 2021 02:39:20 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Fri, 10 Sep 2021 04:39:20 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=17708049&ns__t=1631248067608&ns_c=UTF-8&c8=%E6%96%87%E7%AB%A0%E6%90%9C%E5%B0%8B%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20hket.com&c7...
https://sb.scorecardresearch.com/b2?c1=2&c2=17708049&ns__t=1631248067608&ns_c=UTF-8&c8=%E6%96%87%E7%AB%A0%E6%90%9C%E5%B0%8B%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20hket.com&c...

64 B
330 B

30ms
29ms

Image
image/gif

52.222.158.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=17708049&ns__t=1631248067608&ns_c=UTF-8&c8=%E6%96%87%E7%AB%A0%E6%90%9C%E5%B0%8B%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20hket.com&c7=https%3A%2F%2Fservice.hket.com%2F&c9=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.158.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-158-53.cdg52.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:47 GMT
via: 1.1 b474cf5c401bab2aebbb30cbe885dad0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P2
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 0Xa9zoxudbc3si8-qMBsnigrHwWtXiyGIJBjtbWRkpUAZsNMMJRv8Q==

Redirect headers

date: Fri, 10 Sep 2021 04:27:47 GMT
via: 1.1 b474cf5c401bab2aebbb30cbe885dad0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=17708049&ns__t=1631248067608&ns_c=UTF-8&c8=%E6%96%87%E7%AB%A0%E6%90%9C%E5%B0%8B%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20hket.com&c7=https%3A%2F%2Fservice.hket.com%2F&c9=
content-length: 258
x-amz-cf-id: au4qgDjvHrHV2mrIfGhEnIld2Zui2LIPaqmmIZ29Yv4WU923_ihYyQ==

OPTIONS
H2 200 id.do
viselb01.hket.com/ajax/get/ Frame 0
0 798ms
174ms Preflight 18.138.210.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://viselb01.hket.com/ajax/get/id.do
Protocol: H2
Server: 18.138.210.132 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-138-210-132.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: access-control-allow-origin
Origin: https://service.hket.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 10 Sep 2021 04:27:48 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin: https://service.hket.com
access-control-allow-methods: GET,POST,PUT
access-control-allow-headers: access-control-allow-origin
access-control-allow-credentials: true
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 149 KB
55 KB 36ms
35ms Script
application/javascript 2a00:1450:4007:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FW085S0G3K&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5N6M

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:817::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5705d1dc391b9c1b2c830ff88c78e70d383ca28e3349360fa2b673faa124fa05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:47 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56202
x-xss-protection: 0
expires: Fri, 10 Sep 2021 04:27:47 GMT

POST SaveControl
plus.hket.com/anonymous_identity/ 0
0

POST
H2 200 id.do Show response
viselb01.hket.com/ajax/get/ 46 B
792 B 504ms
167ms XHR
text/html 18.138.210.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://viselb01.hket.com/ajax/get/id.do
Requested by: Host: static01-proxy.hket.com
URL: https://static01-proxy.hket.com/res/v3/dist/common/js/common-cb573edf.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.138.210.132 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-138-210-132.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: 5c1bf281e461b43b411fccfcadf295f33a5586a992d3aca673936a42ae2d4cd7

Request headers

Access-Control-Allow-Origin: https://viselb01.hket.com/ajax/get/id.do
Accept: text/html, */*; q=0.01
Referer: https://service.hket.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://service.hket.com
date: Fri, 10 Sep 2021 04:27:48 GMT
access-control-allow-credentials: true
content-disposition: inline;filename=f.txt
content-length: 46
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/html;charset=ISO-8859-1

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/17708049/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
349 B

20ms
20ms

Script
application/javascript

52.222.158.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.158.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-158-53.cdg52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:05:14 GMT
via: 1.1 b474cf5c401bab2aebbb30cbe885dad0.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 1355
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: CDG52-P2
accept-ranges: bytes
content-length: 0
x-amz-cf-id: 4YjDBre9Ndzrj78ey2lWwAPUfRt0F_1aECjoPwDwikmtz6oBsgHYQA==

Redirect headers

date: Fri, 10 Sep 2021 04:27:47 GMT
via: 1.1 b474cf5c401bab2aebbb30cbe885dad0.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P2
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-c2/default/cs.js
content-length: 48
x-amz-cf-id: izym7flutVCgL9kXz1gsJCMcWtELGKHQSKAVOJxHUtnGlGP0vHX6Vg==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 108ms
33ms XHR
application/json 2a00:1450:4007:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021090701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:818::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82c8006c7a9ccbea4811ee6e2f766b06bb576c045614d0dd41ed2160dae89531

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Sep 2021 04:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8517
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
171 B 28ms
28ms Ping
text/plain 2a00:1450:4007:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-FW085S0G3K&gtm=2oe910&_p=1218854760&sr=1600x1200&ul=en-us&cid=483770306.1631248067&_s=1&dl=%2F&dt=%E6%96%87%E7%AB%A0%E6%90%9C%E5%B0%8B%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20hket.com&sid=1631248067&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.formal_tags=&ep.timestamp=2021-09-10%204%3A27%3A47%20AM&ep.plus_id=&ep.info_date=
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FW085S0G3K&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4007:815::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://service.hket.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Sep 2021 04:27:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://service.hket.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1239415992893153 Show response
connect.facebook.net/signals/config/ 305 KB
88 KB 18ms
17ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1239415992893153?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0555193fba954faf8039c62da4b8fc654a5d9fd480edd535183ccafb7b4ac55c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 89158
x-xss-protection: 0
pragma: public
x-fb-debug: dEx8mKWRHU01zi14ItL0FzAbgSO/qC0QLfJAIsVkDRL1Nt8up1QH+3AR14zc3hM14AH66+k7ma1t0pcsH+QEeg==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 10 Sep 2021 04:27:47 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.5fe2f4f38cf4833026a9.js Show response
script.hotjar.com/ 221 KB
59 KB 88ms
26ms Script
application/javascript 52.222.158.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-834550.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.158.124 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-158-124.cdg52.r.cloudfront.net

Software

Resource Hash

33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Thu, 09 Sep 2021 07:15:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76362
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59626
access-control-allow-origin: *
last-modified: Thu, 09 Sep 2021 07:14:26 GMT
etag: "e8c5ca8d148a212696c04c37e713b2a1"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1cfb3433a86e7969c88f0dfbfd15af33.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: CDG52-P2
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: IojhlQgVJ-bWFnCQYWzcK9aEYwSNwFniklNdMQRQULxwsOscEdySig==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
92 B 28ms
27ms XHR
text/plain 2a00:1450:4007:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1218854760&t=pageview&_s=1&dl=https%3A%2F%2Fservice.hket.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%E6%96%87%E7%AB%A0%E6%90%9C%E5%B0%8B%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20hket.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=1236575636&gjid=1835914580&cid=483770306.1631248067&tid=UA-5159780-1&_gid=74012399.1631248068&_r=1&gtm=2wg910WX5N6M&cd1=Anonymous&cd2=No%20record&cd3=No%20record&cd4=No%20record&cd5=unknown&cd7=1600x1200&z=581689614

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:815::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://service.hket.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Sep 2021 04:27:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://service.hket.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
68 B 28ms
28ms XHR
text/plain 2a00:1450:4007:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=1218854760&t=pageview&_s=1&dl=https%3A%2F%2Fservice.hket.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%E6%96%87%E7%AB%A0%E6%90%9C%E5%B0%8B%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20hket.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=1816852481&gjid=803682938&cid=483770306.1631248067&tid=UA-5159780-38&_gid=74012399.1631248068&_r=1&gtm=2wg910WX5N6M&cd1=Anonymous&cd2=No%20record&cd3=No%20record&cd4=No%20record&cd5=unknown&z=2024568556

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:815::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://service.hket.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Sep 2021 04:27:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://service.hket.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
132 B 25ms
24ms Image
image/gif 2a00:1450:4007:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1218854760&t=pageview&_s=1&dl=https%3A%2F%2Fservice.hket.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%E6%96%87%E7%AB%A0%E6%90%9C%E5%B0%8B%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20hket.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=&gjid=&cid=483770306.1631248067&tid=UA-5159780-1&_gid=74012399.1631248068&gtm=2wg910WX5N6M&cd1=Anonymous&cd2=No%20record&cd3=No%20record&cd4=No%20record&cd5=unknown&cd7=1600x1200&z=548626793

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:815::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Sep 2021 13:35:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53533
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 34ms
34ms Image
image/gif 2a00:1450:4007:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1218854760&t=pageview&_s=1&dl=https%3A%2F%2Fservice.hket.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%E6%96%87%E7%AB%A0%E6%90%9C%E5%B0%8B%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20hket.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAAC~&jid=&gjid=&cid=483770306.1631248067&tid=UA-5159780-38&_gid=74012399.1631248068&gtm=2wg910WX5N6M&cd1=Anonymous&cd2=No%20record&cd3=No%20record&cd4=No%20record&cd5=unknown&z=109275816

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:815::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Sep 2021 13:35:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53533
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 35ms
34ms Image
image/gif 2a00:1450:4007:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1218854760&t=event&ni=0&_s=1&dl=https%3A%2F%2Fservice.hket.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%E6%96%87%E7%AB%A0%E6%90%9C%E5%B0%8B%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20hket.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F&el=10%25&_u=YADAAEABAAAAAC~&jid=&gjid=&cid=483770306.1631248067&tid=UA-5159780-1&_gid=74012399.1631248068&gtm=2wg910WX5N6M&z=74684072

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:815::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Sep 2021 13:35:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53533
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 35ms
34ms Image
image/gif 2a00:1450:4007:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1218854760&t=event&ni=0&_s=1&dl=https%3A%2F%2Fservice.hket.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%E6%96%87%E7%AB%A0%E6%90%9C%E5%B0%8B%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20hket.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F&el=20%25&_u=YADAAEABAAAAAC~&jid=&gjid=&cid=483770306.1631248067&tid=UA-5159780-1&_gid=74012399.1631248068&gtm=2wg910WX5N6M&z=1325204733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:815::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Sep 2021 13:35:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53533
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 35ms
34ms Image
image/gif 2a00:1450:4007:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1218854760&t=event&ni=0&_s=1&dl=https%3A%2F%2Fservice.hket.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%E6%96%87%E7%AB%A0%E6%90%9C%E5%B0%8B%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20hket.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F&el=30%25&_u=YADAAEABAAAAAC~&jid=&gjid=&cid=483770306.1631248067&tid=UA-5159780-1&_gid=74012399.1631248068&gtm=2wg910WX5N6M&z=369275922

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:815::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Sep 2021 13:35:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53533
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 36ms
34ms Image
image/gif 2a00:1450:4007:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1218854760&t=event&ni=0&_s=1&dl=https%3A%2F%2Fservice.hket.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%E6%96%87%E7%AB%A0%E6%90%9C%E5%B0%8B%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20hket.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F&el=40%25&_u=YADAAEABAAAAAC~&jid=&gjid=&cid=483770306.1631248067&tid=UA-5159780-1&_gid=74012399.1631248068&gtm=2wg910WX5N6M&z=595572214

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:815::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Sep 2021 13:35:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53533
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 36ms
35ms Image
image/gif 2a00:1450:4007:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1218854760&t=event&ni=0&_s=1&dl=https%3A%2F%2Fservice.hket.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%E6%96%87%E7%AB%A0%E6%90%9C%E5%B0%8B%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20hket.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F&el=50%25&_u=YADAAEABAAAAAC~&jid=&gjid=&cid=483770306.1631248067&tid=UA-5159780-1&_gid=74012399.1631248068&gtm=2wg910WX5N6M&z=607287707

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:815::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Sep 2021 13:35:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53533
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 36ms
35ms Image
image/gif 2a00:1450:4007:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1218854760&t=event&ni=0&_s=1&dl=https%3A%2F%2Fservice.hket.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%E6%96%87%E7%AB%A0%E6%90%9C%E5%B0%8B%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20hket.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F&el=60%25&_u=YADAAEABAAAAAC~&jid=&gjid=&cid=483770306.1631248067&tid=UA-5159780-1&_gid=74012399.1631248068&gtm=2wg910WX5N6M&z=1217700504

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:815::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Sep 2021 13:35:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53533
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 36ms
35ms Image
image/gif 2a00:1450:4007:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1218854760&t=event&ni=0&_s=1&dl=https%3A%2F%2Fservice.hket.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%E6%96%87%E7%AB%A0%E6%90%9C%E5%B0%8B%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20hket.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F&el=70%25&_u=YADAAEABAAAAAC~&jid=&gjid=&cid=483770306.1631248067&tid=UA-5159780-1&_gid=74012399.1631248068&gtm=2wg910WX5N6M&z=1991395727

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:815::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Sep 2021 13:35:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53533
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 36ms
36ms Image
image/gif 2a00:1450:4007:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1218854760&t=event&ni=0&_s=1&dl=https%3A%2F%2Fservice.hket.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%E6%96%87%E7%AB%A0%E6%90%9C%E5%B0%8B%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20hket.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F&el=80%25&_u=YADAAEABAAAAAC~&jid=&gjid=&cid=483770306.1631248067&tid=UA-5159780-1&_gid=74012399.1631248068&gtm=2wg910WX5N6M&z=954399355

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:815::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Sep 2021 13:35:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53533
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 37ms
36ms Image
image/gif 2a00:1450:4007:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1218854760&t=event&ni=0&_s=1&dl=https%3A%2F%2Fservice.hket.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%E6%96%87%E7%AB%A0%E6%90%9C%E5%B0%8B%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20hket.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F&el=90%25&_u=YADAAEABAAAAAC~&jid=&gjid=&cid=483770306.1631248067&tid=UA-5159780-1&_gid=74012399.1631248068&gtm=2wg910WX5N6M&z=1610185391

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:815::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Sep 2021 13:35:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53533
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 37ms
37ms Image
image/gif 2a00:1450:4007:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j93&a=1218854760&t=event&ni=0&_s=1&dl=https%3A%2F%2Fservice.hket.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%E6%96%87%E7%AB%A0%E6%90%9C%E5%B0%8B%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20hket.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=%2F&el=100%25&_u=YADAAEABAAAAAC~&jid=&gjid=&cid=483770306.1631248067&tid=UA-5159780-1&_gid=74012399.1631248068&gtm=2wg910WX5N6M&z=847206559

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:815::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Sep 2021 13:35:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 53533
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 109ms
30ms Script
text/javascript 2a00:1450:4007:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Fri, 10 Sep 2021 04:27:47 GMT

GET
H2 200 box-dfc01efbdc94bb0936d9a35a502b0b64.html Show response
vars.hotjar.com/ Frame 0E11 2 KB
1 KB 88ms
20ms Document
text/html 52.222.149.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-834550.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-70.cdg52.r.cloudfront.net
Software: /
Resource Hash: 88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://service.hket.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/

Response headers

content-type: text/html
content-length: 1044
date: Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "10714b84569172431728622d7c8098e4"
last-modified: Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b3c499d6bb51c2f743813fea28eaaf30.cloudfront.net (CloudFront)
x-amz-cf-pop: CDG52-P1
x-amz-cf-id: s27_q5nEVQYBJEhqIaJ8fJ8IuSy-AIDcAHT8SYnTMK2laOmnns5s7w==
age: 4461762

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
460 B 89ms
21ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-5159780-1&cid=483770306.1631248067&jid=1236575636&gjid=1835914580&_gid=74012399.1631248068&_u=YADAAEAAAAAAAC~&z=328147567

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://service.hket.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 10 Sep 2021 04:27:47 GMT
content-type: text/plain
access-control-allow-origin: https://service.hket.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1040111202850379 Show response
connect.facebook.net/signals/config/ 305 KB
88 KB 18ms
17ms Script
application/x-javascript 2a03:2880:f030:13:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1040111202850379?v=2.9.45&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f030:13:face:b00c:0:3 , France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

911624a705a6990a1ebe4f01a8eeeb0cb9d00830cf0175735e0469a3ab77bcd6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 89157
x-xss-protection: 0
pragma: public
x-fb-debug: NdOlcSGC7U4ZWQ1V9tv3F8e74DhDLTfonmPDHKSM9BQ9Ao1yIeGDviyO2Oa1m0jq4JYDAALoolnDBRCm1XT6pA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 10 Sep 2021 04:27:47 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 73ms
16ms Image
image/gif 2a03:2880:f11f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1239415992893153&ev=PageView&dl=https%3A%2F%2Fservice.hket.com%2F&rl=&if=false&ts=1631248067815&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1631248067814.290620894&it=1631248067736&coo=false&exp=p1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11f:83:face:b00c:0:25de Pantin, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 10 Sep 2021 04:27:47 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 34ms
16ms Image
image/gif 2a03:2880:f11f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1040111202850379&ev=PageView&dl=https%3A%2F%2Fservice.hket.com%2F&rl=&if=false&ts=1631248067856&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1631248067814.290620894&it=1631248067736&coo=false&exp=p1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11f:83:face:b00c:0:25de Pantin, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 10 Sep 2021 04:27:47 GMT

GET
H2 204 834550 Show response
vc.hotjar.io/sessions/ 0
257 B 103ms
41ms XHR
text/plain 52.222.149.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/834550?s=0.25&r=0.07438327604972361
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.149.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-149-30.cdg52.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:47 GMT
via: 1.1 12106f573f4d659c0533de0d7a9042c1.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: CDG52-P1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: YvoUsPxT_7waXSBL1fzmUiTJogugM_p3bjyLroNByzkmGetuzOOnyA==

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame C67E 12 KB
5 KB 25ms
24ms Document
text/html 2a00:1450:4007:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://service.hket.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Thu, 09 Sep 2021 07:46:31 GMT
expires: Fri, 09 Sep 2022 07:46:31 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 74476
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2A5C 783 B
1 KB 108ms
32ms Document
text/html 2a00:1450:4007:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80e::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

9e4587cfdc71594cd9170bc0b3cd063537b456594d44b28b2d63e957c9095c5d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UtAChtvYguxBCQQY+W5WeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://service.hket.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/

Response headers

expires: Fri, 10 Sep 2021 04:27:47 GMT
date: Fri, 10 Sep 2021 04:27:47 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-UtAChtvYguxBCQQY+W5WeQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js Show response
pagead2.googlesyndication.com/bg/ Frame C67E 35 KB
13 KB 78ms
24ms Script
text/javascript 2a00:1450:4007:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4M_hU0z2aGWsE6Fh5g73T3aOvXi4a4lK__VWYOQ1wYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:818::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 06 Sep 2021 19:33:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 291250
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13264
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 12:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Sep 2022 19:33:38 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 2A5C 0
0 45ms
45ms Image
text/html 2a00:1450:4007:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021090701&jk=4151163366187771&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4007:818::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
119 B 32ms
30ms Image
image/gif 2a00:1450:4007:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021090701&jk=4151163366187771&bg=!1dal1pLNAAYJpm41CaY7ACkAdvg8WkHkzx7wGWEchefvZg2pHdugRFDrlwORbvB3Wq6SlLWqREsPIgIAAABUUgAAAAloAQcKADZKr81E-iM3WQPfBOjNE7BIWm0OwIG_NVrdgu8fUGprOLo3ZJs_4r6neygjy9iyg5hhbJ_gDwaZAop4j3kLIORedFxKp7GxQqKrpGBPm5Osl0Maua8qC-4Y92te73dzH7VJFSDk2YH3VRqAkcVUjEYRlqWB4odV1DJUt0QTi27l_0v1p4IUkNFrIXlBeSOlvpIEiK1vU_aNK8HfwCqA7KW2qMzeTHu1_7EafO1NujbxYX5_mrZAiVGfMAteDnnoDruf2Vk76xOBZ53x8iDx10VXNP3SwUTCN4rvk2t4MeScklykWtsNM9G4FmJb8h1IjFleeNC7PtVNEhta1geK1ZuYcNrQtgY0sQ633TsTyBOAkCCFRKloTZFZ7nDdKgWhc22o826F8eFdRQkDhqpWPFej-1tgjFMg_mobBVlp5UHgV6v0CS-5Sx-31c-VEu6bxgYI8957NB4Elpc4oD5RiwZHEJiw6GML2CU39N3xTrd4PFJ1h0E3Fui4bMEq3eehxS7UuVTcm2ITKuogzZH0x4sgN6tHMpa1nt6hIvUMuoeU1MB4s_DIImfAdRLYkKFFzCI1Jun-HuyJckzxxfZIIqTpFpHchYtf9BNU5iyqkRryWr25LqfT44iWqd3MciE9X-ZbDYmiOk-qtv-t3sOLI2WOTfKPMHDufwwThYq4_gAwosd0cIUcQJWEkufXeciOURGf_k23CshZjivkyutos2joFipHK6XhBbTMm_pLJheCjriJWV8w3U2KJzs0KeZj_zSF7suCpmvknlrVcc0w9azz5MqqoP2crtaZVO55BFTmbGFXiCi2fmznxIN3gfZAJb5WOgP2JZg__AQRhfmmVSv-Ferb2wXEpLSPJ_Tyraaeom1b98KbGza1TziNlpPS5hItcFprmL8JdubdONI1g6j87omgQ5G5QZWCY2sUYDyCh6WKcg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:818::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Sep 2021 04:27:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 52ms
29ms Script
application/javascript 2a00:1450:4007:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=service.hket.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:813::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Sep 2021 04:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 331ms
30ms Script
application/javascript 2a00:1450:4007:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=service.hket.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Sep 2021 04:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 112 KB
35 KB 422ms
421ms XHR
text/plain 142.250.74.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4151163366187771&correlator=2556368401890361&output=ldjh&impl=fifs&eid=31062297&vrg=2021090701&ptt=17&sc=1&sfv=1-0-38&ecs=20210910&iu_parts=183518426%2Chket2_WebRP_Search_Fixed01%2Chket2_WebRP_Search_Fixed03%2Chket2_WebRP_Search_Fixed06%2Chket2_WebRP_Search_Special&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=1x1%7C728x90%7C970x90%7C970x160%7C970x250%7C990x200%7C1320x160%7C1320x250%2C300x250%7C300x600%2C728x90%2C728x90%2C1x1&eri=1&cust_params=inskin_yes%3Dtrue%26visitor_key%3DBeforeLogin%26section%3D%25E6%2596%2587%25E7%25AB%25A0%25E6%2590%259C%25E5%25B0%258B%2520-%2520%25E9%25A6%2599%25E6%25B8%25AF%25E7%25B6%2593%25E6%25BF%259F%25E6%2597%25A5%25E5%25A0%25B1%2520hket.com&cookie=ID%3Ddaba696f5ba2e08e-228c24e2f0ca000f%3AT%3D1631248067%3AS%3DALNI_MaDDGo3ZSzEvxXxLwbCZ5jCFgHp0g&bc=31&abxe=1&lmt=1631248068&dt=1631248068158&dlt=1631248064184&idt=1395&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C1160%2C-9%2C-9%2C125&adys=60%2C443%2C-9%2C-9%2C40&adks=1248984711%2C1593339122%2C2471577582%2C3719043022%2C42695547&ucis=2%7C3%7C4%7C5%7C6&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fservice.hket.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1320x0%7C300x234%7C0x-1%7C0x-1%7C1320x0&msz=728x44%7C300x15%7C0x-1%7C0x-1%7C0x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=483770306.1631248067&ga_sid=1631248067&ga_hid=1218854760&ga_fc=false&fws=128%2C132%2C2%2C2%2C128&ohw=0%2C1350%2C0%2C0%2C0&btvi=0%7C0%7C-1%7C-1%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

par10s40-in-f2.1e100.net

Software

cafe /

Resource Hash

e083a619336bb004c4385fba84f73c39a2e5153a95c76a871de2b089bb0ff430

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35585
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,5492019598
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,138321179976
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://service.hket.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 318ms
17ms Image
image/gif 2a03:2880:f11f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1239415992893153&ev=Microdata&dl=https%3A%2F%2Fservice.hket.com%2F&rl=&if=false&ts=1631248068317&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%E6%96%87%E7%AB%A0%E6%90%9C%E5%B0%8B%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20hket.com%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fservice.hket.com%2Fsearch%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1HKET%22%2C%22url%22%3A%22https%3A%2F%2Fwww.hket.com%22%2C%22logo%22%3A%7B%22%40type%22%3A%22ImageObject%22%2C%22width%22%3A116%2C%22height%22%3A62%2C%22url%22%3A%22https%3A%2F%2Fstatic01-proxy.hket.com%2Fres%2Fv3%2Fdist%2Fcommon%2Fimages%2Fseo-logo.png%22%7D%2C%22contactPoint%22%3A%7B%22%40type%22%3A%22ContactPoint%22%2C%22telephone%22%3A%22%2B852-2880-2888%22%2C%22contactType%22%3A%22customer%20support%22%7D%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2Fhketpage%2F%22%2C%22https%3A%2F%2Fwww.youtube.com%2Fuser%2Fhketvideo%2F%22%2C%22https%3A%2F%2Fwww.instagram.com%2Fhketnews%2F%22%5D%7D%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1631248067814.290620894&it=1631248067736&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11f:83:face:b00c:0:25de Pantin, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 10 Sep 2021 04:27:48 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 279ms
17ms Image
image/gif 2a03:2880:f11f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1040111202850379&ev=Microdata&dl=https%3A%2F%2Fservice.hket.com%2F&rl=&if=false&ts=1631248068357&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%E6%96%87%E7%AB%A0%E6%90%9C%E5%B0%8B%20-%20%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1%20hket.com%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fservice.hket.com%2Fsearch%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22name%22%3A%22%E9%A6%99%E6%B8%AF%E7%B6%93%E6%BF%9F%E6%97%A5%E5%A0%B1HKET%22%2C%22url%22%3A%22https%3A%2F%2Fwww.hket.com%22%2C%22logo%22%3A%7B%22%40type%22%3A%22ImageObject%22%2C%22width%22%3A116%2C%22height%22%3A62%2C%22url%22%3A%22https%3A%2F%2Fstatic01-proxy.hket.com%2Fres%2Fv3%2Fdist%2Fcommon%2Fimages%2Fseo-logo.png%22%7D%2C%22contactPoint%22%3A%7B%22%40type%22%3A%22ContactPoint%22%2C%22telephone%22%3A%22%2B852-2880-2888%22%2C%22contactType%22%3A%22customer%20support%22%7D%2C%22sameAs%22%3A%5B%22https%3A%2F%2Fwww.facebook.com%2Fhketpage%2F%22%2C%22https%3A%2F%2Fwww.youtube.com%2Fuser%2Fhketvideo%2F%22%2C%22https%3A%2F%2Fwww.instagram.com%2Fhketnews%2F%22%5D%7D%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1631248067814.290620894&it=1631248067736&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11f:83:face:b00c:0:25de Pantin, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 10 Sep 2021 04:27:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 10 Sep 2021 04:27:48 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012108302037000/ 189 KB
55 KB 91ms
21ms Script
text/javascript 2a00:1450:4007:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108302037000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17a98c3a25d9fd399347ac5d2a961ef3d614fb16ee9ea5b8eb1b3e0c71020839

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 213646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55349
x-xss-protection: 0
server: sffe
date: Tue, 07 Sep 2021 17:07:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0eac791049ec30cd"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 17:07:02 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012108302037000/v0/ 13 KB
5 KB 128ms
58ms Script
text/javascript 2a00:1450:4007:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108302037000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

406a56550c0b340121333c0eadf8f659cf194b2a39c656104e4de08915f4841e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 213646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4999
x-xss-protection: 0
server: sffe
date: Tue, 07 Sep 2021 17:07:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "e8df1836486da3b4"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 17:07:02 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012108302037000/v0/ 89 KB
28 KB 119ms
50ms Script
text/javascript 2a00:1450:4007:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108302037000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7805b83ba0d102b16fc4aee78be0a14a5214523f324fe5a8fdc8f8e264360d40

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 213646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28502
x-xss-protection: 0
server: sffe
date: Tue, 07 Sep 2021 17:07:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "76def82bacc9cde5"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 17:07:02 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012108302037000/v0/ 4 KB
2 KB 127ms
57ms Script
text/javascript 2a00:1450:4007:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108302037000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd277b479bb821c52d95118a17fb1529671d81106fc011675c4912491f06f147

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 213646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1636
x-xss-protection: 0
server: sffe
date: Tue, 07 Sep 2021 17:07:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c23f720ccc1ab13e"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 17:07:02 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012108302037000/v0/ 40 KB
13 KB 128ms
58ms Script
text/javascript 2a00:1450:4007:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012108302037000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:811::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d66c75b11c855491b00fc9433a6bdf0d6b59dda36321842b1530c19154e9bd

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 213646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12821
x-xss-protection: 0
server: sffe
date: Tue, 07 Sep 2021 17:07:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3720e45e7e363a69"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 17:07:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 102ms
31ms Stylesheet
text/css 2a00:1450:4007:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:805::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 10 Sep 2021 03:49:28 GMT
server: ESF
date: Fri, 10 Sep 2021 04:27:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Sep 2021 04:27:48 GMT

GET
H2 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ 3 KB
4 KB 25ms
25ms Image
image/png 2a00:1450:4007:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: service.hket.com
URL: https://service.hket.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Sep 2021 00:40:25 GMT
x-content-type-options: nosniff
server: cafe
age: 13643
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3430
x-xss-protection: 0
expires: Sat, 11 Sep 2021 00:40:25 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ 344 B
449 B 27ms
27ms Image
image/png 2a00:1450:4007:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: service.hket.com
URL: https://service.hket.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 10 Sep 2021 00:41:15 GMT
x-content-type-options: nosniff
server: cafe
age: 13593
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sat, 11 Sep 2021 00:41:15 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ 0
0 29ms
29ms Image
text/html 142.250.74.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CDJCoxN46YdrcDYfeb-jVmhiJi5L0ZInokMuxDZSaq_jaIhABIMLz4CtglfrwgYwHoAHMyveLA8gBCakCB83bTkvWsz7gAgCoAwHIAwqqBMQBT9BC4ft32DeCxER4RN_BgGMIiVTjnF7DP4VDjBubFB_5no6VfFT0ZgUUYRi8hWhojBQvk7UFUqFNYjbTI_J2Kfg6E7oWnS1LN_gOgQTTljEASM-5uJBqUHi_9Y5vj4a7q9092_zoqm1U0be8-qcqSlf15Tp9WngeMDo861w8LHhUL8KL12Ep8Sq6loac7OQT22_YdmJUo_FAmOUFqh4cZpaNRYEG_acoqi1eRze6mQ3-rAErdG2otpgz8i8fWYG3bshKncAE4ZqLxMgD4AQBkgUECAQYAZIFBAgFGASgBi6AB5y1iHSoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4b2AcA8gcEEIzSKdIICQiA4YAQEAEYHYAKA8gLAbgTiCfYEw2IFALQFQGYFgGAFwGyFx4KHAgAEhRwdWItOTM4NzYzNzE3MDIzMTE4MRiatRM&sigh=7BPeU9TikKU&template_id=5000
Requested by: Host: service.hket.com
URL: https://service.hket.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: par10s40-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11025918513613723990/ 14 KB
15 KB 26ms
26ms Image
image/jpeg 2a00:1450:4007:805::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11025918513613723990/downsize_200k_v1?w=600&h=314

Requested by

Host: service.hket.com
URL: https://service.hket.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:805::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

108efc444614c2a0bc04e66b624dc7ba70cc1d01aa4e74d817356648a065b2be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 05 Sep 2021 17:14:20 GMT
x-content-type-options: nosniff
age: 386008
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14788
x-xss-protection: 0
last-modified: Wed, 21 Oct 2020 14:32:45 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 05 Sep 2022 17:14:20 GMT

GET
DATA 200
OK truncated
/ 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc2979aa7c547259421f0c0aa4031329b1141419e42b81b82d1cc92c6cd2b4e4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ 21 KB
21 KB 115ms
44ms Font
font/woff2 2a00:1450:4007:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://service.hket.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 08 Sep 2021 20:14:16 GMT
x-content-type-options: nosniff
age: 116012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 08 Sep 2022 20:14:16 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ 21 KB
21 KB 93ms
24ms Font
font/woff2 2a00:1450:4007:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://service.hket.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 07 Sep 2021 06:03:02 GMT
x-content-type-options: nosniff
age: 253486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Sep 2022 06:03:02 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ 42 B
113 B 36ms
36ms Image
image/gif 2a00:1450:4007:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuLRZgc9C7lBxRDS3OrgLcNnv7sX4P-CRQRSyXHsAp_heqR5EbC42O9bE3C231_7ap0VNJO3pFzjs3o3V041ZEO3vnqB0ttBBxAzcLDpLyuuB2BPh7jmg&sai=AMfl-YQT7bR_hjXKA693gEfwEAPyonYJcHfACdaywPGR9zSDsT8ZkMs_INVol31BXicK3MN6cH-76xkY2d41Vatc5xwqzkid_3rqjlMkrl1J696r7GhI4GOxKtoJufvq&sig=Cg0ArKJSzMla2C5qYERPEAE&cid=CAASF-RoywWo8F_BZWKHuDbWRfWWBaxrnCSv&id=ampim&o=0,0&d=1600,1200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=43&tls=1043&g=100&h=100&tt=1043&r=v&avms=ampa&adk=1248984711

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:818::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://service.hket.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Sep 2021 04:27:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: plus.hket.com
URL: https://plus.hket.com/anonymous_identity/SaveControl

Verdicts & Comments Add Verdict or Comment

156 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
service.hket.com/	1969-12-31 23:59:59	Name: BIGipServerpool_http_hketservice_prod Value: 1208068288.33825.0000
.hket.com/	1970-01-20 05:53:04	Name: hket-plus-anonymous Value: c8c6325b-c787-4aad-4806764
.hket.com/	1970-01-20 14:38:40	Name: _ga_FW085S0G3K Value: GS1.1.1631248067.1.0.1631248067.0
.scorecardresearch.com/	1970-01-20 14:24:16	Name: UID Value: 1AU4QGDJVHRHV2MRIFGHENg1631248068
.hket.com/	1970-01-20 14:38:40	Name: _ga Value: GA1.2.483770306.1631248067
.hket.com/	1970-01-19 21:08:54	Name: _gid Value: GA1.2.74012399.1631248068
.hket.com/	1970-01-19 21:07:28	Name: _gat_UA-5159780-1 Value: 1
.hket.com/	1970-01-19 21:07:28	Name: _gat_UA-5159780-38 Value: 1
.hket.com/	1970-01-19 23:17:04	Name: _fbp Value: fb.1.1631248067814.290620894
.hket.com/	1970-01-20 05:53:04	Name: _hjid Value: 72744e06-7534-46d1-aae1-373a00905911
.hket.com/	1970-01-19 21:07:29	Name: _hjFirstSeen Value: 1
.hket.com/	1970-01-19 21:07:29	Name: _hjAbsoluteSessionInProgress Value: 1
.doubleclick.net/	1970-01-20 06:29:04	Name: IDE Value: AHWqTUljfuGwaDgd1_ydyk7DKNg2wwNor3SPNnh2V77CUL_fdwQuxyewTp7IP-7aKM0
.hket.com/	1970-01-20 06:29:04	Name: __gads Value: ID=daba696f5ba2e08e:T=1631248067:S=ALNI_MY6Hk0s-4OnYLtOanndmPkUWpTIPQ
viselb01.hket.com/	1970-01-19 21:17:32	Name: AWSALB Value: 0sxVk6tx04hs//SQBQ8HAk72I44Kso8OHAE9oql6NNdJ2vBSpI69q8zNoNoVVDmtQnRx3IKIjMo7Vq86x1anGsGKQQSZG+bovYLHi1ZLBv7IIxFFQOZ9UMU/lP9Q
viselb01.hket.com/	1970-01-19 21:17:32	Name: AWSALBCORS Value: 0sxVk6tx04hs//SQBQ8HAk72I44Kso8OHAE9oql6NNdJ2vBSpI69q8zNoNoVVDmtQnRx3IKIjMo7Vq86x1anGsGKQQSZG+bovYLHi1ZLBv7IIxFFQOZ9UMU/lP9Q
viselb01.hket.com/	1970-01-19 23:17:04	Name: _AISID_ Value: 20210910122748D8FDC440F4F5F20D3AA6B5495E8CC580
.hket.com/	1970-01-19 23:17:04	Name: _AISID_ Value: 20210910122748D8FDC440F4F5F20D3AA6B5495E8CC580

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://service.hket.com/ Message: Access to XMLHttpRequest at 'https://plus.hket.com/anonymous_identity/SaveControl' from origin 'https://service.hket.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://plus.hket.com/anonymous_identity/SaveControl Message: Failed to load resource: net::ERR_FAILED
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5N6M(Line 352) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-nUhKvbL7sOv1YTyta914N88b/taaIeIgwkq2SCgvtrs='), or a nonce ('nonce-...') is required to enable inline execution.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX5N6M(Line 352) Message: Refused to execute inline script because it violates the following Content Security Policy directive: "script-src https://cdn.ampproject.org/". Either the 'unsafe-inline' keyword, a hash ('sha256-QqrUDmb8LtDx56BIGc35GiHGXtxpTGjiH+Rt4HkAa/c='), or a nonce ('nonce-...') is required to enable inline execution.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

868a857eb87f881f49544a92926ec00d.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
cdn.ampproject.org
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
imasdk.googleapis.com
inlog01.hket.com
pagead2.googlesyndication.com
plus.hket.com
sb.scorecardresearch.com
script.hotjar.com
securepubads.g.doubleclick.net
service.hket.com
static.hotjar.com
static01-proxy.hket.com
stats.g.doubleclick.net
tpc.googlesyndication.com
vars.hotjar.com
vc.hotjar.io
viselb01.hket.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
plus.hket.com
118.143.30.165
118.143.30.228
13.225.25.50
142.250.74.226
18.138.210.132
2600:9000:218e:5c00:19:debb:5bc0:93a1
2a00:1450:4007:805::2001
2a00:1450:4007:805::200a
2a00:1450:4007:807::2002
2a00:1450:4007:808::2003
2a00:1450:4007:80d::200a
2a00:1450:4007:80e::2004
2a00:1450:4007:811::2001
2a00:1450:4007:813::2002
2a00:1450:4007:815::200e
2a00:1450:4007:817::2008
2a00:1450:4007:818::2002
2a00:1450:4007:81a::2001
2a00:1450:400c:c00::9a
2a03:2880:f030:13:face:b00c:0:3
2a03:2880:f11f:83:face:b00c:0:25de
52.222.149.30
52.222.149.70
52.222.158.124
52.222.158.53
0555193fba954faf8039c62da4b8fc654a5d9fd480edd535183ccafb7b4ac55c
0a6675782230613a072d87b2e7c70f43f8ee81d4ba16706a1d5d2c0b06dd5132
108efc444614c2a0bc04e66b624dc7ba70cc1d01aa4e74d817356648a065b2be
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17a98c3a25d9fd399347ac5d2a961ef3d614fb16ee9ea5b8eb1b3e0c71020839
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1e7cc7a8f5a3f6076a6d6722fbdddc34746f420e1c73117ee8904d09c14dc825
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
406a56550c0b340121333c0eadf8f659cf194b2a39c656104e4de08915f4841e
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fa9c8fff3e63917de071d4d610fcc11d924bc216fa9e8d9c4e94e64a5b65dd2
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5705d1dc391b9c1b2c830ff88c78e70d383ca28e3349360fa2b673faa124fa05
5c1bf281e461b43b411fccfcadf295f33a5586a992d3aca673936a42ae2d4cd7
5c6770e47fcfa1087b2b00286cb96059882f7751c4b433275be7e882cfcc4a79
5c6ccf6127a1346abab94ed4902071dc2890a34830f94163fa821cb297d37067
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7805b83ba0d102b16fc4aee78be0a14a5214523f324fe5a8fdc8f8e264360d40
81a980020e7be0424bbd6ce763c91ef4af434bdc20a130ae9dc93a0b81e62520
82c8006c7a9ccbea4811ee6e2f766b06bb576c045614d0dd41ed2160dae89531
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987
911624a705a6990a1ebe4f01a8eeeb0cb9d00830cf0175735e0469a3ab77bcd6
97d66c75b11c855491b00fc9433a6bdf0d6b59dda36321842b1530c19154e9bd
9d12bd846df1d9a7ee82214a4c6886e01ab5a98d49cd45e7631b2b6c04300b65
9e4587cfdc71594cd9170bc0b3cd063537b456594d44b28b2d63e957c9095c5d
a006ec02817e554d0edcd85d7d4664b37959c24ac71072bb5b29277ce3797ffb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a552c797ea2258ecd3fac3d9e377a74c29f0a54f5e972e6f341c7a0f872c5252
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6449d02e0aa44eb841020ebf9c1511913db90bfd6a5099c8422c55089f432a4
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
ac8d2f2be577b89fdbd26a497ece0c0bc127dd2ed5676119e0055b62e4daf48e
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b3d5fc8008f34260f28dcb84c5e1775247f8728af24eae75abf3ded44eecdc4a
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
cbeeef864f83669fd0424f78a2754f807a87467420281c68e6186649d531ec7e
cd277b479bb821c52d95118a17fb1529671d81106fc011675c4912491f06f147
d538658698c9d0ac92c7aa6ae6aebb8fde2845fbab772520dc819a7b0fcf98d9
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dc2979aa7c547259421f0c0aa4031329b1141419e42b81b82d1cc92c6cd2b4e4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9f512ceeb28d0a51e4505860079f1e09193cc286580c2a2c22c9bc73410e11
e083a619336bb004c4385fba84f73c39a2e5153a95c76a871de2b089bb0ff430
e0cfe1534cf66865ac13a161e60ef74f768ebd78b86b894afff55660e435c182
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e602b572f84811d9576d87f9612f0889d76cae977b7ae41cc24f32229437046d
e7de5bd12e7bc7daa2ceeb6c6ab2c12e2f7fb711fc9b55eb532a370932db3385
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd171944a55f94ae92763532eeb98ea43634ea8dc211053e9e68ec032203086
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe08c3a5fd2d4a0c5a4f33864bbb3bddc095f87d1aba54a588163f3370b33ff4

service.hket.com Open in urlscan Pro 118.143.30.228 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

80 Requests

99 %HTTPS

64 %IPv6

15 Domains

26 Subdomains

26 IPs

6 Countries

1204 kBTransfer

3809 kBSize

18 Cookies

6 Outgoing links

Redirected requests

80 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

service.hket.com Open in urlscan Pro
118.143.30.228 Public Scan

Screenshot
Live screenshot

Full Image

80
Requests

99 %
HTTPS

64 %
IPv6

15
Domains

26
Subdomains

26
IPs

6
Countries

1204 kB
Transfer

3809 kB
Size

18
Cookies

80 HTTP transactions
2 data transactions