urlscan.io logo urlscan.io
SecurityTrails logo

www.carousell.com.hk Open in urlscan Pro
2606:4700::6812:f76  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Submission: On December 21 via manual from ID — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 96 IPs in 11 countries across 70 domains to perform 294 HTTP transactions. The main IP is 2606:4700::6812:f76, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.carousell.com.hk. The Cisco Umbrella rank of the primary domain is 77639.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on August 10th 2022. Valid for: a year.
This is the only time www.carousell.com.hk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Carousell (E-commerce)

Domain & IP information

IP Address AS Autonomous System
8 2606:4700::68... 13335 (CLOUDFLAR...)
64 2606:4700::be... 13335 (CLOUDFLAR...)
10 2606:4700::be... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42::729 54113 (FASTLY)
1 2600:9000:217... 16509 (AMAZON-02)
1 104.18.36.94 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 143.204.215.49 16509 (AMAZON-02)
1 143.204.215.60 16509 (AMAZON-02)
1 2a02:2638:1::d 44788 (ASN-CRITE...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f02... 32934 (FACEBOOK)
2 2600:9000:223... 16509 (AMAZON-02)
1 2600:9000:205... 16509 (AMAZON-02)
2 2a00:1450:402... 15169 (GOOGLE)
1 52.223.40.198 16509 (AMAZON-02)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
3 7 185.89.210.82 29990 (ASN-APPNEX)
3 185.64.189.112 62713 (AS-PUBMATIC)
2 88.221.169.49 16625 (AKAMAI-AS)
6 18.156.195.47 16509 (AMAZON-02)
3 2602:803:c003... 26667 (RUBICONPR...)
7 172.64.154.237 13335 (CLOUDFLAR...)
2 2a03:2880:f12... 32934 (FACEBOOK)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 142.250.185.102 15169 (GOOGLE)
4 5 2a02:2638::1c 44788 (ASN-CRITE...)
2 130.211.23.194 15169 (GOOGLE)
3 2600:9000:206... 16509 (AMAZON-02)
1 178.250.2.146 44788 (ASN-CRITE...)
1 216.58.212.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
1 3 178.250.2.151 44788 (ASN-CRITE...)
1 182.161.74.16 55569 (CRITEO-AS...)
5 2a00:1450:400... 15169 (GOOGLE)
3 185.29.134.249 30419 (MEDIAMATH...)
2 2a00:1450:400... 15169 (GOOGLE)
4 5 142.250.185.162 15169 (GOOGLE)
3 5 185.80.39.216 27381 (CASALE-MEDIA)
9 136.243.149.243 24940 (HETZNER-AS)
11 18.203.96.5 16509 (AMAZON-02)
1 88.221.168.207 16625 (AKAMAI-AS)
4 144.76.104.53 24940 (HETZNER-AS)
1 5 138.201.63.157 24940 (HETZNER-AS)
4 4 145.239.193.130 16276 (OVH)
2 88.198.250.30 24940 (HETZNER-AS)
2 2a0b:4d07:401::1 44239 (PROINITY ...)
1 2 2a01:4f8:d0a:... 24940 (HETZNER-AS)
1 49.12.22.42 24940 (HETZNER-AS)
2 18.133.151.109 16509 (AMAZON-02)
2 2 94.23.99.218 16276 (OVH)
2 54.76.176.197 16509 (AMAZON-02)
1 2 184.24.12.207 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 85.239.105.10 16097 (HLKOMM 04...)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2 142.250.180.198 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 18.66.147.41 16509 (AMAZON-02)
2 18.66.147.89 16509 (AMAZON-02)
1 2 52.58.171.208 16509 (AMAZON-02)
1 2 34.248.149.34 16509 (AMAZON-02)
1 88.221.168.23 16625 (AKAMAI-AS)
1 70.42.32.31 13789 (INTERNAP-...)
1 69.173.144.138 26667 (RUBICONPR...)
1 18.159.155.47 16509 (AMAZON-02)
1 185.86.137.131 201081 (SMARTADSE...)
1 141.226.228.48 200478 (TABOOLA-AS)
1 23.35.237.56 16625 (AKAMAI-AS)
1 76.223.111.18 16509 (AMAZON-02)
1 2 18.156.0.31 16509 (AMAZON-02)
1 3.71.169.66 16509 (AMAZON-02)
1 37.157.4.23 198622 (ADFORM)
1 185.255.84.152 200271 (IGUANE-)
1 2 52.18.15.195 16509 (AMAZON-02)
1 162.19.138.116 16276 (OVH)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 3.122.163.246 16509 (AMAZON-02)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 85.215.5.31 6786 (CRONON-BE...)
1 96.16.132.239 16625 (AKAMAI-AS)
1 34.251.236.239 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 54.78.77.101 16509 (AMAZON-02)
1 13.58.86.229 16509 (AMAZON-02)
4 18.132.178.175 16509 (AMAZON-02)
294 96
8    2606:4700::6812:f76 (United States)

ASN13335 (CLOUDFLARENET, US)
www.carousell.com.hk
64    2606:4700::be5d:f753 (United States)

ASN13335 (CLOUDFLARENET, US)
mweb-cdn.karousell.com
10    2606:4700::be5d:f653 (United States)

ASN13335 (CLOUDFLARENET, US)
media.karousell.com
sl3-cdn.karousell.com
1    2a00:1450:4001:80f::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
4    2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)
browser.sentry-cdn.com
1    2600:9000:2171:f600:14:2bf1:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.tercept.com
1    104.18.36.94 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
8    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
10    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    143.204.215.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-49.fra53.r.cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
1    143.204.215.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-60.fra53.r.cloudfront.net
cdn.branch.io
1    2a02:2638:1::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dynamic.criteo.com
1    2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
2    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2600:9000:223e:3a00:1e:3056:9b00:93a1 (United States)

ASN16509 (AMAZON-02, US)
wzrkt.com
1    2600:9000:2057:da00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)
app.link
2    2a00:1450:4025:401::9c (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
4    2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
7    185.89.210.82 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
3    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    88.221.169.49 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-49.deploy.static.akamaitechnologies.com
a.teads.tv
6    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
3    2602:803:c003:200::21 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
7    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
as-sec.casalemedia.com
r.casalemedia.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net
ad.doubleclick.net
5    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
3    2600:9000:206f:b000:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)
api2.branch.io
1    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net
www.googleadservices.com
1    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
3    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
4    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
13    2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
dis.criteo.com
1    182.161.74.16 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
widget.as.criteo.com
5    2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
3    185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
cm.g.doubleclick.net
5    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
9    136.243.149.243 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.243.149.243.136.clients.your-server.de
hal9000.redintelligence.net
11    18.203.96.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
s.update.mediamathtag.com
1    88.221.168.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-207.deploy.static.akamaitechnologies.com
pixel.mathtag.com
4    144.76.104.53 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de
hal900022.redintelligence.net
5    138.201.63.157 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.157.63.201.138.clients.your-server.de
hal90007.redintelligence.net
4    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
2    88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
2    2a0b:4d07:401::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
2    2a01:4f8:d0a:2321::2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
cdn.retailads.net
1    49.12.22.42 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-3.futalis.de
futalis.de
2    18.133.151.109 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-151-109.eu-west-2.compute.amazonaws.com
track.webgains.com
2    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
2    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
2    184.24.12.207 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-12-207.deploy.static.akamaitechnologies.com
www.awin1.com
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    85.239.105.10 (Eilenburg, Germany)

ASN16097 (HLKOMM 04107 Leipzig, DE)
trf.greatviews.de
4    2606:4700::6813:b979 (United States)

ASN13335 (CLOUDFLARENET, US)
www.parship.de
2    142.250.180.198 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f6.1e100.net
5994599.fls.doubleclick.net
4    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    18.66.147.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-41.fra60.r.cloudfront.net
analytics.webgains.io
2    18.66.147.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-89.fra60.r.cloudfront.net
cdn.track.production.webgains.team
2    52.58.171.208 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-171-208.eu-central-1.compute.amazonaws.com
x.bidswitch.net
2    34.248.149.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-149-34.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    88.221.168.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-168-23.deploy.static.akamaitechnologies.com
contextual.media.net
1    70.42.32.31 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    18.159.155.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-155-47.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
1    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    3.71.169.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-169-66.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
1    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    185.255.84.152 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    52.18.15.195 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-15-195.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    162.19.138.116 (France)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
1    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
1    3.122.163.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-163-246.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
1    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    2600:1f18:612b:4200:d154:f19:a39d:8ac (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
1    85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)
a.twiago.com
1    96.16.132.239 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-132-239.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    34.251.236.239 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-236-239.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
1    2606:4700::6810:cb16 (United States)

ASN13335 (CLOUDFLARENET, US)
eum.instana.io
1    54.78.77.101 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-77-101.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    13.58.86.229 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-58-86-229.us-east-2.compute.amazonaws.com
s.thebrighttag.com
4    18.132.178.175 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-178-175.eu-west-2.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
74 karousell.com
mweb-cdn.karousell.com — Cisco Umbrella Rank: 117447
media.karousell.com — Cisco Umbrella Rank: 44837
sl3-cdn.karousell.com — Cisco Umbrella Rank: 111792
948 KB
26 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
208 KB
22 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
ad.doubleclick.net — Cisco Umbrella Rank: 161
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
5994599.fls.doubleclick.net — Cisco Umbrella Rank: 97453
203 KB
18 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 41585
hal900022.redintelligence.net — Cisco Umbrella Rank: 474278
hal90007.redintelligence.net — Cisco Umbrella Rank: 434088
276 KB
12 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 482
as-sec.casalemedia.com — Cisco Umbrella Rank: 1488
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 513
r.casalemedia.com — Cisco Umbrella Rank: 1283
7 KB
11 mediamathtag.com
s.update.mediamathtag.com — Cisco Umbrella Rank: 8478
59 KB
11 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 3613
gum.criteo.com — Cisco Umbrella Rank: 394
mug.criteo.com — Cisco Umbrella Rank: 2835
sslwidget.criteo.com — Cisco Umbrella Rank: 1663
widget.as.criteo.com — Cisco Umbrella Rank: 34654
dis.criteo.com — Cisco Umbrella Rank: 658
28 KB
8 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1139
ups.analytics.yahoo.com — Cisco Umbrella Rank: 279
1 KB
8 google.com
accounts.google.com — Cisco Umbrella Rank: 71
region1.analytics.google.com — Cisco Umbrella Rank: 4762
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 72
78 KB
8 carousell.com.hk
www.carousell.com.hk — Cisco Umbrella Rank: 77639
130 KB
7 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
7 KB
6 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 17733
api.webgains.io — Cisco Umbrella Rank: 52070
62 KB
6 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 54214
medialead.de — Cisco Umbrella Rank: 53774
2 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 374
109 KB
4 gstatic.com
fonts.gstatic.com
52 KB
4 parship.de
www.parship.de — Cisco Umbrella Rank: 265260
15 KB
4 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 3468
pixel.mathtag.com — Cisco Umbrella Rank: 904
3 KB
4 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 462
pixel.rubiconproject.com — Cisco Umbrella Rank: 309
2 KB
4 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 449
simage2.pubmatic.com — Cisco Umbrella Rank: 641
832 B
4 google.de
www.google.de — Cisco Umbrella Rank: 6041
adservice.google.de — Cisco Umbrella Rank: 8549
1 KB
4 branch.io
cdn.branch.io — Cisco Umbrella Rank: 1033
api2.branch.io — Cisco Umbrella Rank: 680
23 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 51
234 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1377
criteo-sync.teads.tv — Cisco Umbrella Rank: 1752
960 B
3 btloader.com
btloader.com — Cisco Umbrella Rank: 897
api.btloader.com — Cisco Umbrella Rank: 1011
7 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 204
2 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 645
855 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 282
876 B
2 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 50569
6 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
2 KB
2 awin1.com
www.awin1.com — Cisco Umbrella Rank: 14058
1 KB
2 ad-server.eu
ad-server.eu — Cisco Umbrella Rank: 114654
624 B
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 41190
4 KB
2 retailads.net
cdn.retailads.net — Cisco Umbrella Rank: 123484
6 KB
2 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 148792
2 KB
2 media01.eu
pb.media01.eu — Cisco Umbrella Rank: 52900
783 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
94 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1010
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
203 B
2 wzrkt.com
wzrkt.com — Cisco Umbrella Rank: 7888
2 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149
111 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 29
20 KB
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 1706
268 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 559
339 B
1 instana.io
eum.instana.io — Cisco Umbrella Rank: 6298
10 KB
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 1789
220 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4006
525 B
1 twiago.com
a.twiago.com — Cisco Umbrella Rank: 25080
153 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2097
183 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1267
881 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 2407
274 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 413
1 KB
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 769
235 B
1 adform.net
cm.adform.net — Cisco Umbrella Rank: 1390
163 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 735
55 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 335
140 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1183
99 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 532
163 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 487
35 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 711
145 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 540
801 B
1 greatviews.de
trf.greatviews.de — Cisco Umbrella Rank: 276346
1 KB
1 futalis.de
futalis.de — Cisco Umbrella Rank: 206393
409 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 162
17 KB
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 802
364 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 315
394 B
1 app.link
app.link — Cisco Umbrella Rank: 1796
596 B
1 cloudfront.net
d2r1yp2w7bby2u.cloudfront.net
16 KB
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 599
46 KB
1 tercept.com
cdn.tercept.com — Cisco Umbrella Rank: 167480
331 B
1 sentry-cdn.com
browser.sentry-cdn.com — Cisco Umbrella Rank: 4140
16 KB
294 70
Domain Requested by
64 mweb-cdn.karousell.com www.carousell.com.hk
13 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.carousell.com.hk
64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
googleads.g.doubleclick.net
11 s.update.mediamathtag.com tags.mathtag.com
s.update.mediamathtag.com
10 pagead2.googlesyndication.com browser.sentry-cdn.com
tpc.googlesyndication.com
64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
www.googletagservices.com
9 hal9000.redintelligence.net www.carousell.com.hk
64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
hal900022.redintelligence.net
hal90007.redintelligence.net
8 securepubads.g.doubleclick.net mweb-cdn.karousell.com
securepubads.g.doubleclick.net
browser.sentry-cdn.com
www.carousell.com.hk
8 media.karousell.com www.carousell.com.hk
8 www.carousell.com.hk mweb-cdn.karousell.com
browser.sentry-cdn.com
7 ib.adnxs.com 3 redirects browser.sentry-cdn.com
googleads.g.doubleclick.net
6 c2shb.ssp.yahoo.com browser.sentry-cdn.com
5 hal90007.redintelligence.net 1 redirects 64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
hal90007.redintelligence.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 cm.g.doubleclick.net 4 redirects googleads.g.doubleclick.net
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 gum.criteo.com 4 redirects dynamic.criteo.com
4 api.webgains.io analytics.webgains.io
4 fonts.gstatic.com fonts.googleapis.com
4 www.parship.de hal90007.redintelligence.net
www.parship.de
4 pv.medialead.de 4 redirects
4 hal900022.redintelligence.net hal9000.redintelligence.net
hal900022.redintelligence.net
4 googleads.g.doubleclick.net www.googleadservices.com
64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
www.carousell.com.hk
4 www.google.com 1 redirects www.carousell.com.hk
tpc.googlesyndication.com
4 www.googletagmanager.com www.carousell.com.hk
www.googletagmanager.com
adv.office-partner.de
3 tags.mathtag.com 64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
tags.mathtag.com
3 as-sec.casalemedia.com browser.sentry-cdn.com
3 64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 api2.branch.io browser.sentry-cdn.com
3 htlb.casalemedia.com browser.sentry-cdn.com
3 fastlane.rubiconproject.com browser.sentry-cdn.com
3 hbopenbid.pubmatic.com browser.sentry-cdn.com
3 www.google.de www.carousell.com.hk
2 dpm.demdex.net 1 redirects
2 ups.analytics.yahoo.com 1 redirects
2 ad.360yield.com 1 redirects
2 dis.criteo.com
2 x.bidswitch.net 1 redirects
2 cdn.track.production.webgains.team 64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
track.webgains.com
2 analytics.webgains.io track.webgains.com
2 5994599.fls.doubleclick.net 1 redirects www.carousell.com.hk
2 fonts.googleapis.com hal900022.redintelligence.net
hal90007.redintelligence.net
2 www.awin1.com 1 redirects 64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
2 ad-server.eu 64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
2 medialead.de 2 redirects
2 track.webgains.com www.carousell.com.hk
2 cdn.retailads.net 1 redirects futalis.de
2 adv.office-partner.de hal900022.redintelligence.net
hal90007.redintelligence.net
2 pb.media01.eu hal900022.redintelligence.net
hal90007.redintelligence.net
2 www.googletagservices.com 64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
2 adservice.google.com securepubads.g.doubleclick.net
5994599.fls.doubleclick.net
2 api.btloader.com browser.sentry-cdn.com
2 ad-delivery.net www.carousell.com.hk
2 www.facebook.com www.carousell.com.hk
2 a.teads.tv browser.sentry-cdn.com
2 stats.g.doubleclick.net browser.sentry-cdn.com
www.googletagmanager.com
2 wzrkt.com d2r1yp2w7bby2u.cloudfront.net
2 connect.facebook.net www.carousell.com.hk
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.carousell.com.hk
2 sl3-cdn.karousell.com www.carousell.com.hk
1 s.thebrighttag.com
1 beacon.krxd.net
1 eum.instana.io www.parship.de
1 sync-criteo.ads.yieldmo.com
1 ad.yieldlab.net
1 a.twiago.com
1 criteo-partners.tremorhub.com
1 simage2.pubmatic.com
1 exchange.mediavine.com
1 matching.ivitrack.com
1 id5-sync.com
1 visitor.omnitagjs.com
1 cm.adform.net
1 e1.emxdgt.com
1 eb2.3lift.com
1 criteo-sync.teads.tv
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 match.sharethrough.com
1 pixel.rubiconproject.com
1 sync.outbrain.com
1 contextual.media.net
1 r.casalemedia.com
1 trf.greatviews.de 1 redirects
1 futalis.de hal900022.redintelligence.net
1 pixel.mathtag.com tags.mathtag.com
1 widget.as.criteo.com
1 sslwidget.criteo.com 1 redirects
1 adservice.google.de securepubads.g.doubleclick.net
1 www.googleadservices.com www.googletagmanager.com
1 mug.criteo.com
1 ad.doubleclick.net www.carousell.com.hk
1 region1.analytics.google.com www.googletagmanager.com
1 api.rlcdn.com browser.sentry-cdn.com
1 match.adsrvr.org browser.sentry-cdn.com
1 app.link cdn.branch.io
1 btloader.com www.googletagmanager.com
1 dynamic.criteo.com www.googletagmanager.com
1 cdn.branch.io www.carousell.com.hk
1 d2r1yp2w7bby2u.cloudfront.net www.carousell.com.hk
1 js-sec.indexww.com mweb-cdn.karousell.com
1 cdn.tercept.com mweb-cdn.karousell.com
1 browser.sentry-cdn.com www.carousell.com.hk
1 accounts.google.com www.carousell.com.hk
294 102
Subject Issuer Validity Valid
*.carousell.com.hk
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-08-10 -
2023-08-23		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-12 -
2023-06-12		 a year crt.sh
accounts.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-09-28 -
2023-10-30		 a year crt.sh
tercept.com
R3		 2022-12-13 -
2023-03-13		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.branch.io
Amazon		 2022-10-11 -
2023-11-09		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-31 -
2023-01-26		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-09-29 -
2022-12-28		 3 months crt.sh
wzrkt.com
Amazon		 2022-04-06 -
2023-05-05		 a year crt.sh
appipv4.link
Amazon		 2022-05-25 -
2023-06-23		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
www.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
teads.tv
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
api.btloader.com
GTS CA 1D4		 2022-12-18 -
2023-03-18		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
redintelligence.net
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
update.mediamathtag.com
R3		 2022-10-22 -
2023-01-20		 3 months crt.sh
pixel.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-05		 a year crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-05-20 -
2023-05-21		 a year crt.sh
adv.office-partner.de
R3		 2022-11-02 -
2023-01-31		 3 months crt.sh
*.futalis.de
R3		 2022-12-18 -
2023-03-18		 3 months crt.sh
*.webgains.com
Amazon		 2022-06-14 -
2023-07-13		 a year crt.sh
www.awin1.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-18 -
2023-04-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.parship.de
R3		 2022-12-20 -
2023-03-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.webgains.io
Amazon		 2022-08-23 -
2023-09-21		 a year crt.sh
cdn.track.production.webgains.team
Amazon		 2022-09-29 -
2023-10-28		 a year crt.sh
cdn.retailads.net
Encryption Everywhere DV TLS CA - G1		 2022-06-17 -
2023-06-18		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2022-02-20 -
2023-02-22		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2022-11-06 -
2023-11-28		 a year crt.sh
*.sharethrough.com
Amazon		 2022-07-14 -
2023-08-12		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2022-05-18 -
2023-06-19		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
itm.ivitrack.com
R3		 2022-12-05 -
2023-03-05		 3 months crt.sh
exchange.mediavine.com
Amazon		 2022-07-06 -
2023-08-04		 a year crt.sh
*.tremorhub.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-28 -
2023-12-29		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-15		 a year crt.sh
*.ads.yieldmo.com
Amazon		 2022-06-02 -
2023-07-01		 a year crt.sh
*.instana.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-17 -
2023-11-17		 a year crt.sh

This page contains 22 frames:

Primary Page: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Frame ID: C21060F8661CA8748759DAC9CA5F5827
Requests: 158 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.carousell.com.hk&origin=onetag
Frame ID: 77E58AE38651B8C4D8B06230B97C283B
Requests: 2 HTTP requests in this frame

Frame: https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7B27C77AA734DE1E5FC5A2FDC72475CC
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 8810E84DE60A908765CF944634A1B23C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B1F0DDF4374F658991B81F7F250F1089
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 32A3F2806E2FBB25375467D3E694302A
Requests: 2 HTTP requests in this frame

Frame: https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F581EFDA15AC9D541D7A030C4F4D00E2
Requests: 16 HTTP requests in this frame

Frame: https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C0E1D985F383D32C94A7CEEDDA226A23
Requests: 32 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: 1ACE60C37D1FDE3F52A89991ED5DEAF9
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWJ4rdeoJ48adI7JEQNOGiBI4R_u55VH56BbdAW-2muyZ3cCgnek1tUZsf9nlpzwTzCbd_eZf244Piw7j1W5SzKnziWLtklxaAGwYZ2svmy1emQ4ZQKemf7bjv4pHmRjYcK2NhWAGTP75UA_Wt4NwdNOLm672YXBI8OIv00Ky-lYBdo6mo
Frame ID: B1D5BC97D9971C6A46D116798C9618EE
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F8B4B4DEB1E115CEF27122049D3B03F7
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=47327900005071000951403012180022&actionid=981741&produktid=&dt_url=
Frame ID: BA974447445FB2B119FCDF65B0340FF9
Requests: 1 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 107BB225504E48D90438F652E702F532
Requests: 2 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1889065040
Frame ID: 0029E4973FD0685F3D33D9DFFD37C8D9
Requests: 2 HTTP requests in this frame

Frame: https://hal900022.redintelligence.net/request_content.php?s=47327900005071000951403012180022&a=3fbbb2d3
Frame ID: 3A6BCA34B53FB6D7470D75CCFBC525DD
Requests: 10 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 983F436EE8735A4F7A1C484F6C7FBC62
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=90334400005085904444554012180007&actionid=981741&produktid=&dt_url=
Frame ID: AC47D1B3B7A35A4B83F5087BED35767F
Requests: 1 HTTP requests in this frame

Frame: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1671585807.5712300.1265d5ba-80ce-11ed-a929-00155d255900ID
Frame ID: FE6464629421B3482D7E613673EDB94E
Requests: 5 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPOtorLGifwCFYT21QodwZcG7g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5923052162055.061
Frame ID: 6135573FC98873E674D02A793695AB91
Requests: 2 HTTP requests in this frame

Frame: https://hal90007.redintelligence.net/request_content.php?s=90334400005085904444554012180007&a=7407c1fe
Frame ID: FDC90E230C8AC769A2C3243277D04330
Requests: 9 HTTP requests in this frame

Frame: blob://https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/24cc617b-a43e-43d2-b1cf-b428ff02e290
Frame ID: 4482E935AD56348EE0B9A0809283DA80
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-QYPmpNytiZJNmLZkZTD0IvQQvbGOS4i0fIRUvg&expires=30
Frame ID: A134C4F6A048604AB4D051BA7D7E735E
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BRAND NEW YSL COINS BAG, Luxury, Bags & Wallets on Carousell

Detected technologies

Overall confidence: 100%
Detected patterns
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Page Statistics

294
Requests

93 %
HTTPS

39 %
IPv6

70
Domains

102
Subdomains

96
IPs

11
Countries

2806 kB
Transfer

7112 kB
Size

76
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 137
  • https://gum.criteo.com/sid/json?origin=onetag&domain=carousell.com.hk&sn=ChromeSyncframe&so=0&topUrl=www.carousell.com.hk&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=jmq4sXx3cjA5KzE1bjU1eDQxRERKY3p5RHBvOFpiN2ZSejJvaTJKOU9WNXNUcUZMV0ZFblE2aHM0R1BJc3NWS1ArZmhaczgybERGTTN1T1dKYU1xQ1RSdGFObFc3dFZnWjhEN3pTMXMremZONlliMjVNcjdyRlovK0F3RHpSUmJ0NXB1b3M4eDl1WjBCWjJRVjk0c0ZwQ1c5OTlIbG5BUjd4aElWVVIvMFBzUEJuYlhXVC90elcycnRIV1lEOThBaFpTUnNUaTRQOWdNNVl5NmpkVS9aRE9sT20vN3k2ajIyaFpjZ1cwT3FUcTlRdDd5N3pDNFNYSXlSek5PbzA1UjZPc3VBNnlwMGNhVUI5YjBUK2I4QVRWTitVY3lxWmszdjV5MnZXZGpPdTFGWkcvWT18&cppv=2
Request Chain 157
  • https://sslwidget.criteo.com/event?a=78288&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvp%26p%3D127871130&p3=e%3Ddis&adce=1&bundle=zffaYF8zVTJqWTVDbmphcGRWaXVyQ1lORThSamFBbW5oaVVRWjNYYnVJVVVldEFBelU5VElhamw1NGNZR1dIaHptViUyQmJnWVV4RlpmZURwRmxSQ2lxQW5tSklHWSUyRndzSFQ0TGxQNTRPSjV6eFlXJTJGRGdlbWFDZ3h4b1JOUERYUW83a1o4OWJQaXlSbEp5MmpldURmRHgwOXV1VndYZXAxYW5FNmtEcHdIeThvTGU2JTJCZyUzRA&tld=carousell.com.hk&dy=1&fu=https%253A%252F%252Fwww.carousell.com.hk%252Fp%252Fbrand-new-ysl-coins-bag-127871130%252F&dtycbr=12073 HTTP 302
  • https://widget.as.criteo.com/event?a=78288&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvp%26p%3D127871130&p3=e%3Ddis&adce=1&bundle=zffaYF8zVTJqWTVDbmphcGRWaXVyQ1lORThSamFBbW5oaVVRWjNYYnVJVVVldEFBelU5VElhamw1NGNZR1dIaHptViUyQmJnWVV4RlpmZURwRmxSQ2lxQW5tSklHWSUyRndzSFQ0TGxQNTRPSjV6eFlXJTJGRGdlbWFDZ3h4b1JOUERYUW83a1o4OWJQaXlSbEp5MmpldURmRHgwOXV1VndYZXAxYW5FNmtEcHdIeThvTGU2JTJCZyUzRA&tld=carousell.com.hk&dy=1&fu=https%253A%252F%252Fwww.carousell.com.hk%252Fp%252Fbrand-new-ysl-coins-bag-127871130%252F&dtycbr=12073
Request Chain 186
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL1blpNKcuDUs6jGCg37RCc&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL1blpNKcuDUs6jGCg37RCc&google_cver=1&C=1
Request Chain 187
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y6JgD9waWPXCBnavnA02SQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGvoOOWOgbGjgmu19lDRUtg&google_cver=1
Request Chain 188
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHt9r4ZmljLiVL__A2OjeC0&google_cver=1
Request Chain 189
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUyNTIwNTMyMjA1NzU4MDU2Ng%3D%3D
Request Chain 190
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 201
  • https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4c591368de&subid=&uid=d9af5fbc48323ebb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPZpjDmCiY9iAKMKL3gPg4o2QAqblvaBprZWcp8kP8C4QASDiw8g8YJWCgICgB8gBCakCY01OGwTUsT6oAwGqBOMBT9CHxCQcujokdsEHIEfqpu3FArGj1-_JiJ8kdcqBSYBigUuI-rPDB76z4kYG6blZ9Y_exkrcaV_5HCNVXdzwApb_EA9GVIn--UawT2qdO1MGxjfnxJEsBWwtap1U4PQHjOsoTKcav-Zxm8p18MqTy9VF9ignadv1LG-sFCIMu1bAm2kGGdHsUrWhgn1JkE1DS0FF4vq0iXdeKVPS5guoSQ5ZBBJcfrozi-FYRf6QL1ib2J_6sRa3Bq4I-9EruLxjLHf1qzAXYiKTn7oXZUbDJwyT6qGX885mVRAur05ni2Ww3o3ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9V85Zk_Z3-1rLlB7dHZzA8_-3wVelwQFSHQSI4LUHJSrjEpFmQKz6YsRUDtD7nqPguba8rRJW3ojl8qhaqpgj0PT3B0s9DL4YASAT%26sig%3DAOD64_2tEiSxO5Tyh5h8n4zCBfWnNeCZww%26client%3Dca-pub-3880661451400141%26dbm_c%3DAKAmf-BbPB14GTqjfUCmEjrMd-ZPRkpv8xdPUGg1OjyWoJnA4jjVt856t9LdeaFLLKklRwHtnfopawsrD4weIZe84ebbYZkIv1BBDRpzuZAxs7LoRHUl2YTojwIZ1aApNJnYzkS-pvsitWo0nUAveolEjqL-0Gm7T7PrYgeB3vd2aMudi9_TdGc%26cry%3D1%26dbm_d%3DAKAmf-BOb8pLG41W3sAzOwnR8yWbbc8nZO-Du4FEFpMoVkdwtjOGqnsLK5_FNgDoNHk-ZAtjhqeVWwMsKB09b5s9op1gTwt-byeOvsIskLS3NjjCQrZ8q7OTgqPeP4TdFQqO7hhTGk-hvWwsF3kl1gLkl17Gil6XAIQb61sUShyq-OIA7MBKqC9iTL8F3BC4P0cBs6AYKI4H6DO3O0dc4akgh_wVwz6RKuOiUBcmyV89bDovDAjNeN9hMYriCzYUBVHrPHpxAniIYuADE3E0q6dpIDBKD3mQOtt60Ss8L0GefM3hI6_ADq_v4Nx4UZ9uh97YfXSaZMoW7CftN5uLEMbDOVIuPweyrtWSMPdMMeoCZqn_I77Q5rTbjxmXpStgIXWVoIYUz3l70AXyAxwEJk01o3RYfIhKXMHduOpTUWpgkoCNUpb7p4POXb6RuH3aARJxIIDWi7ke1VQbCPNEN2FutYS_mBhArde0XMXW07-FDD1KEGIBCos5hD5fi-putHju_xFfTbwoOPFfICtB00RKlnKI-PppWfJ6s9xYNQEa-Z9rzGkD9G6f1rehFPDN3wvCqHf3PzXLI77sHRiZac6Q6CxaNSKF7w%26adurl%3D&documentReferer=https%3A%2F%2Fwww.carousell.com.hk%2F&ancestorOrigins=https%3A%2F%2Fwww.carousell.com.hk&random=2665032489694&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4c591368de&subid=&uid=d9af5fbc48323ebb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPZpjDmCiY9iAKMKL3gPg4o2QAqblvaBprZWcp8kP8C4QASDiw8g8YJWCgICgB8gBCakCY01OGwTUsT6oAwGqBOMBT9CHxCQcujokdsEHIEfqpu3FArGj1-_JiJ8kdcqBSYBigUuI-rPDB76z4kYG6blZ9Y_exkrcaV_5HCNVXdzwApb_EA9GVIn--UawT2qdO1MGxjfnxJEsBWwtap1U4PQHjOsoTKcav-Zxm8p18MqTy9VF9ignadv1LG-sFCIMu1bAm2kGGdHsUrWhgn1JkE1DS0FF4vq0iXdeKVPS5guoSQ5ZBBJcfrozi-FYRf6QL1ib2J_6sRa3Bq4I-9EruLxjLHf1qzAXYiKTn7oXZUbDJwyT6qGX885mVRAur05ni2Ww3o3ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9V85Zk_Z3-1rLlB7dHZzA8_-3wVelwQFSHQSI4LUHJSrjEpFmQKz6YsRUDtD7nqPguba8rRJW3ojl8qhaqpgj0PT3B0s9DL4YASAT%26sig%3DAOD64_2tEiSxO5Tyh5h8n4zCBfWnNeCZww%26client%3Dca-pub-3880661451400141%26dbm_c%3DAKAmf-BbPB14GTqjfUCmEjrMd-ZPRkpv8xdPUGg1OjyWoJnA4jjVt856t9LdeaFLLKklRwHtnfopawsrD4weIZe84ebbYZkIv1BBDRpzuZAxs7LoRHUl2YTojwIZ1aApNJnYzkS-pvsitWo0nUAveolEjqL-0Gm7T7PrYgeB3vd2aMudi9_TdGc%26cry%3D1%26dbm_d%3DAKAmf-BOb8pLG41W3sAzOwnR8yWbbc8nZO-Du4FEFpMoVkdwtjOGqnsLK5_FNgDoNHk-ZAtjhqeVWwMsKB09b5s9op1gTwt-byeOvsIskLS3NjjCQrZ8q7OTgqPeP4TdFQqO7hhTGk-hvWwsF3kl1gLkl17Gil6XAIQb61sUShyq-OIA7MBKqC9iTL8F3BC4P0cBs6AYKI4H6DO3O0dc4akgh_wVwz6RKuOiUBcmyV89bDovDAjNeN9hMYriCzYUBVHrPHpxAniIYuADE3E0q6dpIDBKD3mQOtt60Ss8L0GefM3hI6_ADq_v4Nx4UZ9uh97YfXSaZMoW7CftN5uLEMbDOVIuPweyrtWSMPdMMeoCZqn_I77Q5rTbjxmXpStgIXWVoIYUz3l70AXyAxwEJk01o3RYfIhKXMHduOpTUWpgkoCNUpb7p4POXb6RuH3aARJxIIDWi7ke1VQbCPNEN2FutYS_mBhArde0XMXW07-FDD1KEGIBCos5hD5fi-putHju_xFfTbwoOPFfICtB00RKlnKI-PppWfJ6s9xYNQEa-Z9rzGkD9G6f1rehFPDN3wvCqHf3PzXLI77sHRiZac6Q6CxaNSKF7w%26adurl%3D&documentReferer=https%3A%2F%2Fwww.carousell.com.hk%2F&ancestorOrigins=https%3A%2F%2Fwww.carousell.com.hk&random=2665032489694&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 203
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=47327900005071000951403012180022&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=47327900005071000951403012180022&actionid=981741&produktid=&dt_url=
Request Chain 205
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=47327900005071000951403012180022&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1889065040
Request Chain 208
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=47327900005071000951403012180022 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=47327900005071000951403012180022 HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 219
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=90334400005085904444554012180007&t=htlp HTTP 302
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=90334400005085904444554012180007&actionid=981741&produktid=&dt_url=
Request Chain 220
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=90334400005085904444554012180007&pv=1 HTTP 302
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ HTTP 302
  • https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1671585807.5712300.1265d5ba-80ce-11ed-a929-00155d255900ID
Request Chain 222
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5923052162055.061 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CPOtorLGifwCFYT21QodwZcG7g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5923052162055.061
Request Chain 224
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=90334400005085904444554012180007 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=90334400005085904444554012180007 HTTP 302
  • https://ad-server.eu/wm/pb/native.png
Request Chain 248
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-QYPmpNytiZJNmLZkZTD0IvQQvbGOS4i0fIRUvg&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-QYPmpNytiZJNmLZkZTD0IvQQvbGOS4i0fIRUvg&expires=30
Request Chain 249
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-M8GRA9ytiZJNmLZkZTD0IvQQvbGjI4xUx6bZpw&google_cm&google_hm=ay1NOEdSQTl5dGlaSk5tTFprWlREMEl2UVF2YkdqSTR4VXg2Ylpwdw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-M8GRA9ytiZJNmLZkZTD0IvQQvbGjI4xUx6bZpw&google_gid=CAESEGXBNnAK6ozWBLAt8ECt4n8&google_cver=1&google_ula=913071,0
Request Chain 250
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4525205322057580566
Request Chain 252
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-7GcJxdytiZJNmLZkZTD0IvQQvbHTLpWz9vQ4GQ HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-7GcJxdytiZJNmLZkZTD0IvQQvbHTLpWz9vQ4GQ
Request Chain 261
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-pDnHSNytiZJNmLZkZTD0IvQQvbHQOioivWNVJQ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-pDnHSNytiZJNmLZkZTD0IvQQvbHQOioivWNVJQ&verify=true
Request Chain 265
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=q_r8xqRkclu5vlwzVqiKlIyvtZwGGq9e HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=q_r8xqRkclu5vlwzVqiKlIyvtZwGGq9e
Request Chain 282
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=1tvcODphhTnI_Ij_A-_Azu8mHrg8KhTO
Request Chain 289
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=LdeBhD81TJttoiIbIcZDLDlRSeOcPLNF

294 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/ 		844 KB
129 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
93a16e164f3892d15051c3eeaf4947ab73691953fe0f4d25256300c6d698015e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' support.carousell.com
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
77cccfebca9c903d-FRA
content-encoding
gzip
content-security-policy
default-src * data: blob: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' support.carousell.com
content-type
text/html; charset=utf-8
date
Wed, 21 Dec 2022 01:23:24 GMT
server
cloudflare
vary
Accept-Encoding
via
1.1 google
x-envoy-upstream-service-time
350
x-frame-options
SAMEORIGIN
x-powered-by
Express
location-marker-3oFjIUvG4o.svg
mweb-cdn.karousell.com/build/ 		512 B
884 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mweb-cdn.karousell.com/build/location-marker-3oFjIUvG4o.svg
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e4b356ed10775a6dd80fa9ee1a0532202a92a7bafe32a25c8f14f40bf9cea94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:24 GMT
content-encoding
br
cf-cache-status
HIT
age
2148208
x-guploader-uploadid
ADPycdvOizMi-BR-5Z1d3PAfwzRtICGG_B9BYRrA0dNR2yrPKUlltWdTCM-kqAgnOXHhaBmNTmLjB4NtifTIb_16803lSrh3wOm_
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 28 Oct 2022 14:00:08 GMT
server
cloudflare
etag
W/"679e564cf4be363477f497e1d279ff22"
vary
Accept-Encoding
x-goog-hash
crc32c=EPQ/hw==, md5=Z55WTPS+NjR39Jfh0nn/Ig==
x-goog-generation
1666965608439387
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
512
cf-ray
77cccff11bfd9162-FRA
expires
Thu, 22 Dec 2022 01:23:24 GMT
carousell-logo-title-2Nnf7YFiNk.svg
mweb-cdn.karousell.com/build/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mweb-cdn.karousell.com/build/carousell-logo-title-2Nnf7YFiNk.svg
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3a69f1c6b3b80945f66315393b52339b554fe8d4e82a3980703671cf2a41367

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:24 GMT
content-encoding
br
cf-cache-status
HIT
age
1876662
x-guploader-uploadid
ADPycdtLQpc4gHCGEHWqBkImzg17wUa5reRb81g4S3LNM4MmuZDhXLgK7boNbR_3LedJWwljOqD8TYdyMF_XSkbz_PU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 25 Jan 2022 07:37:16 GMT
server
cloudflare
etag
W/"7fe2f1e345225ff35ba8fd400b765ff7"
vary
Accept-Encoding
x-goog-hash
crc32c=3kRs9w==, md5=f+Lx40UiX/NbqP1AC3Zf9w==
x-goog-generation
1636709081914176
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
3839
cf-ray
77cccff11bfa9162-FRA
expires
Thu, 22 Dec 2022 01:23:24 GMT
brand_new_ysl_coins_bag_1505578597_87e3f701.jpg
media.karousell.com/media/photos/products/2017/09/17/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.karousell.com/media/photos/products/2017/09/17/brand_new_ysl_coins_bag_1505578597_87e3f701.jpg
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bfb47592fdad4e81d9c3ba431aff9b0c93bce6d2cc8ebc5c0661048be4a3bbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdsPvMmW0ma3eBz4ELyMdMx6qF6SXTNy5VCw5ISl0U1pL8G1C79fyVtoBLLonolyf8RdC6KQ85RmU6TsLsl7c6on_g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
99071
last-modified
Wed, 25 Oct 2017 06:14:18 GMT
server
cloudflare
etag
"7a70d347d9d148a0b4352a6403df8e01"
vary
Accept-Encoding
x-goog-generation
1508912058802913
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=ATGWKQ==, md5=enDTR9nRSKC0NSpkA9+OAQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
99071
accept-ranges
bytes
cf-ray
77cccff13eec8ff2-FRA
expires
Wed, 21 Dec 2022 02:23:25 GMT
brand_new_ysl_coins_bag_1505578597_d4077af7.jpg
media.karousell.com/media/photos/products/2017/09/17/ 		106 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.karousell.com/media/photos/products/2017/09/17/brand_new_ysl_coins_bag_1505578597_d4077af7.jpg
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdec40313a1d6ef4b65499738364ed1f2956f9a9650e090429dd6bf206bf3a21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdt9w0uZM9RIKlOipSt5lBmm-u4yLuAyMJQpR2yCdSzkHhOHZNA7i10l52j8n0tdZ_URpwc1Y4CbMdkgZnOQuyWtgA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
108158
last-modified
Wed, 25 Oct 2017 05:32:02 GMT
server
cloudflare
etag
"7e7ac1d2a5c2914e18ca8b0fd043ee88"
vary
Accept-Encoding
x-goog-generation
1508909522557151
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=U6YILQ==, md5=fnrB0qXCkU4YyosP0EPuiA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
108158
accept-ranges
bytes
cf-ray
77cccff13eed8ff2-FRA
expires
Wed, 21 Dec 2022 02:23:25 GMT
brand_new_ysl_coins_bag_1505578598_57f24bc2.jpg
media.karousell.com/media/photos/products/2017/09/17/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.karousell.com/media/photos/products/2017/09/17/brand_new_ysl_coins_bag_1505578598_57f24bc2.jpg
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99c97bfb86ec50068d59b003416a3c07412dc4cbf1ed41f5c78bf5cf028c1549

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdtNrGYovoOtdGpG3TwRv0_iT-nfMwa5VylGNybSCOeMifBq8pcUTN90qjNiGVFL4zJLPriNFdNpBcAbahhcyg1gbQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85311
last-modified
Wed, 25 Oct 2017 06:14:18 GMT
server
cloudflare
etag
"3e0ecb56b19bda1d39f4b763d5d755a8"
vary
Accept-Encoding
x-goog-generation
1508912058811909
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=n56v3w==, md5=Pg7LVrGb2h059Ldj1ddVqA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
85311
accept-ranges
bytes
cf-ray
77cccff13eee8ff2-FRA
expires
Wed, 21 Dec 2022 02:23:25 GMT
brand_new_ysl_coins_bag_1505578598_aed88079.jpg
media.karousell.com/media/photos/products/2017/09/17/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.karousell.com/media/photos/products/2017/09/17/brand_new_ysl_coins_bag_1505578598_aed88079.jpg
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
730729f93fbe079457c35ef8389427350e92c430f1da0169f9c9cfb62ec243dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdsSU2kkWL07C9qrAyqh3Vxhw9FwRltjmL72m1g0rAgtQgjp8koA8zpS03qG2qXGMrCj3W0TNZ8AINvRgddGXUVuaA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
89414
last-modified
Wed, 25 Oct 2017 06:16:05 GMT
server
cloudflare
etag
"579534481d381a65879c18d7d3f72ea4"
vary
Accept-Encoding
x-goog-generation
1508912165336110
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=8iVdJQ==, md5=V5U0SB04GmWHnBjX0/cupA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
89414
accept-ranges
bytes
cf-ray
77cccff13eef8ff2-FRA
expires
Wed, 21 Dec 2022 02:23:25 GMT
condition_v4_1.svg
sl3-cdn.karousell.com/components/ 		1 KB
923 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sl3-cdn.karousell.com/components/condition_v4_1.svg
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
325f2088f991f5739b946bf31744eb3bc524c01adde0590671c5939a3dc2c2f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
1679729
x-guploader-uploadid
ADPycds2mgz3JJId3EDxp7zXS1IKafHxdhAlisHRruWqXX4vbx-MQVE-7xElN-Xw-33Su4CuiCpjUdBQqKfYWl8RFGpDN-jOnw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 07 Aug 2019 04:58:16 GMT
server
cloudflare
etag
W/"c123260bd6d6de7da3824d3e94e6e4b3"
vary
Accept-Encoding
x-goog-hash
crc32c=MCmk8w==, md5=wSMmC9bW3n2jgk0+lObksw==
x-goog-generation
1565153896178726
content-type
image/svg+xml
cache-control
public, max-age=86400
x-goog-stored-content-length
1332
cf-ray
77cccff1388b68ef-FRA
expires
Thu, 22 Dec 2022 01:23:24 GMT
location_v4_1.svg
sl3-cdn.karousell.com/components/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sl3-cdn.karousell.com/components/location_v4_1.svg
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e86f42a5a355c36f087b40105a9cbd0d7c6998d37a4c89d6b87260dcde3b863d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:24 GMT
content-encoding
br
cf-cache-status
HIT
age
1876607
x-guploader-uploadid
ADPycduk6Yk7vdtlVkfUN93hHwksiWqIxAp643jcO0zpH4cqIp71lRhzQOds0j1yz9bRKWya8ETQ7vY9WepKf8wyQ96JZkwCHg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 07 Aug 2019 04:58:21 GMT
server
cloudflare
etag
W/"66f5e63eb480bc400f0e64b2a2c5715c"
vary
Accept-Encoding
x-goog-hash
crc32c=YkUvOQ==, md5=ZvXmPrSAvEAPDmSyosVxXA==
x-goog-generation
1565153901695511
content-type
image/svg+xml
cache-control
public, max-age=86400
x-goog-stored-content-length
2156
cf-ray
77cccff1388f68ef-FRA
expires
Thu, 22 Dec 2022 01:23:24 GMT
vtholic_1449653340.jpg
media.karousell.com/media/photos/profiles/2015/12/09/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.karousell.com/media/photos/profiles/2015/12/09/vtholic_1449653340.jpg
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cbca4f8a00bc085f2329559cc484ab00771755f679578a31b30c6c2312b88ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdsxtJ2bhyXWjDZgDcjmpbE2ZRN7pElj0Z5Z97GpQCs9CsZdMAIbC7qhRS3IYPhmjMmV9jXeK3tFSsz_evXmBcxSzw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27718
last-modified
Thu, 19 Oct 2017 22:47:04 GMT
server
cloudflare
etag
"03b7c0b4420fc3d452b57a7a2fdede4c"
vary
Accept-Encoding
x-goog-generation
1508453224120577
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=Xw84Sg==, md5=A7fAtEIPw9RStXp6L97eTA==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
27718
accept-ranges
bytes
cf-ray
77cccff13ef08ff2-FRA
expires
Wed, 21 Dec 2022 02:23:25 GMT
verification-email-QvlRIiMUCh.svg
mweb-cdn.karousell.com/build/ 		767 B
811 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mweb-cdn.karousell.com/build/verification-email-QvlRIiMUCh.svg
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
312a8901042e770134d80045ffb474f3e242ab4d5124e4f4c7d6ac839db8fe27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:24 GMT
content-encoding
br
cf-cache-status
HIT
age
1316691
x-guploader-uploadid
ADPycdtVfS6DXP4um8rHHRSONquIFxk_Q2fI2LCCYNf8lElc6PuugQke3PRu1t4oA55CnytOK-4f2clQ81pGGkmwqayVmdxezA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 28 Feb 2022 08:26:10 GMT
server
cloudflare
etag
W/"99f2b7c4157270fb8d21e3141f8895b8"
vary
Accept-Encoding
x-goog-hash
crc32c=zmWo8Q==, md5=mfK3xBVycPuNIeMUH4iVuA==
x-goog-generation
1643096234096048
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
767
cf-ray
77cccff11bff9162-FRA
expires
Thu, 22 Dec 2022 01:23:24 GMT
annchichichi_1495276986.jpg
media.karousell.com/media/photos/profiles/2017/05/20/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.karousell.com/media/photos/profiles/2017/05/20/annchichichi_1495276986.jpg
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45ae1d9448bfd1ef3251d46f3e59149d609697ac7d40a414c17b799476aac1a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdshi_vrXN-y06KeYZCWTDYfO9rFmWvFC0nJVC8aVZ90DKDFgTrzt2ohIbUSzFvN2zC6GXcwG0Z0giQKTMxL5LTLLA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6110
last-modified
Thu, 19 Oct 2017 20:33:03 GMT
server
cloudflare
etag
"ce5f040cb18896ba54df905605874601"
vary
Accept-Encoding
x-goog-generation
1508445183490664
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=DWpVrQ==, md5=zl8EDLGIlrpU35BWBYdGAQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
6110
accept-ranges
bytes
cf-ray
77cccff14efe8ff2-FRA
expires
Wed, 21 Dec 2022 02:23:25 GMT
hapiwomen_1511357186.jpg
media.karousell.com/media/photos/profiles/2017/11/22/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.karousell.com/media/photos/profiles/2017/11/22/hapiwomen_1511357186.jpg
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a005e6569096e1a1d224a2664864f41f35b4b5668481666dcc73c94e15679266

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycdtYSxj-q_vqUC8OX0RqNaWPD116ABAlfBRNiWQeBdtRUS3p3Pt4WEla0QlkED7M7zRBMpGmYBC5nQwJ6ampMCjovg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6015
last-modified
Wed, 22 Nov 2017 13:26:27 GMT
server
cloudflare
etag
"a45857995e8fa0272111ca8e0f0b2507"
vary
Accept-Encoding
x-goog-generation
1511357187180777
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=+gT8Hw==, md5=pFhXmV6PoCchEcqODwslBw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
6015
accept-ranges
bytes
cf-ray
77cccff14eff8ff2-FRA
expires
Wed, 21 Dec 2022 02:23:25 GMT
sincerely.t_1501924448.jpg
media.karousell.com/media/photos/profiles/2017/08/05/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.karousell.com/media/photos/profiles/2017/08/05/sincerely.t_1501924448.jpg
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f653 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3758a7e5188ec434e27be19c84b412d008beb8a390c8e2e3b2d2675a453f1bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
cf-cache-status
MISS
x-guploader-uploadid
ADPycds5pItaw0G2mUBoHVqnHpEAZtFOZREFZxLPmI_dEM_tlL2uEWvWxs1Mw47XCkG8VQgdbGPwn2NoHJ2YiyXF7iEzlg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5419
last-modified
Thu, 19 Oct 2017 22:39:33 GMT
server
cloudflare
etag
"a7ecc0958ce3f45dae6e2cad9df5cb4b"
vary
Accept-Encoding
x-goog-generation
1508452773835147
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=bZVgfw==, md5=p+zAlYzj9F2ubiytnfXLSw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
5419
accept-ranges
bytes
cf-ray
77cccff14f008ff2-FRA
expires
Wed, 21 Dec 2022 02:23:25 GMT
truncated
/ 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c5c8f601894574f67d1f3f251d0de06878a30b14849765377ae5d39adf2fc44d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
flag-au-1Vu2Ly0cBR.jpg
mweb-cdn.karousell.com/build/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mweb-cdn.karousell.com/build/flag-au-1Vu2Ly0cBR.jpg
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3c381ed7cdf2086919f9b5690079aa8286679b4fd512bfd87dd42be2eea24bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:24 GMT
cf-cache-status
HIT
age
449693
cf-polished
qual=85, origFmt=jpeg, origSize=2786
x-guploader-uploadid
ADPycdsROQZ6kHHiqqb0RxcjfAgYKJVZgypnOmUfY-KP3TWMuFydSlPA0pguTHWR4xonegR9HY_MGtw71TmGjzm-3x02lQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="flag-au-1Vu2Ly0cBR.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1034
cf-bgj
imgq:85,h2pri
last-modified
Thu, 15 Dec 2022 05:15:11 GMT
server
cloudflare
etag
"c094de0255f3087b0269c7a4f7929b59"
vary
Accept
x-goog-generation
1670385356878900
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=YYmK2w==, md5=wJTeAlXzCHsCacek95KbWQ==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
2786
accept-ranges
bytes
cf-ray
77cccff13c469162-FRA
expires
Thu, 22 Dec 2022 01:23:24 GMT
flag-ca-3zQT2z3CIo.jpg
mweb-cdn.karousell.com/build/ 		904 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mweb-cdn.karousell.com/build/flag-ca-3zQT2z3CIo.jpg
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b3a9d311d77d8bc61e6466b03226ea7595eb087c895c24401338c21ed7e4e38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
cf-cache-status
HIT
age
455821
cf-polished
qual=85, origFmt=jpeg, origSize=2651
x-guploader-uploadid
ADPycdv7PgWxQiMTVANoibYaaEN6_qeeRqEBhYh9sfP6wB-yeLYQQ93H7vlZ-0u5Q9fsTTiJFhlciv4-Tc3jQE1nYOKwf_94UO9H
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="flag-ca-3zQT2z3CIo.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
904
cf-bgj
imgq:85,h2pri
last-modified
Thu, 15 Dec 2022 05:15:15 GMT
server
cloudflare
etag
"690717abdea48bc0c83ab8ff2b18c566"
vary
Accept
x-goog-generation
1671081315312689
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=29jkRw==, md5=aQcXq96ki8DIOrj/KxjFZg==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
2651
accept-ranges
bytes
cf-ray
77cccff13c489162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
flag-hk-1Fq4xKBpW1.jpg
mweb-cdn.karousell.com/build/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mweb-cdn.karousell.com/build/flag-hk-1Fq4xKBpW1.jpg
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d79e199e083a1a82dd3f32be9907a8b5d6e2c2eec926cd2445bebd8e4a530255

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
cf-cache-status
HIT
age
449894
cf-polished
qual=85, origFmt=jpeg, origSize=2947
x-guploader-uploadid
ADPycdvs96BoWZBaaw4W-IPey6FWsGYleHVRybeYIjkxgwJPs3Pa8kxIbuRgyspavyxVlHXuwwK3pVfnyy-L41MA-2qPFQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="flag-hk-1Fq4xKBpW1.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1188
cf-bgj
imgq:85,h2pri
last-modified
Thu, 15 Dec 2022 05:15:17 GMT
server
cloudflare
etag
"eed8ab38d0d0c8e4861fe93acdcfc805"
vary
Accept
x-goog-generation
1670579364421824
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=ItHhFg==, md5=7tirONDQyOSGH+k6zc/IBQ==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
2947
accept-ranges
bytes
cf-ray
77cccff13c499162-FRA
expires
Thu, 22 Dec 2022 01:23:24 GMT
flag-id-3hB56YEmaV.jpg
mweb-cdn.karousell.com/build/ 		524 B
955 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mweb-cdn.karousell.com/build/flag-id-3hB56YEmaV.jpg
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4a158eeb5dc7db4add5c7f06477ecd06bc77c8b505492109ea60598ce8d05eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
cf-cache-status
HIT
age
454456
cf-polished
qual=85, origFmt=jpeg, origSize=1883
x-guploader-uploadid
ADPycdsniX8dr0XJAevjja9k_mGncI_ri3_AyRpb6YEpwg9goSVrKsHYzoa4kyZJFPlEKMIwUG1-UmxVIp7jDe_VwIM5_uO4ZoPu
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="flag-id-3hB56YEmaV.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
524
cf-bgj
imgq:85,h2pri
last-modified
Thu, 15 Dec 2022 05:15:09 GMT
server
cloudflare
etag
"fe11364f09198c36993c435046d70f23"
vary
Accept
x-goog-generation
1670413921485869
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=ZtipUA==, md5=/hE2TwkZjDaZPENQRtcPIw==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
1883
accept-ranges
bytes
cf-ray
77cccff13c4b9162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
flag-my-GKdsVkW7Qq.jpg
mweb-cdn.karousell.com/build/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mweb-cdn.karousell.com/build/flag-my-GKdsVkW7Qq.jpg
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc31b1328d6c7b1703ed71d30deae52dabf39b639cad2c278ad9d9dd825b214a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
cf-cache-status
HIT
age
455179
cf-polished
qual=85, origFmt=jpeg, origSize=2874
x-guploader-uploadid
ADPycds6nWQf4b-iu24I0NUJumbyzPFnWYO1c1yQzD87blTh6QV_CAW1exEZfcrEbQMk7M1Wg9c7pj6wHHPET9oBguByUg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="flag-my-GKdsVkW7Qq.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1206
cf-bgj
imgq:85,h2pri
last-modified
Thu, 15 Dec 2022 05:15:20 GMT
server
cloudflare
etag
"dc0174229a57fd348d854cbdac582240"
vary
Accept
x-goog-generation
1670579375668276
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=McNOMA==, md5=3AF0IppX/TSNhUy9rFgiQA==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
2874
accept-ranges
bytes
cf-ray
77cccff13c4c9162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
flag-nz-24qlj462lw.jpg
mweb-cdn.karousell.com/build/ 		988 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mweb-cdn.karousell.com/build/flag-nz-24qlj462lw.jpg
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c95f69a643b3790b19b636796a8d975416e0502eb4b41d7d15e2e1e21f43b89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
cf-cache-status
HIT
age
455422
cf-polished
qual=85, origFmt=jpeg, origSize=2680
x-guploader-uploadid
ADPycdtUbGXnRFhdqz0hj0ArwNU6UCTDivoUpW69JMoV4z9-M6XrDmh4hQcg_Dgg7Pvw3MwV8aOGO5Ef_-IjM8gFlUmMHQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="flag-nz-24qlj462lw.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
988
cf-bgj
imgq:85,h2pri
last-modified
Thu, 15 Dec 2022 05:15:21 GMT
server
cloudflare
etag
"ce76221d08d97c0c3ce03278eedec756"
vary
Accept
x-goog-generation
1670579369492773
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=ATDong==, md5=znYiHQjZfAw84DJ47t7HVg==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
2680
accept-ranges
bytes
cf-ray
77cccff13c4d9162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
flag-ph-cYUSK6Hapb.jpg
mweb-cdn.karousell.com/build/ 		880 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mweb-cdn.karousell.com/build/flag-ph-cYUSK6Hapb.jpg
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d57ea584b19c22aef6bad554d80710e06fd81c90c14b1165d5cf95334413e8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
cf-cache-status
HIT
age
455822
cf-polished
qual=85, origFmt=jpeg, origSize=2490
x-guploader-uploadid
ADPycdtwoUHj1d1j0KPSwrPcUgMgcXSJ7wvFkZxMqcN4rP17tH6hd_wsCj_1ewgauSPiaPNTft6W4K0Dgz9WMA4s7NRqB-Cm1W6H
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="flag-ph-cYUSK6Hapb.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
880
cf-bgj
imgq:85,h2pri
last-modified
Thu, 15 Dec 2022 05:15:16 GMT
server
cloudflare
etag
"30ab4a33b8d84b5587dd1c1bed8a873b"
vary
Accept
x-goog-generation
1670579365914776
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=yfhlbg==, md5=MKtKM7jYS1WH3Rwb7YqHOw==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
2490
accept-ranges
bytes
cf-ray
77cccff13c4e9162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
flag-sg-3PPSOjFS5a.jpg
mweb-cdn.karousell.com/build/ 		794 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mweb-cdn.karousell.com/build/flag-sg-3PPSOjFS5a.jpg
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8b99470967243bef5d592390c2c693bdb43e051fb12b73e2700dc1a2f7ed9fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
cf-cache-status
HIT
age
449452
cf-polished
qual=85, origFmt=jpeg, origSize=2239
x-guploader-uploadid
ADPycdu2dncGrkCPo2HYi1V_FTyXNsldMi4s24rzcJ1A1ga1QrZs_V3gb64M_uz6BcX5IdFBKYmnAp_U5CnSL5H5aIludg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="flag-sg-3PPSOjFS5a.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
794
cf-bgj
imgq:85,h2pri
last-modified
Thu, 15 Dec 2022 05:15:04 GMT
server
cloudflare
etag
"db4234069d2c6bf8768b18da7f91f10e"
vary
Accept
x-goog-generation
1670579376759338
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=JQAXDw==, md5=20I0Bp0sa/h2ixjaf5HxDg==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
2239
accept-ranges
bytes
cf-ray
77cccff13c509162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
flag-tw-6cZEDUfY6q.jpg
mweb-cdn.karousell.com/build/ 		734 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mweb-cdn.karousell.com/build/flag-tw-6cZEDUfY6q.jpg
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff252c24b32aa7ee418051e6a35c58d68b9d5827d4584818ddfc1fe3fc6019e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
cf-cache-status
HIT
age
459577
cf-polished
qual=85, origFmt=jpeg, origSize=2286
x-guploader-uploadid
ADPycdv8iftxlWXjQ9miQG5m1n-EmMK9WrC_mWTo1_i6wy3qFOoDEgN7HAyzZ0I65NeYYNn6ejiitXXYerTRbs_-CxRNQa5yZA2i
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-disposition
inline; filename="flag-tw-6cZEDUfY6q.webp"
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
734
cf-bgj
imgq:85,h2pri
last-modified
Thu, 15 Dec 2022 05:15:08 GMT
server
cloudflare
etag
"ae719733baf090f016f6dd297aa71c2b"
vary
Accept
x-goog-generation
1670579369505807
content-type
image/webp
access-control-allow-origin
*
x-goog-hash
crc32c=ZaetpA==, md5=rnGXM7rwkPAW9t0peqccKw==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
2286
accept-ranges
bytes
cf-ray
77cccff13c529162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
cbec428c24961ea0e14d.min.js
mweb-cdn.karousell.com/build/ 		413 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/cbec428c24961ea0e14d.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d6bffcd621fef78af8c8676c25a006bb6813af12bd0aa005aeb7bd7203f8331

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501006
x-guploader-uploadid
ADPycdsBL5kRX9nzgUQWsv8fEVRihkwkJC-_Z5mUGJqW9WbEaXFPamr0pX4WvqFd8jLazzFCa1NhpZXOBlEmuZmww3Xb6kOfE_cP
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:03 GMT
server
cloudflare
etag
W/"aa347c69c8d7dca9a153f149e73517af"
vary
Accept-Encoding
x-goog-generation
1671081303867719
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=rtm02w==, md5=qjR8acjX3KmhU/FJ5zUXrw==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
423316
cf-ray
77cccff38ffa9162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
986ea0814d518faa717d.min.js
mweb-cdn.karousell.com/build/ 		314 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/986ea0814d518faa717d.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b75e862b07ce8e50a68ca70cca0a15dd3499dd21392794875e18256dc72705f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501006
x-guploader-uploadid
ADPycdsxAEoLiDAXzZa4rznqw2SIaDNAeYxb9nb51zDwrOnNRqteZELswcXPTvzsWUL4pBe9upFLBSpFJRxBfBybTVhrTgpAgiZe
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:10 GMT
server
cloudflare
etag
W/"2314d9b633b7a9be5b8d63e7d3f64eb9"
vary
Accept-Encoding
x-goog-generation
1671081310272232
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=gUrNDA==, md5=IxTZtjO3qb5bjWPn0/ZOuQ==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
321517
cf-ray
77cccff38ffb9162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
0201058089e9c1e99ec9.min.js
mweb-cdn.karousell.com/build/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/0201058089e9c1e99ec9.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3823531671aebb38e46f0e1472f31401885bcdc24fab82cdbf585d62ca7bd03f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501004
x-guploader-uploadid
ADPycdvKOokbEPvsc2xHbBKLNv4B1-jzD8qICZA-0HRKCXqmL5kKNJuV1wpCgL9y6_2sqbXjrTBoN8Y6Dr02lbAl4ceK_BKnSjLJ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:10 GMT
server
cloudflare
etag
W/"74ec2879450089414adbbfff24b29a17"
vary
Accept-Encoding
x-goog-generation
1671081309987194
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=G+LS0w==, md5=dOwoeUUAiUFK27//JLKaFw==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
3361
cf-ray
77cccff39ffc9162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
4d94126bb9f9f674cbce.min.js
mweb-cdn.karousell.com/build/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/4d94126bb9f9f674cbce.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
984ff5267ed0fb5492cbdcfbdf8746979337a78deb7f7e4c1939f367beaba35a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501006
x-guploader-uploadid
ADPycds1cDd8GxOCb4Z8pYnQggnqaaTUyGZvSodKwKrvI-ipPqt0GRafrdVrdGmv89C_9rhlHeLaHJdzaBCF8RW2LSQkrcGeeliW
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:10 GMT
server
cloudflare
etag
W/"a12df991673d8f94599bdef0cb1cc794"
vary
Accept-Encoding
x-goog-generation
1671081310046888
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=9K58Tg==, md5=oS35kWc9j5RZm97wyxzHlA==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
7326
cf-ray
77cccff39ffe9162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
06ee22971ae74fea7bde.min.js
mweb-cdn.karousell.com/build/ 		247 B
455 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/06ee22971ae74fea7bde.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2e69728a3eec972528637ad27347ae5abe392a63a286288dc696a3bfe84ef44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501004
x-guploader-uploadid
ADPycdt6p7gZjgY-4aeWeCv2rhMevT2x1G-yjrQJx6XOjZgnQtgy79-3tv-yyIhXiQuhqJDpZKt9jR_4y0rkn4Qrd9a4RgvNx39v
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:27 GMT
server
cloudflare
etag
W/"08bd9565c77624df3f513f9ac7de6553"
vary
Accept-Encoding
x-goog-generation
1671081327422122
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=GDttjA==, md5=CL2VZcd2JN8/UT+ax95lUw==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
247
cf-ray
77cccff398039162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
aaa61158f0666739145e.min.js
mweb-cdn.karousell.com/build/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/aaa61158f0666739145e.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
906fca4c18701acc18bb2df751c0711264095f2a678a85d6a60f8bf8544708ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501004
x-guploader-uploadid
ADPycdvIUAGESUeAZut2OMzPEhR1TbYZReqnJoSFHG9r_dcHfUIm11Y16gabKw_jLHlD0JDccQAWdT2wq-6B8026fCOEcKAQEpkU
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:04 GMT
server
cloudflare
etag
W/"dad3aa19a482a48e711abdc10e0b3c40"
vary
Accept-Encoding
x-goog-generation
1671081304244934
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=ovf5fQ==, md5=2tOqGaSCpI5xGr3BDgs8QA==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
3402
cf-ray
77cccff398049162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
65e207df615922936a76.min.js
mweb-cdn.karousell.com/build/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/65e207df615922936a76.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bf0e9c69a9d655d6bbe80f469b9b9a59d1ae85e4fc9bef68c0f40b46278a225

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501004
x-guploader-uploadid
ADPycdtt1726bKITigmzY7oaeFBvMVdJ3FAfCiNV7w7lsy6pAYK0TdInqoDR-zxsKnJmRAJInJZUdq44tgr5aTAos_9BhRYFqvsG
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:12 GMT
server
cloudflare
etag
W/"9f81e1352bccc175c6eca237f3fdc46e"
vary
Accept-Encoding
x-goog-generation
1671081312754357
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=zPRy7w==, md5=n4HhNSvMwXXG7KI38/3Ebg==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
10138
cf-ray
77cccff398059162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
26e3181dabdb20acf684.min.js
mweb-cdn.karousell.com/build/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/26e3181dabdb20acf684.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbe8c4a4270e631a97fd64b304b9926834c9b89971573ec2c119c3e05925fc73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501004
x-guploader-uploadid
ADPycdsemRZyXPaffe6Zr1vtI6e16LIpzhFGUsfsizgi1NiMdeBUNaCZIYFXIyK3GahVvPBbrTo448Ci6qu_EIS4yo3ZnA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:24 GMT
server
cloudflare
etag
W/"aaf13bbd296e5dcc5267bd6f16d2f780"
vary
Accept-Encoding
x-goog-generation
1671081324416946
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=AUCDxg==, md5=qvE7vSluXcxSZ71vFtL3gA==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
4025
cf-ray
77cccff398069162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
0619b0453dcefa3343b4.min.js
mweb-cdn.karousell.com/build/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/0619b0453dcefa3343b4.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e33629c95618288f313b1eb8acfe58ba60a75b2a3c78bf48bf3e010a6978cc13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501001
x-guploader-uploadid
ADPycdvBIleoMeUlX8_Kh3lGiK7tG6aKkPRHeuZd2zO-GoPxZWLvPfOjVxzDOc-0ETicAy-0wGvVOo-htgxMiKwsIg_ZpRYfD-Lc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:21 GMT
server
cloudflare
etag
W/"995b0f9d5f4a00b543f689bacc6e9733"
vary
Accept-Encoding
x-goog-generation
1671081321323634
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=JtLskw==, md5=mVsPnV9KALVD9om6zG6XMw==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
11894
cf-ray
77cccff398079162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
9f7757d6b7aefb50c447.min.js
mweb-cdn.karousell.com/build/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/9f7757d6b7aefb50c447.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
667df766b6af46a53f512eb0747e320357a0da0e0d5188f43c9369de2c0b8523

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
500789
x-guploader-uploadid
ADPycduf4xbJ0ngZf2eh_yRiK-srjGN_z_gB3Sm8KbkHXNuD3iLcAl5WC4CSe44f724O8RsEeWcwGR0PTzWaUA7pM3OjPw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:05 GMT
server
cloudflare
etag
W/"2a108cdb7ac586b363738537d5d753e5"
vary
Accept-Encoding
x-goog-generation
1671081305364802
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=DUlGSg==, md5=KhCM23rFhrNjc4U31ddT5Q==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
13568
cf-ray
77cccff398089162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
8f56a441bb8c4c5e28a1.min.js
mweb-cdn.karousell.com/build/ 		796 B
699 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/8f56a441bb8c4c5e28a1.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b50942ba1825f2bbd806654ed8c134b6b5e2aa68e8f6977fef393e78be2661e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
500789
x-guploader-uploadid
ADPycdu5mcGytc7Z3n5lZdYYUFNhUVt8Mtp5GkBWO0y5WDVYVgkItPqLHqSqG-V_UvshNzZq_T_2Ljpu9bE7DS3RuFT8DA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:03 GMT
server
cloudflare
etag
W/"aac3328cde1051e8df4dab06ee2be1fc"
vary
Accept-Encoding
x-goog-generation
1671081303500542
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=jEah1w==, md5=qsMyjN4QUejfTasG7ivh/A==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
796
cf-ray
77cccff398099162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
571a9d813fc03da7de02.min.js
mweb-cdn.karousell.com/build/ 		742 B
732 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/571a9d813fc03da7de02.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa0aafbd3c71c9a0f1cdc69c9c1a6f53d7c067462aedc91f60bfc30c92abd227

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
500789
x-guploader-uploadid
ADPycdv-KkULqs2Un1ZNpo4LA1tB2jp4L0kEGvgoeIFhLSz285LFfENSfBONt4jCvIqe_mpoiyjPUJbfQ1eztUfhNse3bA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:14 GMT
server
cloudflare
etag
W/"f29f9e24e2d79ebfcd22fa74fd510ffa"
vary
Accept-Encoding
x-goog-generation
1671081314570781
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=leELow==, md5=8p+eJOLXnr/NIvp0/VEP+g==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
742
cf-ray
77cccff3a8279162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
01e3d9b1665ccc1bdb3d.min.js
mweb-cdn.karousell.com/build/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/01e3d9b1665ccc1bdb3d.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c7235e88a37c0ac666e9a8d11cd254997f4a963bc53db3678a97a8cd26beefb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
500789
x-guploader-uploadid
ADPycduVod5PWy1WDAj2xWY-pVJw7dxFqrebckGMNfEtxI8f8wYfzfbMGWKbQaOD28yFh1IVrMQIHwBwqmXaAMQydzbt9vJVR5BI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:23 GMT
server
cloudflare
etag
W/"a729a088a44a39dde2fdfce9f80a4c08"
vary
Accept-Encoding
x-goog-generation
1671081323280559
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=NuFJOQ==, md5=pymgiKRKOd3i/fzp+ApMCA==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
10548
cf-ray
77cccff3a82b9162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
e9579f3d22130de15cae.min.js
mweb-cdn.karousell.com/build/ 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/e9579f3d22130de15cae.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e00d2c7def7e587f1997fd9d61920dcc047ed17a7888f8d0beae38cd284a3e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
500789
x-guploader-uploadid
ADPycdu-hhJSrFdppkNo9pt95NJs4sSdAHT70fWwkh5xcu_Sxv6SDH3GcGfquhf33HKm9lT2mbbyDqaUxrbQpsmRLUZfxg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:23 GMT
server
cloudflare
etag
W/"b9a411bea0ca6600362de0dd3a3a15c6"
vary
Accept-Encoding
x-goog-generation
1671081323919987
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=Fma2nQ==, md5=uaQRvqDKZgA2LeDdOjoVxg==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
19552
cf-ray
77cccff3a82d9162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
319c9325914b150c2f8b.min.js
mweb-cdn.karousell.com/build/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/319c9325914b150c2f8b.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3fa2a7135f77ffe505e5f94a11ede65bd33136db10944c9ebe15ba2213bdfd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501006
x-guploader-uploadid
ADPycdv0vY999Q70EfmXidLaWv1nCi42ZMjh5u81xDevUkWrrX6YaNGwPZoJykSuv1Mdy9zQtrevGj_u_tqIDGlI9DIlrg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:05 GMT
server
cloudflare
etag
W/"83320a85b9b5511e022d7c335f4dbc59"
vary
Accept-Encoding
x-goog-generation
1671081305346693
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=Xbz6uQ==, md5=gzIKhbm1UR4CLXwzX028WQ==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
13481
cf-ray
77cccff3a8319162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
a9ce25556e369933d957.min.js
mweb-cdn.karousell.com/build/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/a9ce25556e369933d957.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c45230800c241531e18fddd28714ace36969ae2fc5f1248bc75f36a65ec2dd1c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501006
x-guploader-uploadid
ADPycdsVCceeAREvCMKJwOro_zermWh0qTjIFhjfQsin1iwLOp85BEm_2kzH9o3hdVBfHFS9F6J0dvjFB8RXgKzIN5PabQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:21 GMT
server
cloudflare
etag
W/"e10ca7f1c8b036aabe5ca3b496a69ed4"
vary
Accept-Encoding
x-goog-generation
1671081321072829
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=sW92HA==, md5=4Qyn8ciwNqq+XKO0lqae1A==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
11505
cf-ray
77cccff3a8349162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
bde1c00879700063dbfc.min.js
mweb-cdn.karousell.com/build/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/bde1c00879700063dbfc.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34e116ba63c8a85d481135a33eb0ef5b314fd239d7739325e8b3e952156b6960

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501001
x-guploader-uploadid
ADPycds7pikd5WtgUZ5LWXqlF9RFxMd8A7Jl8pZ81jpyw3cscoggcagkbBa5fUlkUzBiR6lvyP5cR8CLCDVyWOC-GIQH-yQHs6t5
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:10 GMT
server
cloudflare
etag
W/"24113079bd188f643a2a4f326e1cfabc"
vary
Accept-Encoding
x-goog-generation
1671081310723120
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=x3RWDg==, md5=JBEweb0Yj2Q6Kk8ybhz6vA==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
11654
cf-ray
77cccff3a8369162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
269e71293b1f28341cab.min.js
mweb-cdn.karousell.com/build/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/269e71293b1f28341cab.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a305d9e28e4d0171c610d1168df3a739b1ea6483258952ac4d8bb6e22185b58b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501006
x-guploader-uploadid
ADPycdvfNCbjk7S1N7s7ZL1FKT50ZzU0RJ4HEmNZUltybE_Qe6EkAPPp81xZyid9-kBU2Z-2fGynf3eazerHHcCMGUctcotLsDAI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:17 GMT
server
cloudflare
etag
W/"0789c19f67c56a2230f03cc452e4e780"
vary
Accept-Encoding
x-goog-generation
1671081317122269
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=PTKUxQ==, md5=B4nBn2fFaiIw8DzEUuTngA==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
11017
cf-ray
77cccff3a8389162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
8fbe59360fbc06db5ea6.min.js
mweb-cdn.karousell.com/build/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/8fbe59360fbc06db5ea6.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5081c4c77d5fedd4b5bb4fd76691daf14dc35fa5a0c539e5984507a96d3ab5b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501006
x-guploader-uploadid
ADPycdvM-uKqzt3VXvihJigeWNIiDAQWLsEem4pEvqDtiTB3Klw1iUTSVULP3xOqaBQ2lK9IJTUECPZf_R-unmBzXjutJ4G6LQUu
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:24 GMT
server
cloudflare
etag
W/"dabe90a4ec8d038ef28f6d8e4c4939d4"
vary
Accept-Encoding
x-goog-generation
1671081324457327
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=V0z+SQ==, md5=2r6QpOyNA47yj22OTEk51A==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
19826
cf-ray
77cccff3a8399162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
c107330a59512b03783d.min.js
mweb-cdn.karousell.com/build/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/c107330a59512b03783d.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36e62549c917eec1c290875a1a08c81c62420a16e56dba7c6e03d872b7372aac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501006
x-guploader-uploadid
ADPycdu0dBTcH4i6anX73MS7oJ3LMYcxPKvjm65LAl-o9L_f4-a-lglbZQ6Jfr2RBt9OieTfXXYhnw8dPQE0VnUr1h558g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:17 GMT
server
cloudflare
etag
W/"d8c5d01b9e62aede60d73f2ed9519dd8"
vary
Accept-Encoding
x-goog-generation
1671081317522053
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=pYokDw==, md5=2MXQG55irt5g1z8u2VGd2A==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
11154
cf-ray
77cccff3a83a9162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
3d045f3f0747ac669a5c.min.js
mweb-cdn.karousell.com/build/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/3d045f3f0747ac669a5c.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f1d6eaa3fbd7019b87ddb1a37aa814f1614203dc16b4fd8063818c93c6b8a36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501002
x-guploader-uploadid
ADPycdswH7aMowVvk6sH8pxLPqOvA6x2mhPW2MP-fkk2zMfRlMezNSl64yExPdSFFX2U_zCmj36APSxlJMnVUs4N_37DtTULnk8-
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:01 GMT
server
cloudflare
etag
W/"a6b56da2853122081b2b7c730f2e10c3"
vary
Accept-Encoding
x-goog-generation
1671081301704012
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=bDCnqQ==, md5=prVtooUxIggbK3xzDy4Qww==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
8119
cf-ray
77cccff3a83b9162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
dd8fb9ce31b8e1d9c38c.min.js
mweb-cdn.karousell.com/build/ 		1 KB
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/dd8fb9ce31b8e1d9c38c.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4981a8a8824bf46461515a00b8909a3207f489625d39ada0d147cc903c91516

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501004
x-guploader-uploadid
ADPycdud0MQpK4-8sqPJxJ3ZNqy9IlJ8idL-VVNwkc7S3QFoysyT9mMoLUPoXdq8vMbJeDSOfEzm_0sHUlLoN8h1H1S9Mn_QH0eJ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:26 GMT
server
cloudflare
etag
W/"24a5f6901c285398c6caeba3743f071b"
vary
Accept-Encoding
x-goog-generation
1671081326464541
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=JX4OGg==, md5=JKX2kBwoU5jGyuujdD8HGw==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
1072
cf-ray
77cccff3a83c9162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
cd68a392350692839ad6.min.js
mweb-cdn.karousell.com/build/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/cd68a392350692839ad6.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68cd7511f3c73fd571901456ded96f3de6005eedcf0a44f84f4c0eeec52d0814

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501004
x-guploader-uploadid
ADPycdsBiQH0J_NGDKUUlVEq98QdZyCNk1yzPXDlYf1o0jNdny16YcIPeJC_Zvq8RPvuWM_qb8GGviYRnhBSdky6zrnPL8Ls1OBc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:12 GMT
server
cloudflare
etag
W/"6562a56a31484c5b85214ea00737a106"
vary
Accept-Encoding
x-goog-generation
1671081312404144
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=BDX3WA==, md5=ZWKlajFITFuFIU6gBzehBg==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
37136
cf-ray
77cccff3a83f9162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
069c76dbca35b351c822.min.js
mweb-cdn.karousell.com/build/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/069c76dbca35b351c822.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
380dc68aae1f79c129ed7cb65e47dcd984f0a5a145d59ef6d5af7a3edffb29b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501001
x-guploader-uploadid
ADPycdtjphWDVh7jodBzs5ohCno1JkZhAQe-pOAscKZYXux7I1J0Zd7ZjQIn80_myxxoJ4EFtM0eHjKNEYkwHrlKMtOsiGLXUyJE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:25 GMT
server
cloudflare
etag
W/"86f8e65e1b7bcb5bb7c140e7fc1ac45a"
vary
Accept-Encoding
x-goog-generation
1671081325089833
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=aRISPw==, md5=hvjmXht7y1u3wUDn/BrEWg==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
50260
cf-ray
77cccff3a8419162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
82335e4db6e2ea855e5b.min.js
mweb-cdn.karousell.com/build/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/82335e4db6e2ea855e5b.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07e4e2ca892430bf5684617984be1149779c043496fdebf64f807b128d57fa53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501001
x-guploader-uploadid
ADPycdv9C2AznwcCCxXQBD7a-FZ01EYagiMfmeKiDWnvAkyUyeheMdPbYNT3FO2gFLyefBGFQgdf5ZdP67qwLZGmARCrs3EBcI_p
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:03 GMT
server
cloudflare
etag
W/"8c1892900b759f4715ff3bb043b2d498"
vary
Accept-Encoding
x-goog-generation
1671081303755847
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=HaJ6iA==, md5=jBiSkAt1n0cV/zuwQ7LUmA==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
12656
cf-ray
77cccff3a8429162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
95e243de18914f099202.min.js
mweb-cdn.karousell.com/build/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/95e243de18914f099202.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59048b1bcb54f0f7bf0292fba3689cdd7b6b8b1dd5122b1e1b72615aaecb2ad0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501003
x-guploader-uploadid
ADPycdsQbxt09wph0zQkGZUlrKMUYslY1YMgK16NcHHkozm-ULMxEuX-iXR-FUB0dBSjpKEmZlzWWGSUFTVmn7HmTsFOMyuUOZn3
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:19 GMT
server
cloudflare
etag
W/"656ef4cb8dde2a9a1b2e1c01b82da31b"
vary
Accept-Encoding
x-goog-generation
1671081319272274
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=RTFN/A==, md5=ZW70y43eKpobLhwBuC2jGw==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
25552
cf-ray
77cccff3a8449162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
f52357b6dac9649e3480.min.js
mweb-cdn.karousell.com/build/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/f52357b6dac9649e3480.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f8ad60d61a67a391df66a66cf0f436b4bc7365c7a34ada1285ffd506247241d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501003
x-guploader-uploadid
ADPycduhXy3FyGjmoi5xi0zJHd0t-kpuaj3TpzP8gSOzOxxdjCtR5-sf437Vm22BRPZaG8OOz1HKcTwnHOUieV4PoexB9g
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:14 GMT
server
cloudflare
etag
W/"febc545a06acd4808fae36796201e40e"
vary
Accept-Encoding
x-goog-generation
1671081314288305
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=0cgwQA==, md5=/rxUWgas1ICPrjZ5YgHkDg==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
24043
cf-ray
77cccff3a8459162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
8f6ee8459bf98de1affe.min.js
mweb-cdn.karousell.com/build/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/8f6ee8459bf98de1affe.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3019062b18ca4fd18405ab0b9c0ac037e71f19e8697729159b42d1008b3810dc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501001
x-guploader-uploadid
ADPycdsGqGOPQTyhYs6Z2Y6lF3MBo9PChj71Hi_4ux78VwtSp7md1SM7JEDbORNkQyndkEjoXqi8MU_hzVP6_SRkOBbxKA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:22 GMT
server
cloudflare
etag
W/"9a5199c83582b355f4e53194f72d7ddc"
vary
Accept-Encoding
x-goog-generation
1671081322305688
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=EDFNNA==, md5=mlGZyDWCs1X05TGU9y193A==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
37649
cf-ray
77cccff3a8489162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
7bbca6672f6d421959aa.min.js
mweb-cdn.karousell.com/build/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/7bbca6672f6d421959aa.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2889652559e117499d1e59ba3b904d52c4e6b8e2379a927f56747c04388000a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
500790
x-guploader-uploadid
ADPycdsq66s7HNXKNbryXNsvdRaKt4lfl1CL2T3Pl4HQSfT5TiU707xxArW1KwJp1RADuD100uhiD0FCu5J7fFpxoDU4A2j6VleS
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:17 GMT
server
cloudflare
etag
W/"07c6c8da504d540f03856834e861de16"
vary
Accept-Encoding
x-goog-generation
1671081317815928
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=YeJgcg==, md5=B8bI2lBNVA8DhWg06GHeFg==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
9510
cf-ray
77cccff3a8499162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
ba4c807c0a7b25e5cba3.min.js
mweb-cdn.karousell.com/build/ 		109 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/ba4c807c0a7b25e5cba3.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9228412fefc589ecd8007f17d6df84ccb33b52b3c93183b7a74876c9acb6a18d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
500789
x-guploader-uploadid
ADPycdtihJzWYjRkGuVqhAsrQ0R6BGCfB--XcGkmK11oq5ywLk1pwwLUMdH57p5di-vC-gx1Bc7DWaekgc9VUKFOptEALbT-VqkR
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:20 GMT
server
cloudflare
etag
W/"76dca500b2d9ba3f04cd0e3f59e31e69"
vary
Accept-Encoding
x-goog-generation
1671081320903845
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=yvy/4A==, md5=dtylALLZuj8EzQ4/WeMeaQ==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
111509
cf-ray
77cccff3a84b9162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
9f921c92e1f50782dc9d.min.js
mweb-cdn.karousell.com/build/ 		1009 B
723 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/9f921c92e1f50782dc9d.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19aeec44d010ebb846dc38aa2b4e83d12b158b60884481e86a6dfbfd4d9d0232

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
500790
x-guploader-uploadid
ADPycdtzHtUaek2Jxhox6hTDVPVsn6oromzmp-sNSc6EIvjCLb5-ph9lXupL4HwH10iimdovUjTKv5zn1NK2A3pqmZVAaw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:07 GMT
server
cloudflare
etag
W/"7e07672faccf8c1d5de610762545ede6"
vary
Accept-Encoding
x-goog-generation
1671081307128512
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=QBiqqA==, md5=fgdnL6zPjB1d5hB2JUXt5g==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
1009
cf-ray
77cccff3a84d9162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
e9b4d686c82d369d23c6.min.js
mweb-cdn.karousell.com/build/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/e9b4d686c82d369d23c6.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
024f716e254a46ebf29f00fc651ba334bea73683d4dd8c57217a47c580506b5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
500790
x-guploader-uploadid
ADPycdtzrs5vEJrEU5Yeo5E5iD-TL3XYgF1Sem-JWvluxBBMGgPDcPYge5yc8vl0E4xKOQxxH9vPaMASICodveBF91x6RQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:22 GMT
server
cloudflare
etag
W/"6b28bf10f0ee24c28a68e37955f6a8f6"
vary
Accept-Encoding
x-goog-generation
1671081322326322
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=ibmBnQ==, md5=ayi/EPDuJMKKaON5Vfao9g==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
10610
cf-ray
77cccff3a84e9162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
9b28fcc9269369e9adf9.min.js
mweb-cdn.karousell.com/build/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/9b28fcc9269369e9adf9.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7074b0c63c7544707b789697def08a85619cf5651e273faf9fdc95c9c0afebda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
500789
x-guploader-uploadid
ADPycduTwVfDJQoHy8XMHtHsLNvO9Pk8fM32rL__05IQpMRZQvKVqpBZhj9CRM4a1q52OsxGbO--rb98LtIN9yrCxM6slA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:18 GMT
server
cloudflare
etag
W/"73296168a687805000fb08845a1fc285"
vary
Accept-Encoding
x-goog-generation
1671081318484790
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=+Ta7RA==, md5=cylhaKaHgFAA+wiEWh/ChQ==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
11227
cf-ray
77cccff3a8519162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
234163e9668b25010281.min.js
mweb-cdn.karousell.com/build/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/234163e9668b25010281.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5023a2729094107051479e0dd2f2478dd99e80dd3ce8d0bc294d0e9e1b35e7de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
500790
x-guploader-uploadid
ADPycdtM1OWLty637VyhvUdsPHCl-m3Q_Nx5AvtCWxDP1wmLlWdWU0yN67NjIYbLUl6utyY0WUaFdIqn_1cTdMA6F-sTPQLrH65C
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:17 GMT
server
cloudflare
etag
W/"3c9c77069d3a4421dc16f234981baaae"
vary
Accept-Encoding
x-goog-hash
crc32c=cQYacQ==, md5=PJx3Bp06RCHcFvI0mBuqrg==
x-goog-generation
1671081317634317
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
25087
cf-ray
77cccff3a8529162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
316e1681e10eac282a97.min.js
mweb-cdn.karousell.com/build/ 		670 B
681 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/316e1681e10eac282a97.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0de5f6017da13230fc85ca899ae15413c38ea8307a527e1aa9999aaaf9ec1681

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501000
x-guploader-uploadid
ADPycdsOszGsTFmbXgzkEEkVq9imK48pN5NwemsD3O5YEyyt4e_zv9elChu_TxZydWMFx__ZWORSMxBSDsf5hlW1T_8Iqg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:09 GMT
server
cloudflare
etag
W/"5ab517dde024e506187c78184cc75149"
vary
Accept-Encoding
x-goog-generation
1671081309783750
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=bxvxNQ==, md5=WrUX3eAk5QYYfHgYTMdRSQ==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
670
cf-ray
77cccff3a8539162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
cab286f3c999f90e2162.min.js
mweb-cdn.karousell.com/build/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/cab286f3c999f90e2162.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9579da557fc242abc2cadf41dde9c84761826231c91e9acd746a2d4af9811d33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
500789
x-guploader-uploadid
ADPycdvdSXWUptj0mU2sN7vy9wJaTbpFazOqdHOsXZzRgGGRMYhdSJjn0xigD3JFOENM7vLFnjGdMh5LyM_G3P7462M4WShVDiYt
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:20 GMT
server
cloudflare
etag
W/"2f9ad34a1a252eac9479ebffd154cf3c"
vary
Accept-Encoding
x-goog-generation
1671081320278766
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=p3vnnA==, md5=L5rTSholLqyUeev/0VTPPA==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
19313
cf-ray
77cccff3a8549162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
7db7090cd09e83a919d9.min.js
mweb-cdn.karousell.com/build/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/7db7090cd09e83a919d9.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
802b5cbbd81ba3de29038b89ddbf96951c1afb279ffcd9debbc38d1c8a2dfc4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
500790
x-guploader-uploadid
ADPycdsrcD9gzpJYg051TxC1vpbAim4WuSfhH8R9gpMk5y8iem-KGMUAylfwn-5rqfMf-GfsEzqwv77jqfh30z0VQxuQ5w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:27 GMT
server
cloudflare
etag
W/"958382d7f73bb3cb72841af0742b34ff"
vary
Accept-Encoding
x-goog-generation
1671081326970423
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=XV02ZQ==, md5=lYOC1/c7s8tyhBrwdCs0/w==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
9742
cf-ray
77cccff3a8569162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
52b6a75d8407eeb608a6.min.js
mweb-cdn.karousell.com/build/ 		124 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/52b6a75d8407eeb608a6.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e609d254e19d6a99ee71ffcf3bce31a7e9ed61886a48fcfffb8827d472a2c3d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
500790
x-guploader-uploadid
ADPycdv9hN6nJIsQ9hYr9L7wpQKFfg7i-_fDseEbgITBuOoFiDf9R9k19Y3d6KMoEqThKeNzlJZvieQRPojj7vxb1s5YhShOvTWw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:13 GMT
server
cloudflare
etag
W/"c4820b7efeb913b5e4aed428be83815b"
vary
Accept-Encoding
x-goog-generation
1671081313774315
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=nT/R/Q==, md5=xIILfv65E7XkrtQovoOBWw==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
127185
cf-ray
77cccff3a8589162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
824acde9f4770bdcc777.min.js
mweb-cdn.karousell.com/build/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/824acde9f4770bdcc777.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb3ca98cfecd7a2824a4a85769b570933d03fa159b378718de5869b28460ef72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501003
x-guploader-uploadid
ADPycdvyvI0Ndu9bWxzI0jE9x4E1-pL53ijT5r90oMCfRo-Tjyd-7PhsVFGJCx_TT6eyH3XHXjqyo7_EF1BsyGjEYyZ2GNc7M1I6
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:26 GMT
server
cloudflare
etag
W/"338b4e12bbeb4a016df7b4f21c88f04b"
vary
Accept-Encoding
x-goog-generation
1671081326882996
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=70febA==, md5=M4tOErvrSgFt97TyHIjwSw==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
22119
cf-ray
77cccff3a85a9162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
cc3090ebdd717bcfb35c.min.js
mweb-cdn.karousell.com/build/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/cc3090ebdd717bcfb35c.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01aacd3ad5032a7d10e9ede82b020e6836082c8cd4dc1a9432613a4140a43c9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501005
x-guploader-uploadid
ADPycdvrnlNOgDq36fvKzEymby8Sqzh6nviYW0N52lRtzwg7Wxw_El1vykVdjWiThF7lPn2q0RbWAJwmtUQK_KLO96MkSrB48nyL
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:20 GMT
server
cloudflare
etag
W/"de081bf9ec5fc66d72dfc70f659298ce"
vary
Accept-Encoding
x-goog-generation
1671081320391246
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=oBujzQ==, md5=3ggb+exfxm1y38cPZZKYzg==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
8857
cf-ray
77cccff3a85b9162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
deaca5a159455067ef31.min.js
mweb-cdn.karousell.com/build/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/deaca5a159455067ef31.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97e7bf9a988e2d532bbcd9543e3a09bd14bd633021fe28130d1f58b8f65336fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501003
x-guploader-uploadid
ADPycdsJD6LG-YD-ekt-cHsFQG6xEGIjRLig3gLu1sdIagd5KYxrOT0eIiLFdqflyO6bCAcZxQIjE4lxXVglPu1bJe890RXLIJZV
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:20 GMT
server
cloudflare
etag
W/"d4d4f1b807a68458a507621427c8920a"
vary
Accept-Encoding
x-goog-generation
1671081320072026
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=ce0JCg==, md5=1NTxuAemhFilB2IUJ8iSCg==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
11133
cf-ray
77cccff3a85c9162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
3cbb0796c866131c82ee.min.js
mweb-cdn.karousell.com/build/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/3cbb0796c866131c82ee.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25a6c7dbf6babd073c35574d5b14b3ae48e5249f8487a6b6120470c81931c546

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501003
x-guploader-uploadid
ADPycdse9Mzw6fqNhRgvfSI9kCxpk9uvWIq67w287g_7c8Clhc3H1M5rV2f8J02SdMxnEbJkG9R_At0QFGhBiLuvnOEDag
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:04 GMT
server
cloudflare
etag
W/"fd0c089d464e737705e59b3a29ad945d"
vary
Accept-Encoding
x-goog-generation
1671081304834438
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=jZnfmQ==, md5=/QwInUZOc3cF5Zs6Ka2UXQ==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
7622
cf-ray
77cccff3a85d9162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
0a826fb385635ed290f6.min.js
mweb-cdn.karousell.com/build/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/0a826fb385635ed290f6.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8619d335bb3cf42aa32ad3909eec58427fc0b6c3b856e340c70eab65ee6632a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501002
x-guploader-uploadid
ADPycdu6G-N-1KAnkeNN0cleiGbatcioKOxzlAKrdjYhsjMgHq1cG3wTeJPwdw-QcFMHn43XTFvVLLkcJGGf3kxIKDomq-dy6PsO
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:12 GMT
server
cloudflare
etag
W/"2fff20d8033a3dd5723c7710bd01cb5e"
vary
Accept-Encoding
x-goog-generation
1671081312341621
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=r5rTtA==, md5=L/8g2AM6PdVyPHcQvQHLXg==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
26726
cf-ray
77cccff3a85e9162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
cb3c64dd6dccd54e2651.min.js
mweb-cdn.karousell.com/build/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/cb3c64dd6dccd54e2651.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b9bb073fcb45cf049d574400fc51319a68ae2e3eb0db5d771ab251934b94531

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501002
x-guploader-uploadid
ADPycdsH2IkJTxLgqH6JuIBM_6_8vlrKDXxyY0Jmho72UxcHInLXdXpxJ3jVPpjP2RlZ-DnuEb-7jStv1-lb3wGD83cIvKTRibIg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:07 GMT
server
cloudflare
etag
W/"1584073c49c2eb928c15e9f9347b1069"
vary
Accept-Encoding
x-goog-generation
1671081307775008
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=u2DGzQ==, md5=FYQHPEnC65KMFen5NHsQaQ==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
16693
cf-ray
77cccff3a8699162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
6d698fc0742c36725946.min.js
mweb-cdn.karousell.com/build/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/6d698fc0742c36725946.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b79cffc40a67d64a8562dedab3273506b86f059140ffecfb31dfcd40c85de2b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501002
x-guploader-uploadid
ADPycdvWVIwuPb4ik5DtyUEbei6IVr54pfqPYVe419C-c7SvX9kWqoTA-SgSjffBKAs_sO7HxcgV_DJjJ0L0vRf8Lmx98A
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:20 GMT
server
cloudflare
etag
W/"db2b69dbc5e1b2b6777913f45c991dd2"
vary
Accept-Encoding
x-goog-generation
1671081320133373
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=5Ywnzw==, md5=2ytp28XhsrZ3eRP0XJkd0g==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
10998
cf-ray
77cccff3a86b9162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
46cc0e01871708282f5b.min.js
mweb-cdn.karousell.com/build/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/46cc0e01871708282f5b.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40d1c5232175b84519dad6f2c85ae8db21282b4e75c27ede5b186d41fadb1340

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501002
x-guploader-uploadid
ADPycdvAzZUaXMYvPQARddP027HDuUYkXRsV1uFIsqus5LND0xjZCRFBjDW_udNj69s8mB0pGgUJQixdStJY5P7oLXAzZWzKGVI5
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:26 GMT
server
cloudflare
etag
W/"12a91615ec915b17e305b3e0988a591b"
vary
Accept-Encoding
x-goog-generation
1671081326475307
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=oz+23g==, md5=EqkWFeyRWxfjBbPgmIpZGw==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
13242
cf-ray
77cccff3a86e9162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
1e6c3fe0be0eb148f338.min.js
mweb-cdn.karousell.com/build/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/1e6c3fe0be0eb148f338.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f46595b05dbbc6fb6a8f6b66965ad44bd8f83de5304073189fc26114faa5b7ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501002
x-guploader-uploadid
ADPycdv_FMQFoCWm4dPnfCFnZeOUZMf9Z_wP43jsyBXKa9N4umLiSG_p0F5WVPleweYZIAQ3BqIs3KKUbnqDKPo9Vmb0_OV_0dQr
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:16 GMT
server
cloudflare
etag
W/"a6746100c4cb8df93ff48ec8e1051ebf"
vary
Accept-Encoding
x-goog-generation
1671081316124769
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=zM5CcQ==, md5=pnRhAMTLjfk/9I7I4QUevw==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
7763
cf-ray
77cccff3a8719162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
f9acf8dc6937932ed2b7.min.js
mweb-cdn.karousell.com/build/ 		44 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/f9acf8dc6937932ed2b7.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1ed0cdcca66a5c1c2b9a9ca63136b26e7ce277dbb71fff9ee4ac413b6eedbe0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
501002
x-guploader-uploadid
ADPycdt3kpsXGytIsZ8-R_k9OxO9TgQ4ol6EHq-tQROtJqX_0zX-mVIilL8ZedtozZbddctjx5iBU46YxoT0uj1ksaUGUg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:22 GMT
server
cloudflare
etag
W/"7c6218fde76e42317ab6507af1563f74"
vary
Accept-Encoding
x-goog-generation
1671081322312124
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=etKF9Q==, md5=fGIY/eduQjF6tlB68VY/dA==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
45545
cf-ray
77cccff3a8739162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
a0b820ad2d3987ba18a3.min.js
mweb-cdn.karousell.com/build/ 		995 B
923 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/a0b820ad2d3987ba18a3.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed593122d83695250071b25ba8d143c4ea86c55b6f8c1f5667522f06b3c075c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
500789
x-guploader-uploadid
ADPycds6zYhZFEe7nNTClOuKTi6VNCc9OozE2emONh5zL9N28WGWfuCPKj73pccyRPgdjoAIvIqGjBu_-111Y2mAmBAecg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:19 GMT
server
cloudflare
etag
W/"64ed8e6e9cf61c3c408b0d7998c7d567"
vary
Accept-Encoding
x-goog-generation
1671081319510960
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=20du5g==, md5=ZO2Obpz2HDxAiw15mMfVZw==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
995
cf-ray
77cccff3a8749162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
585b832019a8f57072b8.min.js
mweb-cdn.karousell.com/build/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/585b832019a8f57072b8.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
687309a7f8298a5ff1b0c66b8a933c91ee5cf41a130faa540ed72d8c80832d5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
500789
x-guploader-uploadid
ADPycduX9U6fBBGJz__34SQMTE1I03762-sMG6NiZbgC5PXsjXpOJcjClFJWcu4DAUS12fgUbGYNIorhYxEmvTXUfhpvlbSRDV_Z
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:02 GMT
server
cloudflare
etag
W/"5b03f235bc51756058479f3cb299481e"
vary
Accept-Encoding
x-goog-generation
1671081302473273
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=5hYv2Q==, md5=WwPyNbxRdWBYR588splIHg==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
6867
cf-ray
77cccff3a8789162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
3c5043afbf99fdb93786.min.js
mweb-cdn.karousell.com/build/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/3c5043afbf99fdb93786.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89edf9fee1fc73e711d53490a40628edc4875108fdae39a256103908d6b59d50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
500790
x-guploader-uploadid
ADPycdvQv0V36JCN4YfL0PEMAxAKdSKYaI544uKslvuCTx_MuVlIcc19r5LOQavibv8DACOVrkqIAPnNKNg1sr-DfjLxQ_UsT22i
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:19 GMT
server
cloudflare
etag
W/"179acf33b84924dca01c0ac0c9c1aa04"
vary
Accept-Encoding
x-goog-generation
1671081319044525
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=om5qGg==, md5=F5rPM7hJJNygHArAycGqBA==
access-control-expose-headers
*
cache-control
public, max-age=86400
x-goog-stored-content-length
9682
cf-ray
77cccff3a87a9162-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
client
accounts.google.com/gsi/ 		191 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d38e44284bb9658cc5ff787c8432bdecb44c0d702c6369cd605eccc6f8cc06ed
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-QFArcJQKLFjZW3hJ9s1FDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-QFArcJQKLFjZW3hJ9s1FDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Wed, 21 Dec 2022 01:23:25 GMT
gtm.js
www.googletagmanager.com/ 		258 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KBXZNN7
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
29ad957ab410ea6a2ef3ea32f502674ccfe0863210a4ececb575b4b955ad950b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
80968
x-xss-protection
0
last-modified
Wed, 21 Dec 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 21 Dec 2022 01:23:25 GMT
bundle.min.js
browser.sentry-cdn.com/5.4.0/ 		49 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
e67f227cae68c48f2271412359f3bd69ceece78f99db2759ce9c600be896f0eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.carousell.com.hk/
Origin
https://www.carousell.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Fri, 31 May 2019 13:00:31 GMT
server
Fastly
age
1689818
etag
"00cd3e90ccea4ddfb36ac45ccb773475"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
15960
expires
Fri, 01 Dec 2023 11:59:47 GMT
1108123f1337b5dcf7d0.min.js
mweb-cdn.karousell.com/build/ 		33 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mweb-cdn.karousell.com/build/1108123f1337b5dcf7d0.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::be5d:f753 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d8ede5b7c76535a0b0348492feba88f10c72c27b88762b956a37f167cf2ef5c

Request headers

Referer
https://www.carousell.com.hk/
Origin
https://www.carousell.com.hk
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
cf-cache-status
HIT
age
500335
x-guploader-uploadid
ADPycdsixFruNce_2cmG1Z6A2YJDbF7UHJHwU3ew6g-kCPZDQeXUihMDxMM-UV05naOmqYXS9HjNxyfnDfUJCefP9lpQyg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 15 Dec 2022 05:15:17 GMT
server
cloudflare
etag
W/"a52854a1e9ac56bfffa9cf49eae5d3a4"
vary
Accept-Encoding
x-goog-hash
crc32c=+GrNtg==, md5=pShUoemsVr//qc9J6uXTpA==
x-goog-generation
1671081317753458
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
33292
cf-ray
77cccff56a23bb74-FRA
expires
Thu, 22 Dec 2022 01:23:25 GMT
track
www.carousell.com.hk/ds/ 		2 B
87 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.carousell.com.hk/ds/track?
Requested by
Host: mweb-cdn.karousell.com
URL: https://mweb-cdn.karousell.com/build/986ea0814d518faa717d.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

csrf-token
oUVrfriq-vYqc6ZAW1YfBa3cItXCyn8B0l4c
Referer
https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
application/json

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
x-envoy-upstream-service-time
1
cf-ray
77cccff549fc903d-FRA
track
www.carousell.com.hk/ds/ 		2 B
133 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.carousell.com.hk/ds/track?
Requested by
Host: mweb-cdn.karousell.com
URL: https://mweb-cdn.karousell.com/build/986ea0814d518faa717d.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

csrf-token
oUVrfriq-vYqc6ZAW1YfBa3cItXCyn8B0l4c
Referer
https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
application/json

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
x-envoy-upstream-service-time
8
cf-ray
77cccff549fe903d-FRA
page-info
www.carousell.com.hk/ds/location-filter-search/1.0/filters/ 		900 B
371 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.carousell.com.hk/ds/location-filter-search/1.0/filters/page-info?_path=%2F1.0%2Ffilters%2Fpage-info&country_id=1819730
Requested by
Host: mweb-cdn.karousell.com
URL: https://mweb-cdn.karousell.com/build/986ea0814d518faa717d.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ae0fcae300a1273f05a8e327f569451b28b86ecd37d0959e7cdff80fa986a75a

Request headers

csrf-token
oUVrfriq-vYqc6ZAW1YfBa3cItXCyn8B0l4c
Referer
https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
application/json

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
x-envoy-upstream-service-time
14
cf-ray
77cccff63aa3903d-FRA
truncated
/ 		353 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
910d42773de429538b60f2bd714ebd734dd66dea33fcd52845228ea0daa77fe1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/jpeg
trcpt
cdn.tercept.com/js/ 		0
331 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tercept.com/js/trcpt?account_id=TCPT-1565
Requested by
Host: mweb-cdn.karousell.com
URL: https://mweb-cdn.karousell.com/build/f52357b6dac9649e3480.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2171:f600:14:2bf1:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-response-time
7.258ms
date
Tue, 20 Dec 2022 22:55:36 GMT
content-encoding
gzip
via
1.1 2b0fb614bbb9725d108c7b6cf26875c6.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG53-C1
age
8869
x-powered-by
Express
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=21600
x-amz-cf-id
nFN5n-OxaQC__-e0InE7Jld4_DYeDBA3Z6JryrL9p71nxrme5DnkTA==
190901-124716667027312.js
js-sec.indexww.com/ht/p/ 		204 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/190901-124716667027312.js
Requested by
Host: mweb-cdn.karousell.com
URL: https://mweb-cdn.karousell.com/build/f52357b6dac9649e3480.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.36.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f880ab98b5b4d0cf39ca4c70960092ce931c0daff1d70c298d8c3fde3c35285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 21 Dec 2022 01:07:00 GMT
server
cloudflare
age
855
etag
W/"da4b4e-32f67-5f04c2b7256ee"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
77cccff73dc0925f-FRA
expires
Wed, 21 Dec 2022 05:23:25 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: mweb-cdn.karousell.com
URL: https://mweb-cdn.karousell.com/build/f52357b6dac9649e3480.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27542
x-xss-protection
0
server
sffe
etag
"1427 / 813 of 1000 / last-modified: 1670587517"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 21 Dec 2022 01:23:25 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49446
x-xss-protection
0
server
cafe
etag
2598968561659389652
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 21 Dec 2022 01:23:25 GMT
a.js
d2r1yp2w7bby2u.cloudfront.net/js/ 		45 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-49.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
120cd22904849ab02cd4b1e2869f32fb9e3292230dc59483e3cf6dbb63b968e7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 01:19:21 GMT
Content-Encoding
gzip
Via
1.1 16dc09493f48bbc1fd2cdd6e175a94f6.cloudfront.net (CloudFront)
Last-Modified
Tue, 13 Dec 2022 11:39:10 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA53-C1
Age
246
ETag
W/"210cd858b5f960e5f6f89e2f8b76235d"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=1800, private
Connection
keep-alive
X-Amz-Cf-Id
QH0z7qThLacnZAgmW1DqEZGiTpVcA7SBEtZqgYay6hCkQqm5I5PFbg==
branch-latest.min.js
cdn.branch.io/ 		72 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-60.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83cad37f70113f7b8bbb98c2ef8ee949f9a611e402e55ee826aef65130f2ef77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
LzwY9oP1_KD6QZAz0SCDQRP53VCVCZV0
content-encoding
gzip
via
1.1 0cbb1ca51bf146be48b40804581e4466.cloudfront.net (CloudFront)
date
Wed, 21 Dec 2022 01:23:21 GMT
last-modified
Thu, 17 Nov 2022 20:07:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
20
etag
"2a6320386437cc44ae1713f25f6ea30b"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=300
content-length
22048
x-amz-cf-id
IOAzdB5prwcHX56XCN_pDqobSxhq8fhsbt0hBjjP7TXRnHFxUHcnpw==
ld.js
dynamic.criteo.com/js/ld/ 		42 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=78288
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBXZNN7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
91e47045f2aae2d3350498753cb9113df4c55c7db9daf410ff2df3a5ff38bd93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
tag
btloader.com/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=4600937392898048&upapi=true
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBXZNN7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
856785e72e16485b10ef0dd89efbccd979f0dd5edd3bc5779ed62da58ec0b85e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 21 Dec 2022 00:36:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2795
etag
W/"14e02c8745af797bd69993209e8f61d3"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kPrsLE34OUUxgucbXXLJPo4%2BYorCVJ7LAbkXCww1B82pLgkKjujQsXG%2FmjWfX0Q9%2BCn483R7w9XlkohBpSKEShMr%2FgxImSv6yhEHuxbeeNyC4I6COqbG6JjIvlL2Q315Xh0ikExjbU5ZfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=86400
cf-ray
77cccff74f278fd4-FRA
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBXZNN7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 20 Dec 2022 23:50:44 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
5561
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Wed, 21 Dec 2022 01:50:44 GMT
fbevents.js
connect.facebook.net/en_US/ 		103 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 21 Dec 2022 01:23:25 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27298
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
u2zyRzcyuWTmMdPJKjzZu6mOmmnMDA6Ed3nItuY2znn2ZQz6tdih9+uZwSzVanZvSgaJ6Phy6XYNshZmCw9yUQ==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		218 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BTYMG7D1RH&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBXZNN7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3a8d72934ca9ca0fd21123125762ca9d4a6b0527693ade00582bdf53f4669f37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76974
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Wed, 21 Dec 2022 01:23:25 GMT
session
www.carousell.com.hk/ds/ 		2 B
88 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.carousell.com.hk/ds/session?
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

csrf-token
oUVrfriq-vYqc6ZAW1YfBa3cItXCyn8B0l4c
Referer
https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
application/json

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
x-envoy-upstream-service-time
21
cf-ray
77cccff79bc0903d-FRA
a
wzrkt.com/ 		296 B
830 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wzrkt.com/a?t=96&type=push&d=N4IgLgngDgpiBcIoCcD2AzAlgGzgGiTS1wVAGMwB9VKMVAVzAXQENsBnGAXwMwBMEIABwAlAJwBaACxShEoVICsALRAEoAcwQBGLkAAA&optOut=false&rn=1&i=1671585806&sn=0&useIP=false&r=1671585806015
Requested by
Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3a00:1e:3056:9b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0f2906d7c2ed8480e09a0bd0994866cc71415264db831da9756418c7b76d2712
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Dec 2022 01:23:26 GMT
Strict-Transport-Security
max-age=31536000;includeSubDomains;preload
Content-Encoding
gzip
Via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P4
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript;charset=utf-8
Vary
Accept-Encoding, User-Agent
X-Cache
Miss from cloudfront
Cache-Control
no-cache, no-store, no-cache, no-store
Connection
keep-alive
X-Amz-Cf-Id
sbA-Vfj29o23SAK7JOMhL1f0QRY98boBSnuLn6ctbudRQMbzyH1oyA==
Expires
0
126417887753142
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/126417887753142?v=2.9.90&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b296ccdecda596d7159649beb53ce45d4cd003e06d36daa7455cd60bf873f1e9
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 21 Dec 2022 01:23:26 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
sNVBXgYcfWz0DezBDo1L3agqDr93+LQgsmE0kYKTw6zIDTL/KdiLCV4h8cZffcq0XD8tZTIrymESbMIuxDZm1Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
_r
app.link/ 		91 B
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://app.link/_r?sdk=web2.71.0&branch_key=key_live_odyHtTXnKNa5u09c0wLEtbioxxgn5DE8&callback=branch_callback__0
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:da00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
25f79a8025a3c67f7d21208a4878cfd8b254ec549c5a9c7cbc23976a3c1d3963
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA6-C1
etag
W/"5b-+L2aaAc/ka02gAKAcvEm1xO1y2s"
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
content-length
91
x-amz-cf-id
dtLwqyCSzL3xL74aTC6Heu7G9rRQSmcf3R3kFZqNKelW_BO0wHAJ2Q==
collect
stats.g.doubleclick.net/j/ 		4 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-32231169-26&cid=2121875430.1671585806&jid=506616070&gjid=149540338&_gid=2358544.1671585806&_u=YGBAgEABAAAAAEAEK~&z=935667266
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 21 Dec 2022 01:23:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.carousell.com.hk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=1923439897&t=pageview&_s=1&dl=https%3A%2F%2Fwww.carousell.com.hk%2Fp%2Fbrand-new-ysl-coins-bag-127871130%2F&dp=%2Fp%2Fbrand-new-ysl-coins-bag-127871130%2F&ul=en-us&de=UTF-8&dt=BRAND%20NEW%20YSL%20COINS%20BAG%2C%20Luxury%2C%20Bags%20%26%20Wallets%20on%20Carousell&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAAAAEK~&jid=506616070&gjid=149540338&cid=2121875430.1671585806&tid=UA-32231169-26&_gid=2358544.1671585806&gtm=2wgbu0KBXZNN7&cg2=productlisting&cg3=Goods&cd1=no&cd2=productlisting&cd3=Goods&cd4=Luxury&cd5=Bags%20%26%20Wallets&cd7=635&cd53=no&cd15=2121875430.1671585806&cd16=20221221%7C08731412&cd37=01%3A23%3A26&z=1984867591
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 20 Dec 2022 03:44:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
77958
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
rid
match.adsrvr.org/track/ 		63 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=190901
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
06f72eac9c80f72f0f036695f0ab9b0bc4458b664fda40910ec17bd8e70c3024

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.carousell.com.hk
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Fri, 20 Jan 2023 01:23:26 GMT
identity
api.rlcdn.com/api/ 		44 B
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.carousell.com.hk
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 17:50:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27168
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 20 Dec 2023 17:50:38 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		42 B
65 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.carousell.com.hk
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d50809324232d2a2892f2824ea4cd85099dc6e631aac62e670f9038bcc0d1b23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41
x-xss-protection
0
expires
Wed, 21 Dec 2022 01:23:26 GMT
collect
region1.analytics.google.com/g/ 		0
351 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-BTYMG7D1RH&gtm=2oebu0&_p=1923439897&_gaz=1&cid=2121875430.1671585806&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671585806&sct=1&seg=0&dl=https%3A%2F%2Fwww.carousell.com.hk%2Fp%2Fbrand-new-ysl-coins-bag-127871130%2F&dt=BRAND%20NEW%20YSL%20COINS%20BAG%2C%20Luxury%2C%20Bags%20%26%20Wallets%20on%20Carousell&en=page_view&_fv=1&_ss=2&ep.content_group=productlisting&ep.pageType=productlisting&ep.pageParentCategory=Luxury&ep.pageCategory=Bags%20%26%20Wallets&ep.pageSubcategory=&epn.pageCCId=635&ep.loggedInStatus=no&ep.pageVertical=Goods
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BTYMG7D1RH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.carousell.com.hk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
47 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BTYMG7D1RH&cid=2121875430.1671585806&gtm=2oebu0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BTYMG7D1RH&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.carousell.com.hk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BTYMG7D1RH&cid=2121875430.1671585806&gtm=2oebu0&aip=1&z=369563900
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
wzrkt.com/ 		283 B
838 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wzrkt.com/a?t=96&type=page&d=N4IglgJiBcIBwCUCcBaALGuK5oKwC0QAaEABwHMYBGEgYwphAAsAXF0gZ2gHpuB3AQDpaAQwBOAewCuHAKYAbecIkBbQUwDW3UtwBGYkQDsIKQ7L4oAnh3kpaEsIY4pdI8iioAmAOxxvVKgBmAAZuYhAAdXwEAGkAfQBhAEEAWQAFGFA%2BFVIYYJIWeVoYAG0AXQBfCqA&rn=2&i=1671585806&sn=0&gc=0a0df42c0d4949e9bb16c44213182d8a&arp=N4IgVg%2BgdgTAdABhALhALQO4F4sgDQgCW08SqAmgLYAWAjgGYDmAzgOIDCAggHKP4gATCABdmKBAQHVxBAG4oAjAUhjUwAAQBffoQEoQADgBKATgC0AFgsGzBiwFY0%2FAKYjVEkACc3igGwB2BXsDYIRfTSAAAA%3D%3D&useIP=false&r=1671585806136
Requested by
Host: d2r1yp2w7bby2u.cloudfront.net
URL: https://d2r1yp2w7bby2u.cloudfront.net/js/a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223e:3a00:1e:3056:9b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
214472ba518448dd1909b8b92f23197d53200e6c3b0c3cbe072a948b2fb2219c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Dec 2022 01:23:26 GMT
Strict-Transport-Security
max-age=31536000;includeSubDomains;preload
Content-Encoding
gzip
Via
1.1 f2c65205154aaf89a2c7bbc8fe8fdaba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA56-P4
Transfer-Encoding
chunked
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript;charset=utf-8
Vary
Accept-Encoding, User-Agent
X-Cache
Miss from cloudfront
Cache-Control
no-cache, no-store, no-cache, no-store
Connection
keep-alive
X-Amz-Cf-Id
dvMO_G96QLc-RdWVtPdYdn1s2KxvQsEc3UjPKdjMmvV1S8VDI_58Ew==
Expires
0
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-32231169-26&cid=2121875430.1671585806&jid=506616070&_u=YGBAgEABAAAAAEAEK~&z=1174411506
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-32231169-26&cid=2121875430.1671585806&jid=506616070&_u=YGBAgEABAAAAAEAEK~&z=1174411506
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		53 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 21 Dec 2022 01:23:26 GMT
AN-X-Request-Uuid
4ae4ac5a-f5a2-407d-8d3d-66a340fb3351
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.carousell.com.hk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=index-client
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.carousell.com.hk
date
Wed, 21 Dec 2022 01:23:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
bid-request
a.teads.tv/hb/index/ 		16 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/index/bid-request
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:26 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.carousell.com.hk
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 21 Dec 2022 01:23:26 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a969574018282f99214fd0e62c60185&pos=8a9690e7018282f98edafd42fbf401b1&secure=1
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
6b9fab8e3cf0adeaf18949e2c4cab04a3939445e65479da737cb78b3c3e80085

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.carousell.com.hk
access-control-allow-credentials
true
content-length
62
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
804 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18012&size_id=57&rp_floor=0.01&rf=https%3A%2F%2Fwww.carousell.com.hk%2Fp%2Fbrand-new-ysl-coins-bag-127871130%2F&p_screen_res=1600x1200&site_id=222238&zone_id=1092968&kw=rp.fastlane&tk_flint=index&rand=0.04362373737820424
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
f4fc9cc1658caa314918ae5cb876df5fd893fa78bef4d192d08f9f9bbb4c1fa8

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.carousell.com.hk
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
241
expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ 		30 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=420894
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cfc638dcb3ed36e4a8c11a37ca45deda92bd839154c08126ac5a37bb928fafa

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82vyK4vCME81S%2BxSak1Z1CfnxA47paa4rsQCoNjcGp%2BUw9AJQtkA1%2BrVRi1uvKRnpGTUmGR5c8czFuTYp0ZJH1FY6I49WZiZXOO7Bq0GXWyVrh8%2BCbjubo2DTvbarYi0L7KG7OZa"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.carousell.com.hk
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77cccff92ee19b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30
expires
0
cygnus
htlb.casalemedia.com/ 		30 B
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=420894
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b860d4ddf147946b1444c753ebad976d3210b53baaa0dc982526cbf2a8a044b7

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLzkEmpuvDMntDZNUj9nek8sGSR3kmLvyc44Hn9hr3VpRQzHWwKJ8lStcgVmypN%2Fh3HXl92gNbZtqKi59rUapFcN74qQI2kA89o6aDBRcrFnc%2BPO2NyjMOIKS1%2BpCFBE6j2IzMbv"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.carousell.com.hk
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77cccff92ee39b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30
expires
0
prebid
ib.adnxs.com/ut/v3/ 		53 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 21 Dec 2022 01:23:26 GMT
AN-X-Request-Uuid
2055aa6b-1c04-4fc5-8b94-e0cca97a1710
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.carousell.com.hk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=index-client
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.carousell.com.hk
date
Wed, 21 Dec 2022 01:23:25 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
593 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18012&size_id=19&rp_floor=0.01&rf=https%3A%2F%2Fwww.carousell.com.hk%2Fp%2Fbrand-new-ysl-coins-bag-127871130%2F&p_screen_res=1600x1200&site_id=222238&zone_id=1092968&kw=rp.fastlane&tk_flint=index&rand=0.3259569008499368&alt_size_ids=15%2C44
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
8997a7bbba8f87c2ad3607f38efc5285dce30a4549cea032350417992a25b48a

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.carousell.com.hk
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
261
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid-request
a.teads.tv/hb/index/ 		16 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/index/bid-request
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:26 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.carousell.com.hk
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Wed, 21 Dec 2022 01:23:26 GMT
cygnus
htlb.casalemedia.com/ 		30 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=420894
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a82e253bcae3f47de67954d157fcbbf7ed3904af886bfdac856f6b10e2e6690e

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgPLlB1IlOtKcEK0Hh649kfzA290QDLjRaGlcmc4tZwEYKISVpUfAZznXC0RU2Ed8m9jfv%2BqMweVb%2BaHxzXSHHYrLxokPrzC7%2BpopRcwwbXs0pAyK%2FcG9%2F%2FFL1tCvQN6wIGgO6LE"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.carousell.com.hk
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77cccff92ee59b6e-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		264 B
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18012&size_id=19&rp_floor=0.01&rf=https%3A%2F%2Fwww.carousell.com.hk%2Fp%2Fbrand-new-ysl-coins-bag-127871130%2F&p_screen_res=1600x1200&site_id=222238&zone_id=1092968&kw=rp.fastlane&tk_flint=index&rand=0.17965465674550596&alt_size_ids=15%2C44%2C10
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::21 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
c40e935b2bc1b0b1d6e745b29afe02b02e5c00844c3bc4894bb56d1c5635eb9e

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:26 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.carousell.com.hk
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
264
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		53 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Wed, 21 Dec 2022 01:23:26 GMT
AN-X-Request-Uuid
c9c61372-5a23-4997-855a-0b686efc031a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.carousell.com.hk
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
53
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a969574018282f99214fd0e62c60185&pos=8a969574018282f99214fd47f79d01ab&secure=1
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
c66274bcfe27bed915e7bc0633d78063723154d012b5f079387bf07fa35047d9

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.carousell.com.hk
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a969574018282f99214fd0e62c60185&pos=8a9690e7018282f98edafd49a04c01b7&secure=1
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
843e3eaeac8ae09be7885074476642ab31be36a18016d0701fde78b1ae9b736c

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.carousell.com.hk
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a969574018282f99214fd0e62c60185&pos=8a9690e7018282f98edafd4a079401b8&secure=1
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
a818385591d327befbeb5b06dfaea9c113b7ac9537e1546d7379a3a9428e5d60

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.carousell.com.hk
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a969574018282f99214fd0e62c60185&pos=8a969574018282f99214fd4a7f8601ad&secure=1
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
c0bd9f1873ba91ac085002d6715dd3121072e07bc9a7038cbe8deaf8c63df706

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.carousell.com.hk
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?cmd=bid&dcn=8a969574018282f99214fd0e62c60185&pos=8a9690e7018282f98edafd4adc6101b9&secure=1
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
f7801f6db6a53f2b27d1560d374a408e70201b5c09b58b6e9098a8512cd6380c

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.carousell.com.hk
access-control-allow-credentials
true
content-length
62
translator
hbopenbid.pubmatic.com/ 		0
120 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=index-client
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.carousell.com.hk
date
Wed, 21 Dec 2022 01:23:24 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=126417887753142&ev=PageView&dl=https%3A%2F%2Fwww.carousell.com.hk%2Fp%2Fbrand-new-ysl-coins-bag-127871130%2F&rl=&if=false&ts=1671585806222&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.2.1671585806221.1035598061&it=1671585806024&coo=false&rqm=GET
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 21 Dec 2022 01:23:26 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
px.gif
ad-delivery.net/ 		43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
42592
x-guploader-uploadid
ADPycdtcZgdRu0Dbe_-zY88bQ8eIM69ORy5rFnERfb9QLa8uwe4zq9JKKnYv9jLk9eVUM-X-OLZWrFIeMh91sZ7iOqav3FUDQGrE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PqDSTYZ3V4OPxczZVC1GB2HWWRrNOReun%2FyLl8wKSQ99exN6DgB8j3sV%2F27CLX02wwlZsRdOSgtjDvIdmFXOpkFcZzr27XVg1Ix15qiTmdAyVXocOkryaRiOpHZw7VgEI%2BWHohEsJL70AeWt4A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
77cccff96ff1bb5b-FRA
expires
Tue, 20 Dec 2022 14:23:16 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 09:21:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57693
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 21 Dec 2022 09:21:53 GMT
px.gif
ad-delivery.net/ 		43 B
943 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.6824327880960477
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
42592
x-guploader-uploadid
ADPycdtcZgdRu0Dbe_-zY88bQ8eIM69ORy5rFnERfb9QLa8uwe4zq9JKKnYv9jLk9eVUM-X-OLZWrFIeMh91sZ7iOqav3FUDQGrE
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=82SCVTyWWAl9qpLNn81WiWLTERNSCsP%2BqGjV4eLLnmVwqnzxyVlU9QdiXg85bwvLjdI2vwZugdFlq22NfpusIkESRBjYO0ErIS%2BLkeCaZzQ6WX5nkeB4O46jL8MLizPFOt7d5CnLcHPOuXd9jA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
77cccff96ff4bb5b-FRA
expires
Tue, 20 Dec 2022 14:23:16 GMT
syncframe
gum.criteo.com/ Frame 77E5 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.carousell.com.hk&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=78288
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.carousell.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:23:25 GMT
server
Kestrel
server-processing-duration-in-ticks
723812
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
country
api.btloader.com/ 		16 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/country
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
via
1.1 google
vary
Origin
content-type
application/json
access-control-allow-origin
*
cache-control
private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
pv
api.btloader.com/ 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/pv?tid=KcfN579EB&w=5719922596904960&o=4600937392898048&cv=2.1.03-1-g6247d5c&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.carousell.com.hk%2Fp%2Fbrand-new-ysl-coins-bag-127871130%2F&sid=BREQQZ1GL&upapi=true
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 21 Dec 2022 01:23:26 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
open
api2.branch.io/v1/ 		275 B
636 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/open
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7b9c74527ea434e2f1394f3d225a202d4fe9fe3db38bcd9e8127dc5ca4759f68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
x-branch-request-id
ed68e70512184e7ba2a4b1751cdf2af7-2022122101
content-length
275
x-amz-cf-id
e9ah0vb7MGYkrLf-VijBfB0PERpFlNDx6JjvtJH6YdiBYDsxDIcQsg==
sid
mug.criteo.com/ Frame 77E5
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=carousell.com.hk&sn=ChromeSyncframe&so=0&topUrl=www.carousell.com.hk&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=jmq4sXx3cjA5KzE1bjU1eDQxRERKY3p5RHBvOFpiN2ZSejJvaTJKOU9WNXNUcUZMV0ZFblE2aHM0R1BJc3NWS1ArZmhaczgybERGTTN1T1dKYU1xQ1RSdGFObFc3dFZnWjhEN3pTMXMremZONlliMjVNcjdyRlovK0F3RH...
452 B
672 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=jmq4sXx3cjA5KzE1bjU1eDQxRERKY3p5RHBvOFpiN2ZSejJvaTJKOU9WNXNUcUZMV0ZFblE2aHM0R1BJc3NWS1ArZmhaczgybERGTTN1T1dKYU1xQ1RSdGFObFc3dFZnWjhEN3pTMXMremZONlliMjVNcjdyRlovK0F3RHpSUmJ0NXB1b3M4eDl1WjBCWjJRVjk0c0ZwQ1c5OTlIbG5BUjd4aElWVVIvMFBzUEJuYlhXVC90elcycnRIV1lEOThBaFpTUnNUaTRQOWdNNVl5NmpkVS9aRE9sT20vN3k2ajIyaFpjZ1cwT3FUcTlRdDd5N3pDNFNYSXlSek5PbzA1UjZPc3VBNnlwMGNhVUI5YjBUK2I4QVRWTitVY3lxWmszdjV5MnZXZGpPdTFGWkcvWT18&cppv=2
Protocol
H2
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
12fb2dfa8ddad01b61cf997aec65535297f66216e84f37b3f3154397d063a134
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:26 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2349965
expires
0

Redirect headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:25 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=jmq4sXx3cjA5KzE1bjU1eDQxRERKY3p5RHBvOFpiN2ZSejJvaTJKOU9WNXNUcUZMV0ZFblE2aHM0R1BJc3NWS1ArZmhaczgybERGTTN1T1dKYU1xQ1RSdGFObFc3dFZnWjhEN3pTMXMremZONlliMjVNcjdyRlovK0F3RHpSUmJ0NXB1b3M4eDl1WjBCWjJRVjk0c0ZwQ1c5OTlIbG5BUjd4aElWVVIvMFBzUEJuYlhXVC90elcycnRIV1lEOThBaFpTUnNUaTRQOWdNNVl5NmpkVS9aRE9sT20vN3k2ajIyaFpjZ1cwT3FUcTlRdDd5N3pDNFNYSXlSek5PbzA1UjZPc3VBNnlwMGNhVUI5YjBUK2I4QVRWTitVY3lxWmszdjV5MnZXZGpPdTFGWkcvWT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
668525
content-length
0
expires
0
conversion.js
www.googleadservices.com/pagead/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBXZNN7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f162.1e100.net
Software
cafe /
Resource Hash
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16823
x-xss-protection
0
server
cafe
etag
6351308751113588399
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 21 Dec 2022 01:23:26 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.carousell.com.hk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.carousell.com.hk
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1978005561745261&correlator=3707429997088533&eid=44761477&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fif&iu_parts=325540922%2CDesktop_Product_MPU_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C300x100%7C300x50%7C1x1&ifi=1&adks=1757973948&sfv=1-0-40&prev_scp=tcpt%3DTCPT_NL%26categoryIds%3D635%26parentCategoryID%3D111%26sitetype%3Dpwa&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1671585806574&lmt=1671585806&dlt=1671585804785&idt=1392&adxs=1136&adys=1233&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.carousell.com.hk%2Fp%2Fbrand-new-ysl-coins-bag-127871130%2F&frm=20&vis=1&psz=324x600&msz=324x0&fws=1540&ohw=324&ga_vid=2121875430.1671585806&ga_sid=1671585807&ga_hid=1923439897&ga_fc=true
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8d2c4e21d45d9a10ce1f2ad1d74d24334b148f1cf1f3a19091440eb4515729f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11262
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.carousell.com.hk
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
60ce25579493fe16f3758b7b53d7ef333d4e5431bc297879697e739952f79fdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11065
x-xss-protection
0
container.html
64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7B27 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.carousell.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:23:26 GMT
expires
Thu, 21 Dec 2023 01:23:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
headerstats
as-sec.casalemedia.com/ 		0
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=420894&u=https%3A%2F%2Fwww.carousell.com.hk%2Fp%2Fbrand-new-ysl-coins-bag-127871130%2F&v=3
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UdMfe63jaRClZIloBYfFbF6Z0tOM6DD%2FTho24Ov%2BQEJO5PZUOKU%2FcMnX7cGGrAFAodi4%2BRLoKBSAqwQCtHOuQAcdLvQNXmMzf252j0nn5YXxTVX8gxwf%2F%2Ff7ahkvXMBzGuS1VbIeTRk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.carousell.com.hk
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77cccffb9ccd90fe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1978005561745261&correlator=573389832939042&eid=44761477&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fif&iu_parts=325540922%2CDesktop_Product_MPU&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x100%7C300x50%7C1x1&ifi=2&adks=1617945776&sfv=1-0-40&prev_scp=tcpt%3DTCPT_NL%26categoryIds%3D635%26parentCategoryID%3D111%26sitetype%3Dpwa&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1671585806603&lmt=1671585806&dlt=1671585804785&idt=1392&adxs=1136&adys=995&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.carousell.com.hk%2Fp%2Fbrand-new-ysl-coins-bag-127871130%2F&frm=20&vis=1&psz=324x250&msz=324x0&fws=1028&ohw=324&ga_vid=2121875430.1671585806&ga_sid=1671585807&ga_hid=1923439897&ga_fc=true
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
262d3de9ff69ab2dc0614dd7bd7608b4a34e5a9a84509cde239120829e4e5500
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9106
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.carousell.com.hk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		24 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1978005561745261&correlator=2811973815430866&eid=44761477&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fif&iu_parts=325540922%2CDesktop_Product_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&ifi=3&adks=4083047336&sfv=1-0-40&prev_scp=tcpt%3DTCPT_NL%26categoryIds%3D635%26parentCategoryID%3D111%26sitetype%3Dpwa&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1671585806623&lmt=1671585806&dlt=1671585804785&idt=1392&adxs=315&adys=140&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.carousell.com.hk%2Fp%2Fbrand-new-ysl-coins-bag-127871130%2F&frm=20&vis=1&psz=970x48&msz=970x0&fws=1028&ohw=1520&ga_vid=2121875430.1671585806&ga_sid=1671585807&ga_hid=1923439897&ga_fc=true
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c5fdb3b1a3604bb180fcecbf4bd490f8ea9e7363e1a4afb911bd662d21a4c6f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10663
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.carousell.com.hk
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
headerstats
as-sec.casalemedia.com/ 		0
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=420894&u=https%3A%2F%2Fwww.carousell.com.hk%2Fp%2Fbrand-new-ysl-coins-bag-127871130%2F&v=3
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TSy9vEA4haRYFz%2FvetRVi0aK%2Fb7if4iIRdIvjzhNxUz64%2F0S7WkcrQQEZzJcv27qEfJj82oZmc1L3UKBdWvT1N9RGa9AywX%2FJx8reYwiDaDKmtzTLrF9KiA8AxwwzENvlaxl35HYCA%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.carousell.com.hk
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77cccffb9ccf90fe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
headerstats
as-sec.casalemedia.com/ 		0
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=420894&u=https%3A%2F%2Fwww.carousell.com.hk%2Fp%2Fbrand-new-ysl-coins-bag-127871130%2F&v=3
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xWM2e9K520pT9ZCQkoBUqPRLbNP1iBcPY9n6xvwfW5Y%2BzwGtVmUMQncteyApIquqx%2FQRld7GS%2B4TTorZ4CZ8SnnDzKSYi%2FbWSI60UkIPiClwKXSVt7j8rTOnr9MifzTRyLT2tv7CSCs%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://www.carousell.com.hk
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
77cccffb9cd090fe-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/935048715/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/935048715/?random=1671585806647&cv=9&fst=1671585806647&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.carousell.com.hk%2Fp%2Fbrand-new-ysl-coins-bag-127871130%2F&tiba=BRAND%20NEW%20YSL%20COINS%20BAG%2C%20Luxury%2C%20Bags%20%26%20Wallets%20on%20Carousell&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95adb0f82a37f4266f03887af6990f927c1267b4e86071cf56d5e51bbe4a7ffe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
997
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
standard
api2.branch.io/v2/event/ 		29 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v2/event/standard
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
262785bc0d8a03b026882325ccf0a0e1a2e2ada6ed3cdcc7c86abf2b5580f281
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-branch-request-id
ce964bd3-7481-4141-9c2a-a61434c4d52c-2022122101
content-length
29
x-amz-cf-id
IzT6oByZ0Lvpgu6MSFldGDl-gyo5ciX4uuW4HdwaZG6NQAwAX73Hpw==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 21 Dec 2022 01:23:26 GMT
/
www.facebook.com/tr/ Frame 8810 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.carousell.com.hk
Referer
https://www.carousell.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.carousell.com.hk
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:23:26 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.google.com/pagead/1p-user-list/935048715/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/935048715/?random=1671585806647&cv=9&fst=1671584400000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.carousell.com.hk%2Fp%2Fbrand-new-ysl-coins-bag-127871130%2F&tiba=BRAND%20NEW%20YSL%20COINS%20BAG%2C%20Luxury%2C%20Bags%20%26%20Wallets%20on%20Carousell&fmt=3&is_vtc=1&random=674947466&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:26 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/935048715/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/935048715/?random=1671585806647&cv=9&fst=1671584400000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.carousell.com.hk%2Fp%2Fbrand-new-ysl-coins-bag-127871130%2F&tiba=BRAND%20NEW%20YSL%20COINS%20BAG%2C%20Luxury%2C%20Bags%20%26%20Wallets%20on%20Carousell&fmt=3&is_vtc=1&random=674947466&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:26 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B1F0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.carousell.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
15533
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 20 Dec 2022 21:04:33 GMT
expires
Wed, 20 Dec 2023 21:04:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 32A3 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
087fa3b38029acd3f7b13a5f201aec29b76de1be9400c2351d9f553eac3f6175
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CUDS4EvRCcI6JApcmskfNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.carousell.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-CUDS4EvRCcI6JApcmskfNw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:23:26 GMT
expires
Wed, 21 Dec 2022 01:23:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
event
widget.as.criteo.com/
Redirect Chain
  • https://sslwidget.criteo.com/event?a=78288&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvp%26p%3D127871130&p3=e%3Ddis&adce=1&bundle=zffaYF8zVTJqWTVDbmphcGRWaXVyQ1lOR...
  • https://widget.as.criteo.com/event?a=78288&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvp%26p%3D127871130&p3=e%3Ddis&adce=1&bundle=zffaYF8zVTJqWTVDbmphcGRWaXVyQ1lOR...
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.as.criteo.com/event?a=78288&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvp%26p%3D127871130&p3=e%3Ddis&adce=1&bundle=zffaYF8zVTJqWTVDbmphcGRWaXVyQ1lORThSamFBbW5oaVVRWjNYYnVJVVVldEFBelU5VElhamw1NGNZR1dIaHptViUyQmJnWVV4RlpmZURwRmxSQ2lxQW5tSklHWSUyRndzSFQ0TGxQNTRPSjV6eFlXJTJGRGdlbWFDZ3h4b1JOUERYUW83a1o4OWJQaXlSbEp5MmpldURmRHgwOXV1VndYZXAxYW5FNmtEcHdIeThvTGU2JTJCZyUzRA&tld=carousell.com.hk&dy=1&fu=https%253A%252F%252Fwww.carousell.com.hk%252Fp%252Fbrand-new-ysl-coins-bag-127871130%252F&dtycbr=12073
Protocol
H2
Server
182.161.74.16 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
0f57d7911dbbcb2b4a12ae01085287b9050efecd95a8360276f6c15e69acd8c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
17296704
timing-allow-origin
*
expires
0

Redirect headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://widget.as.criteo.com/event?a=78288&v=5.12.3&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvp%26p%3D127871130&p3=e%3Ddis&adce=1&bundle=zffaYF8zVTJqWTVDbmphcGRWaXVyQ1lORThSamFBbW5oaVVRWjNYYnVJVVVldEFBelU5VElhamw1NGNZR1dIaHptViUyQmJnWVV4RlpmZURwRmxSQ2lxQW5tSklHWSUyRndzSFQ0TGxQNTRPSjV6eFlXJTJGRGdlbWFDZ3h4b1JOUERYUW83a1o4OWJQaXlSbEp5MmpldURmRHgwOXV1VndYZXAxYW5FNmtEcHdIeThvTGU2JTJCZyUzRA&tld=carousell.com.hk&dy=1&fu=https%253A%252F%252Fwww.carousell.com.hk%252Fp%252Fbrand-new-ysl-coins-bag-127871130%252F&dtycbr=12073
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
7734613
timing-allow-origin
*
content-length
0
expires
0
pageview
api2.branch.io/v1/ 		28 B
436 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:b000:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/ Express
Resource Hash
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.carousell.com.hk/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Wed, 21 Dec 2022 01:23:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 c2b4a332b09677da722930ae336c8bfc.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-powered-by
Express
etag
W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-branch-request-id
6db1c4dfef8948a6b7967b7a576ad362-2022122101
content-length
28
x-amz-cf-id
BWxIV9swYXkZjuMO8v_UzKs3B4s9UalvO6mle_CRFl6GnJ6M3HdSXg==
sodar
pagead2.googlesyndication.com/pagead/ Frame 32A3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=1978005561745261&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame B1F0 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 15:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35229
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 15:36:17 GMT
container.html
64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F581 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.carousell.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:23:26 GMT
expires
Thu, 21 Dec 2023 01:23:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C0E1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.carousell.com.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:23:26 GMT
expires
Thu, 21 Dec 2023 01:23:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame 1ACE 		221 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 15 Dec 2022 13:03:38 GMT
age
476389
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 15 Dec 2023 13:03:38 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 1ACE 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 18 Dec 2022 00:07:13 GMT
age
263774
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 18 Dec 2023 00:07:13 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 1ACE 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 19 Dec 2022 03:15:31 GMT
age
166076
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 19 Dec 2023 03:15:31 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 1ACE 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 18 Dec 2022 13:38:30 GMT
age
215097
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 18 Dec 2023 13:38:30 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame 1ACE 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sun, 18 Dec 2022 13:46:16 GMT
age
214631
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 18 Dec 2023 13:46:16 GMT
truncated
/ Frame 1ACE 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6757e58ca6b4e011ea9df07b404d98d4167bc855ea779a4d397f2971fa0dd1e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
10748221438626505548
tpc.googlesyndication.com/simgad/ Frame 1ACE 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10748221438626505548?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkRjrThFEEP8k7bafafr7AcrTj24A
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61822ff1ee4c1c154e32bf4649434ad1556250bb36d3af57dfbb00bc9b9388c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 20:29:08 GMT
x-content-type-options
nosniff
age
104059
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97236
x-xss-protection
0
last-modified
Fri, 12 Aug 2022 03:21:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 19 Dec 2023 20:29:08 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1ACE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 19:39:38 GMT
x-content-type-options
nosniff
server
cafe
age
20629
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Wed, 21 Dec 2022 19:39:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 1ACE 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 10:22:22 GMT
x-content-type-options
nosniff
server
cafe
age
54065
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Wed, 21 Dec 2022 10:22:22 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 1ACE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CYQ3sDmCiY7CnJsHl3gPq9JCYCL6e6u9spY3V-JcQ2tkeEAEg4sPIPGCVgoCAoAegAc2Fk_MCyAEC4AIAqAMByAMIqgT1AU_QVwxIjA7FSRwA-weP6d9siWpO2AjzUpoKi32v4vh457oCMk6JqzIvv3RouJRUdAsyXVk7iZnggaw9OVAsGR7jQ33GMZAS-L10GyDIBOc6I_nqPSl9vhAZ7myNlThbyOkWWCUq2oWM6OR2GqOYamN17vd2WXedPCfdN6QGLm5jGE4oOCzUYlpMDNhCOUiBXADRSjSIuPRjLroA6CUu2XQmw5sW1685-R31s2KZPDxplFbHhiCcnZ2eUj1WbBwENp2Fvq22xSWXuPsyrJPpU1bJQJ3IAoYSpx0lneA3nlTLzrRKwkn8HRBX4tpsiCb1nJ6AEP1fwATPvPLmlQTgBAGSBQQIBBgBkgUECAUYBKAGAoAHxaKsmQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDf0wPSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDNAVAYAXAbIXHgocCAASFHB1Yi0zODgwNjYxNDUxNDAwMTQxGLKhIA&sigh=VSXnNSrU5LA&uach_m=[UACH]&cid=CAQSSwDq26N9tRGpKVr25VsRutD5OLMrjOppck55lbdarnBgbs4sE55rREF69MFMauP0oDW3P1S6Nk0InpDYD4DZ2-COOMyw-5VbTEu0mBgBIBM
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame C0E1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CmtBXDmCiY67AKbKKjuwPhc-g-AzPh46bXMCG2YLGAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0zODgwNjYxNDUxNDAwMTQxyAEJ4AIAqAMBqgT0AU_QsICNhRxPU52zcc_96WLBuLGDiFvSurOKwisUNF9M12pIXFYmaKulFIs_g2SLOL9vp3a1aMivjVv6ibC3mdNQlTqSL1a2Ju7QR5AIn6fGxtr3lXwxLQSWfc4ruZpRy-hPx3oCQ97qsgFBdGqSc0gnCgRKoWF0m314PjZM7uCNnNHVmVzaaU9WvlmAMqUpcwojhnC6qI9hRWwxdYEIVasQuhw--qUNDBI2uJRKbPKFs2vNXxya2-cU1junVe9X3w-qLNzmutcC5PXg9_w-I9jhDR_exFsIk3fTZvOOv1BfdC6P7eRdSD8eky7IZsekz-FrFwTgBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTM4ODA2NjE0NTE0MDAxNDEYsqEg&sigh=BCqmJWu9av4&uach_m=[UACH]&cid=CAQSSwDq26N9S9_NT5WBxNrmGpAxF75QBLoxsEvw4yn0Su30787mvg29wK6DiTx9TYN3RGIgtR0zvwQRm91Qg66Spr7S8zRwudDAzAR_OxgBIBM&tpd=AGWhJmuaUJ2oQUfj6Vq2Y0sOhDje6U5Te-U5ltx4w0Izj9inFa7WZTW5W4gaIyeM80rL_7yojOQiWA96vgmyTOava63mqVnzw8xmVbhEXBneG6yzc-TQYi6tGAq6Oway36TFXO28y45zu4PVL77Pnj5e0qvL99y25lMCqQTRAFg7lN-Y-zXrBlCS1CHEuzT38u_8O9oK_pWPDleE8NmrNyO2q7Kt7bgrj8Di3HCwiG99kPDl12arPI1015uHSuLunovDfc3_aIUJ2xpTmKHpOy25DW4r5I8G2WeJ2eWY-ugBy5GgGEmgXSiXmYpbTCuEGYhc4CrkiO2JS3Z3irIaUHb73WhBZDrNu4W8aQS1azgbieZ1R_UVPCCn2ADGZQToq-G14CpM-GZn3CldJNVUm3XXybVk5G2YsCORzH10A3lnKfJxWx93A1-yKn4Snze8Y9kKnxm8PvxEq8ka_BWYqLT2UHlMSOVQK5FdbyHhpPCJVCKf5zvCcQgKZofqg3iqscide3KQDbb9BVx-dAw80BPPphClcRg9XFfFze9GKy3mTco1muI-ld77e-drTpDCyArqoEQzqaDsXFg-po75VeFHYlRaM8XtoCEdPyG2Um8Q4OsFv7Bqkx7TxLTastKdv0nS92R4daV_yvH8TQVbSR2qKBuboBaWXt5QPzfFfA7nhCU9Te3r56lmPxLCDNtxbdm7wukS8I-YNRdpFZ3-xekX6Sik0JH-D3KD4r3UmpgcCHOZHuX5o-utjGHdbmbotWi1M0CQzoTvG1jfq_ZrI-iDcLgbvzChkMR4xYfqKX4Qs7sosYlGbEdMNgh3JWa63ZANKtbEhnjHZ_q6U0kDZ4m2lYMrA5NermyfN9vdWAxDIDF1FYSQyIkfeM5ViZNJMIpFK5mgB-MoKMnPMtTg2noADQPhHEHNILQ7OjrcUR2lvRnHvNpX4UJYTlKak_Zkq7rU4zLbCatAT7OS0Ig0mVjifpLkdQ57VMb-Pwq_oM_bvdaK4uH9OYsnPO1uHX9JNr2FjgvnfpotbL3nONVCGIhh-ovBSCGLwfd1ktSDL-Tok0LZyQWH0EDxbkShHFfaRftlAzSRfL6P6UlxiB6aK-O9lOM3gmYIWwHYKwEpkEF1NQQ57g
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
js
tags.mathtag.com/notify/ Frame C0E1 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWTJJMlkyWTVaRFl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1MjI0NTk0OTYyOTMzMTQ0MTQvNjYyMjMzNS80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1X0FJdkJxS09KRzlCS19uSW92SDUtWS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTIyNDU5NDk2MjkzMzE0NDE0L3pyaC8wLzkzLzkvOTk5LzMyMi8yMDAxOjFiNjA6Mjo6LzAuMDAwLzE2NzE1ODU4MDYvMTY3MTU5ODQwNi80L3B1Yi0zODgwNjYxNDUxNDAwMTQxLw/Lpx_P-LU2sLAeY-yuFzxNIYoM9o&nodeid=3741&group=zrh&auctionid=7522459496293314414&pbs_auctionid=7522459496293314414&shardkey=7522459496293314414&sid=4562306&cid=6622335&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.24&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3NFLDmCiY67AKbKKjuwPhc-g-AzPh46bXMCG2YLGAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0zODgwNjYxNDUxNDAwMTQxyAEJ4AIAqAMBqgT3AU_QsICNhRxPU52zcc_96WLBuLGDiFvSurOKwisUNF9M12pIXFYmaKulFIs_g2SLOL9vp3a1aMivjVv6ibC3mdNQlTqSL1a2Ju7QR5AIn6fGxtr3lXwxLQSWfc4ruZpRy-hPx3oCQ97qsgFBdGqSc0gnCgRKoWF0m314PjZM7uCNnNHVmVzaaU9WvlmAMqUpcwojhnC6qI9hRWwxdYEIVasQuhw--qUNDBI2uJRKbPKFs2vNXxya2-cU1junVe9X3w-qLNzmutcC5PXg9_w-YdrAn7NiYFyFNz94vrMhT01LfpKFw_y89f9ePNRpeOu8YXjXEIk93xHgBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2fRXY0ERBEufrNIa8O9Ey2JXukIw%26client%3Dca-pub-3880661451400141%26adurl%3D
Requested by
Host: 64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
URL: https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.374.2 /
Resource Hash
52e79f865eac5e2adae588cc685421878f63f5d4bbe7f814eedba611d6c843db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 01:23:27 GMT
x-mm-nodeid
3741
Content-Encoding
gzip
x-mm-bid-request-time
1671585806
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Connection
close
x-mm-handled-by-owner
true
Last-Modified
Wed, 21 Dec 2022 01:23:26 GMT
Server
MMBD/3.374.2
x-mm-latency
35 (0)
Content-Type
application/x-javascript; charset=UTF-8
x-mm-dbg
NotCount
Cache-Control
no-cache
x-mm-host
cdg-router-x40, zrh-bidder-x128
x-mm-lag
1
Expires
Wed, 21 Dec 2022 01:23:26 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame C0E1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
URL: https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 20:49:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
16449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Jan 2023 20:49:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame C0E1 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
URL: https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:52:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
30682
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Jan 2023 16:52:05 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame C0E1 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
URL: https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 22:03:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
530390
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 14 Dec 2023 22:03:37 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C0E1 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
URL: https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 21 Dec 2022 01:23:27 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame B1D5 		624 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWJ4rdeoJ48adI7JEQNOGiBI4R_u55VH56BbdAW-2muyZ3cCgnek1tUZsf9nlpzwTzCbd_eZf244Piw7j1W5SzKnziWLtklxaAGwYZ2svmy1emQ4ZQKemf7bjv4pHmRjYcK2NhWAGTP75UA_Wt4NwdNOLm672YXBI8OIv00Ky-lYBdo6mo
Requested by
Host: 64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
URL: https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:23:27 GMT
expires
Wed, 21 Dec 2022 01:23:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame F581 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMYQfZC0ZuVHe7Xma2q85pYYFqjQtXde-20Hg_X_oyTQb_5-2FinmEeVFIZ0c9c06HIxAOzBzjZGkqzMmxCTS-CsqiSn7BLozSGtuOdtFd6tqQ6ABLvFqh9zQuUHoJKmqx_MPZrKcOeTfXMG0h5w6av8kWQPZGBfo6GRtgwzGH87X6cHI&cry=1&dbm_d=AKAmf-CInsC_660hFcFoGjzp2VW0IkPy-q_jPGffERHA2b6BBvsFVTob6EukGov7EfzUsQuadBaUZ7E_TUap3LrrV0goofYI1hVmOaJYwQymesSEDCv8jL4k2C8oW2o4OKVHoMMPCkP152hWUrT3KbD3fF-xIvdPIi_ejToE4lVYtPRU98S_hdl26cGENCtqYNZrtLRmbHWUbGgFYO8hln9hKgwY6XS_AFrl38EeILxaX1j-v-JsVzZCCAkNxP08nvzkHhbA35L1qi4re-K-Axa2WxBzqzzvs_OOzgB0pnjdBJiVKCL8hGgSS2sLrQlOZTdqsoGdIeh8SDpng955UoDgl877bRhOXRbZXd3tg4EcnWw-MzAjEqOSOBP1_wUC8QeHY8o-AwRuEx8zl7VDQ0AsdqQpftXDEDhtSmCJS5qPuwWL51wU866uxNrSjmqjNnVhwKBzkx9B0fPznksI-is2NU-yCn-SPUpufq8BYovoQxT0L2oYn_MNQ4TKCEa4-OVEWxooOagLKTWvQd8W_Niy0bT5Pzj64Rg1uiS2GY6_TUMT185x_ojVh1BUCmzQckRmvoQWd_CK9pkn-QJMfp-Y97gM8izk5dPPlipTDI5mpP-rkvF399g4GhXK9JXXyrectmw-dUors3bTfupheUMBbeTobSBXyso3kLI_l_cMcZgtYieP1mDFOeBxBq1nhoCoOPasvGbsOcAzSUh2VV9-ZRO6g0dc81TMAs55db53UwxuHBEciJ4E0YmPGDJcVg1Wc62vdtLzJ_1Ue6D_weA1UP_QPlcbaLlWAhvnBrCCm_bfV7zerp86D3FaH0nnJWedjGWx4fLNseaNEyveYh66kNuxkNFG3cHUbIXuKaApbiKDQB7SDkjtRz7nknTrpb1POvWQ7grSvppES9KJAkw2zdDQD1xlQWyjFKM9l9KtMO2GCgK1IMUVA59_PPT1Uheg7Tt6OYfkt4ojVWWRCqKuvmIykPmGT4x9Q-Jt9_6ZaS3tSi-eAp1VmiX0xeKESAfit3sYMFDFMWoixf5eY3ci-VUlqD2jQCHoM5W8xmDTM4162lneZ-p3FL92DqqSC7wcWnAsR3pT5qNWrejrS6FPxFB7S4UUTz1oAjlB49ScF7AuTFWnWzCsLFiysiX7f-DD5wwSc285NfWFJwpENU4eFhRkVF0So3QZ7prZclmA40eUDPtJ_YX0jsEo0CL1FLd60nl6dWhhwTLiVeEKyFkGZKlB2WIPYGwxJGagttiU9Cex7TWIluRWi5kpErwmsZM5txHofg8iDT14utLZPL2GQGRD_gu9nf3bKjScFzxroIvHbRaY7JYYHOzMKUTq7bJqcZztzfEQL4Q0IJmGSKmDcUZpijTkpl-GvakuD8b73GxuCAZuSKboWDdJDxcm9Rr8SFJLdNzDjWEwkGHIPOvkVg8FGB0PHqkXGujmRJBsIeifftlxdrs-6zYQS1vQ3tYuCOUpCp_HvMMlwzB0lThF7_zmQkFaJijIryQCpbjdnQKs7TPN_DHAGM3pl5yfH6-0eSG3JNvUxmfqDobWzne1LLb9Uk5hh_whcDrg5xlEuLuBgLplxbhRUQf2OjK8tl72dYiM5u7n9sZz81PYpuVyGjcVjLKyZbF7aAnXPhFHKDW0bS8tgqCDzmmkZS3NxNArau6RYsCHbM2gnAvy08Mh0JBMNRGQ-cUmzKgQQt59d9WozzyTrgBLkSwh5-6TSfDa-kaFcqjX7rfH97DHmppAhzwAWKO-rpj75A9CbRYvye_rbl25XgFu_C9pgiib6O1JfJujsd-RwqsJ8YD4OFYoDnQqvmsSUZyvxX5a6J9pCQ6doIey1bXLdf8_I-3ekj-tPWZbh0zkROjaloSIXSv8osxqO6LY9hiZZQmKyRq6KfBP1WMWLITaHNGSu13P2WqnEUjuxnBcRSUDLtQuu4DJX0mnlOP3QMBlREd4KY8DzDAYNCBXa95vZZ-17SqvTjCnbwzCd77stfxrubZ5j8bHj2wVtIHXLKKATKO_4qCjnlUids0h7lFHbJcnFQGVcNixbkiXoj-B5yszQRUC4n6kcfya8LUPCllCwzmhO7sOGYGz3F0j2b6bWmx3uHrNA824PIdlk5OokPiXrAQ8xn6-FgXstAax0SKvmfTBngHF4R9Gu6meNhuwksDWQ8HWvp1XAoCZLxx0rbzYuhmVML3ztMkIZUeuBO_caOq50Us6bqYglhnGq4JX5AV1Df7oiESrPn5kKePfkG0AgMwhOg0jfl2feGov0xg7A9Lgj2bWb8kR8JinaehAyoTxhpNMKDt5SVV8tbkgFLK_TLuY-3yidebj-DmOK6eQ0NFJcba_KNlde5EgsREDpEzOvAFlxUpy3bMSLZ57EtOi9d5YSmaWiFhLI7cucO4dqlruul6d_G9-UGnflVZH4K3DhXJtyefZqmmFnlaM-i92y7SF6J_jGuCF1qecwR1B6R0VEKrlXKLSpi3ow7nDbPdKmAST2ULh5myFDtedebDEgPKnGLpQn-P8hPB5gwTEzuqPIX8iavqxeMUC8NrpxseoZEhTeJ0azCl9YSBBK9EES7jGHyf-_k_9o-QmmI_xNS5QDPlZ2un3JI1vKrrh2rLAnmo04vV65VSKOTT21GNC_q48ZNc57P0AvETCZ8_t7_aZuT1nf0x-0dv71wBHC76TncKVWkED0ALCaSCUg55nnQ3IhEsV4DsMkv1-clZ0qIzj76Mu5-RVIspMhm8nXjtjS6Ly8x91Bg9BWHZG3__tDEr6HyGkhybMz0gCyObWQgMKjtB3kmBbxSYnXfxkSksO7shBoUe0bPy4Rm9wvx4tTy02r_-ouxx64dBpjni7hu3ZVENjEvFqjAzkySf41qJdLuccBTMVJserW71KpsHRy2PCCjYBbQDZSMG3k5vJpVY5nUCw78yStJS82IvJrLbv8fapVKUde19FdGgpfcXcw2mmOxeAAXufA5VGXGsQ_u7vyf0-1Ny_UfHeeUxd-r3ywdtHlc-k5aCTVUi9ZQDZFV8LsxRI4qiAxeObOq5Y7ZRvM-Uvv12_I703rkNymo-efXMe98WuuE5YZWWKBwo90WfxSYNwLjL3VyRindDdboEJ0ZhX7WTIOg_S-QSYrCyTpnBRjtjgmUO5zTH6qtI3pWezgrCQmHU9YLU5uY4B3zwXw76kZ3Rt8eE2BMpvHBCVo8LUnhbI1RQzrmk8ahvx4Z8o98YzJZMTTSNROK8XFCBgQ6IIJ5g-qfT1LPiZHsbkzW22BiGKPZLl3qY1D6LCVg-RFlL2Xd5SxuTiF7TyZEt-cferFLZB0VFC0uS97jF1B5inXWTwMGaaCnYinTHdCaVvJxoXBfVkz0loc-MwD1xRZBlx4khIx1fNHYKQf_3agPdZBUcS3Lw8Q41gNJ81swEeBu-0cBz3wdsILA&cid=CAQSTADq26N9V85Zk_Z3-1rLlB7dHZzA8_-3wVelwQFSHQSI4LUHJSrjEpFmQKz6YsRUDtD7nqPguba8rRJW3ojl8qhaqpgj0PT3B0s9DL4YASAT&rfl=1%2Chttps%253A%252F%252Fwww.carousell.com.hk%252F%240
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c3d35404207b1fe085181b6ec820be2b5e91c5878c4116355c2b67e5f5cdbca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11356
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F581 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DtnywK-9kv7xPdZzkmDaIVWn-i3J-2e3FnM7BI1VyXfWFSFQTB0qLuSY0F1aBwby9Fn2ThUije_qr9zt6c5DcfkVMJXdwG1C0ut4Y7DFOdLyROfik
Requested by
Host: 64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
URL: https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F581 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: 64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
URL: https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 20:49:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
16449
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Jan 2023 20:49:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame F581 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
URL: https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 16:52:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
30682
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 03 Jan 2023 16:52:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F581 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
URL: https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 21 Dec 2022 01:23:27 GMT
generate_204
tpc.googlesyndication.com/ Frame B1F0 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?FWECOA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
rum
dsum-sec.casalemedia.com/ Frame B1D5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL1blpNKcuDUs6jGCg37RCc&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL1blpNKcuDUs6jGCg37RCc&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEL1blpNKcuDUs6jGCg37RCc&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWJ4rdeoJ48adI7JEQNOGiBI4R_u55VH56BbdAW-2muyZ3cCgnek1tUZsf9nlpzwTzCbd_eZf244Piw7j1W5SzKnziWLtklxaAGwYZ2svmy1emQ4ZQKemf7bjv4pHmRjYcK2NhWAGTP75UA_Wt4NwdNOLm672YXBI8OIv00Ky-lYBdo6mo
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Dec 2022 01:23:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 21 Dec 2022 01:23:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEL1blpNKcuDUs6jGCg37RCc&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame B1D5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y6JgD9waWPXCBnavnA02SQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGvoOOWOgbGjgmu19lDRUtg&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGvoOOWOgbGjgmu19lDRUtg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWJ4rdeoJ48adI7JEQNOGiBI4R_u55VH56BbdAW-2muyZ3cCgnek1tUZsf9nlpzwTzCbd_eZf244Piw7j1W5SzKnziWLtklxaAGwYZ2svmy1emQ4ZQKemf7bjv4pHmRjYcK2NhWAGTP75UA_Wt4NwdNOLm672YXBI8OIv00Ky-lYBdo6mo
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Dec 2022 01:23:27 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGvoOOWOgbGjgmu19lDRUtg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame B1D5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHt9r4ZmljLiVL__A2OjeC0&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEHt9r4ZmljLiVL__A2OjeC0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWJ4rdeoJ48adI7JEQNOGiBI4R_u55VH56BbdAW-2muyZ3cCgnek1tUZsf9nlpzwTzCbd_eZf244Piw7j1W5SzKnziWLtklxaAGwYZ2svmy1emQ4ZQKemf7bjv4pHmRjYcK2NhWAGTP75UA_Wt4NwdNOLm672YXBI8OIv00Ky-lYBdo6mo
Protocol
HTTP/1.1
Server
185.89.210.82 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Dec 2022 01:23:27 GMT
AN-X-Request-Uuid
139bb401-edda-4bc3-9292-8a442b7d29d6
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEHt9r4ZmljLiVL__A2OjeC0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B1D5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUyNTIwNTMyMjA1NzU4MDU2Ng%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUyNTIwNTMyMjA1NzU4MDU2Ng%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjbobvGATAB&v=APEucNWJ4rdeoJ48adI7JEQNOGiBI4R_u55VH56BbdAW-2muyZ3cCgnek1tUZsf9nlpzwTzCbd_eZf244Piw7j1W5SzKnziWLtklxaAGwYZ2svmy1emQ4ZQKemf7bjv4pHmRjYcK2NhWAGTP75UA_Wt4NwdNOLm672YXBI8OIv00Ky-lYBdo6mo
Protocol
H2
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 21 Dec 2022 01:23:27 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
764a40cf-782c-4449-8435-80473abcb12d
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDUyNTIwNTMyMjA1NzU4MDU2Ng%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1ACE
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H3
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Redirect headers

date
Wed, 21 Dec 2022 01:23:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F581 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMYQfZC0ZuVHe7Xma2q85pYYFqjQtXde-20Hg_X_oyTQb_5-2FinmEeVFIZ0c9c06HIxAOzBzjZGkqzMmxCTS-CsqiSn7BLozSGtuOdtFd6tqQ6ABLvFqh9zQuUHoJKmqx_MPZrKcOeTfXMG0h5w6av8kWQPZGBfo6GRtgwzGH87X6cHI&cry=1&dbm_d=AKAmf-CInsC_660hFcFoGjzp2VW0IkPy-q_jPGffERHA2b6BBvsFVTob6EukGov7EfzUsQuadBaUZ7E_TUap3LrrV0goofYI1hVmOaJYwQymesSEDCv8jL4k2C8oW2o4OKVHoMMPCkP152hWUrT3KbD3fF-xIvdPIi_ejToE4lVYtPRU98S_hdl26cGENCtqYNZrtLRmbHWUbGgFYO8hln9hKgwY6XS_AFrl38EeILxaX1j-v-JsVzZCCAkNxP08nvzkHhbA35L1qi4re-K-Axa2WxBzqzzvs_OOzgB0pnjdBJiVKCL8hGgSS2sLrQlOZTdqsoGdIeh8SDpng955UoDgl877bRhOXRbZXd3tg4EcnWw-MzAjEqOSOBP1_wUC8QeHY8o-AwRuEx8zl7VDQ0AsdqQpftXDEDhtSmCJS5qPuwWL51wU866uxNrSjmqjNnVhwKBzkx9B0fPznksI-is2NU-yCn-SPUpufq8BYovoQxT0L2oYn_MNQ4TKCEa4-OVEWxooOagLKTWvQd8W_Niy0bT5Pzj64Rg1uiS2GY6_TUMT185x_ojVh1BUCmzQckRmvoQWd_CK9pkn-QJMfp-Y97gM8izk5dPPlipTDI5mpP-rkvF399g4GhXK9JXXyrectmw-dUors3bTfupheUMBbeTobSBXyso3kLI_l_cMcZgtYieP1mDFOeBxBq1nhoCoOPasvGbsOcAzSUh2VV9-ZRO6g0dc81TMAs55db53UwxuHBEciJ4E0YmPGDJcVg1Wc62vdtLzJ_1Ue6D_weA1UP_QPlcbaLlWAhvnBrCCm_bfV7zerp86D3FaH0nnJWedjGWx4fLNseaNEyveYh66kNuxkNFG3cHUbIXuKaApbiKDQB7SDkjtRz7nknTrpb1POvWQ7grSvppES9KJAkw2zdDQD1xlQWyjFKM9l9KtMO2GCgK1IMUVA59_PPT1Uheg7Tt6OYfkt4ojVWWRCqKuvmIykPmGT4x9Q-Jt9_6ZaS3tSi-eAp1VmiX0xeKESAfit3sYMFDFMWoixf5eY3ci-VUlqD2jQCHoM5W8xmDTM4162lneZ-p3FL92DqqSC7wcWnAsR3pT5qNWrejrS6FPxFB7S4UUTz1oAjlB49ScF7AuTFWnWzCsLFiysiX7f-DD5wwSc285NfWFJwpENU4eFhRkVF0So3QZ7prZclmA40eUDPtJ_YX0jsEo0CL1FLd60nl6dWhhwTLiVeEKyFkGZKlB2WIPYGwxJGagttiU9Cex7TWIluRWi5kpErwmsZM5txHofg8iDT14utLZPL2GQGRD_gu9nf3bKjScFzxroIvHbRaY7JYYHOzMKUTq7bJqcZztzfEQL4Q0IJmGSKmDcUZpijTkpl-GvakuD8b73GxuCAZuSKboWDdJDxcm9Rr8SFJLdNzDjWEwkGHIPOvkVg8FGB0PHqkXGujmRJBsIeifftlxdrs-6zYQS1vQ3tYuCOUpCp_HvMMlwzB0lThF7_zmQkFaJijIryQCpbjdnQKs7TPN_DHAGM3pl5yfH6-0eSG3JNvUxmfqDobWzne1LLb9Uk5hh_whcDrg5xlEuLuBgLplxbhRUQf2OjK8tl72dYiM5u7n9sZz81PYpuVyGjcVjLKyZbF7aAnXPhFHKDW0bS8tgqCDzmmkZS3NxNArau6RYsCHbM2gnAvy08Mh0JBMNRGQ-cUmzKgQQt59d9WozzyTrgBLkSwh5-6TSfDa-kaFcqjX7rfH97DHmppAhzwAWKO-rpj75A9CbRYvye_rbl25XgFu_C9pgiib6O1JfJujsd-RwqsJ8YD4OFYoDnQqvmsSUZyvxX5a6J9pCQ6doIey1bXLdf8_I-3ekj-tPWZbh0zkROjaloSIXSv8osxqO6LY9hiZZQmKyRq6KfBP1WMWLITaHNGSu13P2WqnEUjuxnBcRSUDLtQuu4DJX0mnlOP3QMBlREd4KY8DzDAYNCBXa95vZZ-17SqvTjCnbwzCd77stfxrubZ5j8bHj2wVtIHXLKKATKO_4qCjnlUids0h7lFHbJcnFQGVcNixbkiXoj-B5yszQRUC4n6kcfya8LUPCllCwzmhO7sOGYGz3F0j2b6bWmx3uHrNA824PIdlk5OokPiXrAQ8xn6-FgXstAax0SKvmfTBngHF4R9Gu6meNhuwksDWQ8HWvp1XAoCZLxx0rbzYuhmVML3ztMkIZUeuBO_caOq50Us6bqYglhnGq4JX5AV1Df7oiESrPn5kKePfkG0AgMwhOg0jfl2feGov0xg7A9Lgj2bWb8kR8JinaehAyoTxhpNMKDt5SVV8tbkgFLK_TLuY-3yidebj-DmOK6eQ0NFJcba_KNlde5EgsREDpEzOvAFlxUpy3bMSLZ57EtOi9d5YSmaWiFhLI7cucO4dqlruul6d_G9-UGnflVZH4K3DhXJtyefZqmmFnlaM-i92y7SF6J_jGuCF1qecwR1B6R0VEKrlXKLSpi3ow7nDbPdKmAST2ULh5myFDtedebDEgPKnGLpQn-P8hPB5gwTEzuqPIX8iavqxeMUC8NrpxseoZEhTeJ0azCl9YSBBK9EES7jGHyf-_k_9o-QmmI_xNS5QDPlZ2un3JI1vKrrh2rLAnmo04vV65VSKOTT21GNC_q48ZNc57P0AvETCZ8_t7_aZuT1nf0x-0dv71wBHC76TncKVWkED0ALCaSCUg55nnQ3IhEsV4DsMkv1-clZ0qIzj76Mu5-RVIspMhm8nXjtjS6Ly8x91Bg9BWHZG3__tDEr6HyGkhybMz0gCyObWQgMKjtB3kmBbxSYnXfxkSksO7shBoUe0bPy4Rm9wvx4tTy02r_-ouxx64dBpjni7hu3ZVENjEvFqjAzkySf41qJdLuccBTMVJserW71KpsHRy2PCCjYBbQDZSMG3k5vJpVY5nUCw78yStJS82IvJrLbv8fapVKUde19FdGgpfcXcw2mmOxeAAXufA5VGXGsQ_u7vyf0-1Ny_UfHeeUxd-r3ywdtHlc-k5aCTVUi9ZQDZFV8LsxRI4qiAxeObOq5Y7ZRvM-Uvv12_I703rkNymo-efXMe98WuuE5YZWWKBwo90WfxSYNwLjL3VyRindDdboEJ0ZhX7WTIOg_S-QSYrCyTpnBRjtjgmUO5zTH6qtI3pWezgrCQmHU9YLU5uY4B3zwXw76kZ3Rt8eE2BMpvHBCVo8LUnhbI1RQzrmk8ahvx4Z8o98YzJZMTTSNROK8XFCBgQ6IIJ5g-qfT1LPiZHsbkzW22BiGKPZLl3qY1D6LCVg-RFlL2Xd5SxuTiF7TyZEt-cferFLZB0VFC0uS97jF1B5inXWTwMGaaCnYinTHdCaVvJxoXBfVkz0loc-MwD1xRZBlx4khIx1fNHYKQf_3agPdZBUcS3Lw8Q41gNJ81swEeBu-0cBz3wdsILA&cid=CAQSTADq26N9V85Zk_Z3-1rLlB7dHZzA8_-3wVelwQFSHQSI4LUHJSrjEpFmQKz6YsRUDtD7nqPguba8rRJW3ojl8qhaqpgj0PT3B0s9DL4YASAT&rfl=1%2Chttps%253A%252F%252Fwww.carousell.com.hk%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 16:52:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
117082
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 16:52:05 GMT
s2gk7r78n0fa
hal9000.redintelligence.net/zone/ Frame C0E1 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/s2gk7r78n0fa?subid=&gdpr=1&gdpr_consent=li&rnd=7522459496293314414&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DPR6t33mrTJhGlSmLhjWoZQ%26exch_seat%3D20035004448%26mt_aid%3D7522459496293314414%26mt_id%3D6622335%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dc18163a2-600f-4001-8f9c-eaef7f711a55%26mt_cid%3Dc18163a2-600f-4001-8f9c-eaef7f711a55%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC3NFLDmCiY67AKbKKjuwPhc-g-AzPh46bXMCG2YLGAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0zODgwNjYxNDUxNDAwMTQxyAEJ4AIAqAMBqgT3AU_QsICNhRxPU52zcc_96WLBuLGDiFvSurOKwisUNF9M12pIXFYmaKulFIs_g2SLOL9vp3a1aMivjVv6ibC3mdNQlTqSL1a2Ju7QR5AIn6fGxtr3lXwxLQSWfc4ruZpRy-hPx3oCQ97qsgFBdGqSc0gnCgRKoWF0m314PjZM7uCNnNHVmVzaaU9WvlmAMqUpcwojhnC6qI9hRWwxdYEIVasQuhw--qUNDBI2uJRKbPKFs2vNXxya2-cU1junVe9X3w-qLNzmutcC5PXg9_w-YdrAn7NiYFyFNz94vrMhT01LfpKFw_y89f9ePNRpeOu8YXjXEIk93xHgBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2fRXY0ERBEufrNIa8O9Ey2JXukIw%2526client%253Dca-pub-3880661451400141%2526adurl%253D%26redirect%3D
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.243.149.243.136.clients.your-server.de
Software
Apache /
Resource Hash
4161345049eee66e715f67a3eeb5854939968fae342649e80973f3827dd1d2ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 01:23:27 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3394
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
ck-confirm
tags.mathtag.com/ Frame C0E1 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/ck-confirm?bid_id=7522459496293314414&node_id=3741&exch_id=4
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWTJJMlkyWTVaRFl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1MjI0NTk0OTYyOTMzMTQ0MTQvNjYyMjMzNS80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1X0FJdkJxS09KRzlCS19uSW92SDUtWS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTIyNDU5NDk2MjkzMzE0NDE0L3pyaC8wLzkzLzkvOTk5LzMyMi8yMDAxOjFiNjA6Mjo6LzAuMDAwLzE2NzE1ODU4MDYvMTY3MTU5ODQwNi80L3B1Yi0zODgwNjYxNDUxNDAwMTQxLw/Lpx_P-LU2sLAeY-yuFzxNIYoM9o&nodeid=3741&group=zrh&auctionid=7522459496293314414&pbs_auctionid=7522459496293314414&shardkey=7522459496293314414&sid=4562306&cid=6622335&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.24&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3NFLDmCiY67AKbKKjuwPhc-g-AzPh46bXMCG2YLGAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0zODgwNjYxNDUxNDAwMTQxyAEJ4AIAqAMBqgT3AU_QsICNhRxPU52zcc_96WLBuLGDiFvSurOKwisUNF9M12pIXFYmaKulFIs_g2SLOL9vp3a1aMivjVv6ibC3mdNQlTqSL1a2Ju7QR5AIn6fGxtr3lXwxLQSWfc4ruZpRy-hPx3oCQ97qsgFBdGqSc0gnCgRKoWF0m314PjZM7uCNnNHVmVzaaU9WvlmAMqUpcwojhnC6qI9hRWwxdYEIVasQuhw--qUNDBI2uJRKbPKFs2vNXxya2-cU1junVe9X3w-qLNzmutcC5PXg9_w-YdrAn7NiYFyFNz94vrMhT01LfpKFw_y89f9ePNRpeOu8YXjXEIk93xHgBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2fRXY0ERBEufrNIa8O9Ey2JXukIw%26client%3Dca-pub-3880661451400141%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.374.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 01:23:27 GMT
Server
MMBD/3.374.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x50, zrh-bidder-x128
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Wed, 21 Dec 2022 01:23:26 GMT
analytics.js
s.update.mediamathtag.com/2/619621/ Frame C0E1 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130&ui=cb6cf9d6-0000-0000-0000-000000000000&ap=&ti=7522459496293314414&pv=e8cd9eb3-7151-43f1-9965-f3e25a6a6ad6&pp=pub-3880661451400141&sr=4&de=43003&si=781327868&dm=970x250&ac=651871&cr=6622335&ai=216536&c1=4562306&r1=2001:1b60:2::&r2=&r3=
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWTJJMlkyWTVaRFl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1MjI0NTk0OTYyOTMzMTQ0MTQvNjYyMjMzNS80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1X0FJdkJxS09KRzlCS19uSW92SDUtWS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTIyNDU5NDk2MjkzMzE0NDE0L3pyaC8wLzkzLzkvOTk5LzMyMi8yMDAxOjFiNjA6Mjo6LzAuMDAwLzE2NzE1ODU4MDYvMTY3MTU5ODQwNi80L3B1Yi0zODgwNjYxNDUxNDAwMTQxLw/Lpx_P-LU2sLAeY-yuFzxNIYoM9o&nodeid=3741&group=zrh&auctionid=7522459496293314414&pbs_auctionid=7522459496293314414&shardkey=7522459496293314414&sid=4562306&cid=6622335&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.24&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3NFLDmCiY67AKbKKjuwPhc-g-AzPh46bXMCG2YLGAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0zODgwNjYxNDUxNDAwMTQxyAEJ4AIAqAMBqgT3AU_QsICNhRxPU52zcc_96WLBuLGDiFvSurOKwisUNF9M12pIXFYmaKulFIs_g2SLOL9vp3a1aMivjVv6ibC3mdNQlTqSL1a2Ju7QR5AIn6fGxtr3lXwxLQSWfc4ruZpRy-hPx3oCQ97qsgFBdGqSc0gnCgRKoWF0m314PjZM7uCNnNHVmVzaaU9WvlmAMqUpcwojhnC6qI9hRWwxdYEIVasQuhw--qUNDBI2uJRKbPKFs2vNXxya2-cU1junVe9X3w-qLNzmutcC5PXg9_w-YdrAn7NiYFyFNz94vrMhT01LfpKFw_y89f9ePNRpeOu8YXjXEIk93xHgBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2fRXY0ERBEufrNIa8O9Ey2JXukIw%26client%3Dca-pub-3880661451400141%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
1077a51d11b7574513663f84234cd5ffeb8a0d1f69b2f873efbffc8f5109c417
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Dec 2022 01:23:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
*
Content-Type
text/javascript; charset=utf-8
Cache-Control
no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Timing-Allow-Origin
*
Content-Length
3026
Expires
0
img
pixel.mathtag.com/event/ Frame C0E1 		43 B
404 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=7522459496293314414&v3=651871&v4=4562306&v5=6622335&mt_nsync=1&no_attr=1
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWTJJMlkyWTVaRFl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1MjI0NTk0OTYyOTMzMTQ0MTQvNjYyMjMzNS80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1X0FJdkJxS09KRzlCS19uSW92SDUtWS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTIyNDU5NDk2MjkzMzE0NDE0L3pyaC8wLzkzLzkvOTk5LzMyMi8yMDAxOjFiNjA6Mjo6LzAuMDAwLzE2NzE1ODU4MDYvMTY3MTU5ODQwNi80L3B1Yi0zODgwNjYxNDUxNDAwMTQxLw/Lpx_P-LU2sLAeY-yuFzxNIYoM9o&nodeid=3741&group=zrh&auctionid=7522459496293314414&pbs_auctionid=7522459496293314414&shardkey=7522459496293314414&sid=4562306&cid=6622335&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.24&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3NFLDmCiY67AKbKKjuwPhc-g-AzPh46bXMCG2YLGAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0zODgwNjYxNDUxNDAwMTQxyAEJ4AIAqAMBqgT3AU_QsICNhRxPU52zcc_96WLBuLGDiFvSurOKwisUNF9M12pIXFYmaKulFIs_g2SLOL9vp3a1aMivjVv6ibC3mdNQlTqSL1a2Ju7QR5AIn6fGxtr3lXwxLQSWfc4ruZpRy-hPx3oCQ97qsgFBdGqSc0gnCgRKoWF0m314PjZM7uCNnNHVmVzaaU9WvlmAMqUpcwojhnC6qI9hRWwxdYEIVasQuhw--qUNDBI2uJRKbPKFs2vNXxya2-cU1junVe9X3w-qLNzmutcC5PXg9_w-YdrAn7NiYFyFNz94vrMhT01LfpKFw_y89f9ePNRpeOu8YXjXEIk93xHgBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2fRXY0ERBEufrNIa8O9Ey2JXukIw%26client%3Dca-pub-3880661451400141%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.168.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-207.deploy.static.akamaitechnologies.com
Software
MT3 277 3f0ad7a master zrh-pixel-x12 config:1.0.0 /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 01:23:27 GMT
Server
MT3 277 3f0ad7a master zrh-pixel-x12 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Cache-Control
no-cache
Connection
keep-alive
Content-Length
43
Expires
Wed, 21 Dec 2022 01:23:26 GMT
img
tags.mathtag.com/event/ Frame C0E1 		49 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=7522459496293314414&st=4562306&time=1671585807&nodeid=3741
Requested by
Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvWTJJMlkyWTVaRFl0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3Lzc1MjI0NTk0OTYyOTMzMTQ0MTQvNjYyMjMzNS80NTYyMzA2LzQvREhTQzNzbG9TcnFoOXpyclIxRHU1X0FJdkJxS09KRzlCS19uSW92SDUtWS8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC83NTIyNDU5NDk2MjkzMzE0NDE0L3pyaC8wLzkzLzkvOTk5LzMyMi8yMDAxOjFiNjA6Mjo6LzAuMDAwLzE2NzE1ODU4MDYvMTY3MTU5ODQwNi80L3B1Yi0zODgwNjYxNDUxNDAwMTQxLw/Lpx_P-LU2sLAeY-yuFzxNIYoM9o&nodeid=3741&group=zrh&auctionid=7522459496293314414&pbs_auctionid=7522459496293314414&shardkey=7522459496293314414&sid=4562306&cid=6622335&bp=a_aiebbd&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.24&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3NFLDmCiY67AKbKKjuwPhc-g-AzPh46bXMCG2YLGAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0zODgwNjYxNDUxNDAwMTQxyAEJ4AIAqAMBqgT3AU_QsICNhRxPU52zcc_96WLBuLGDiFvSurOKwisUNF9M12pIXFYmaKulFIs_g2SLOL9vp3a1aMivjVv6ibC3mdNQlTqSL1a2Ju7QR5AIn6fGxtr3lXwxLQSWfc4ruZpRy-hPx3oCQ97qsgFBdGqSc0gnCgRKoWF0m314PjZM7uCNnNHVmVzaaU9WvlmAMqUpcwojhnC6qI9hRWwxdYEIVasQuhw--qUNDBI2uJRKbPKFs2vNXxya2-cU1junVe9X3w-qLNzmutcC5PXg9_w-YdrAn7NiYFyFNz94vrMhT01LfpKFw_y89f9ePNRpeOu8YXjXEIk93xHgBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2fRXY0ERBEufrNIa8O9Ey2JXukIw%26client%3Dca-pub-3880661451400141%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.374.2 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 01:23:27 GMT
Server
MMBD/3.374.2
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
cdg-router-x110, zrh-bidder-x128
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Wed, 21 Dec 2022 01:23:26 GMT
iju9wczm8trb
hal9000.redintelligence.net/zone/ Frame F581 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/iju9wczm8trb?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPZpjDmCiY9iAKMKL3gPg4o2QAqblvaBprZWcp8kP8C4QASDiw8g8YJWCgICgB8gBCakCY01OGwTUsT6oAwGqBOMBT9CHxCQcujokdsEHIEfqpu3FArGj1-_JiJ8kdcqBSYBigUuI-rPDB76z4kYG6blZ9Y_exkrcaV_5HCNVXdzwApb_EA9GVIn--UawT2qdO1MGxjfnxJEsBWwtap1U4PQHjOsoTKcav-Zxm8p18MqTy9VF9ignadv1LG-sFCIMu1bAm2kGGdHsUrWhgn1JkE1DS0FF4vq0iXdeKVPS5guoSQ5ZBBJcfrozi-FYRf6QL1ib2J_6sRa3Bq4I-9EruLxjLHf1qzAXYiKTn7oXZUbDJwyT6qGX885mVRAur05ni2Ww3o3ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9V85Zk_Z3-1rLlB7dHZzA8_-3wVelwQFSHQSI4LUHJSrjEpFmQKz6YsRUDtD7nqPguba8rRJW3ojl8qhaqpgj0PT3B0s9DL4YASAT%26sig%3DAOD64_2tEiSxO5Tyh5h8n4zCBfWnNeCZww%26client%3Dca-pub-3880661451400141%26dbm_c%3DAKAmf-BbPB14GTqjfUCmEjrMd-ZPRkpv8xdPUGg1OjyWoJnA4jjVt856t9LdeaFLLKklRwHtnfopawsrD4weIZe84ebbYZkIv1BBDRpzuZAxs7LoRHUl2YTojwIZ1aApNJnYzkS-pvsitWo0nUAveolEjqL-0Gm7T7PrYgeB3vd2aMudi9_TdGc%26cry%3D1%26dbm_d%3DAKAmf-BOb8pLG41W3sAzOwnR8yWbbc8nZO-Du4FEFpMoVkdwtjOGqnsLK5_FNgDoNHk-ZAtjhqeVWwMsKB09b5s9op1gTwt-byeOvsIskLS3NjjCQrZ8q7OTgqPeP4TdFQqO7hhTGk-hvWwsF3kl1gLkl17Gil6XAIQb61sUShyq-OIA7MBKqC9iTL8F3BC4P0cBs6AYKI4H6DO3O0dc4akgh_wVwz6RKuOiUBcmyV89bDovDAjNeN9hMYriCzYUBVHrPHpxAniIYuADE3E0q6dpIDBKD3mQOtt60Ss8L0GefM3hI6_ADq_v4Nx4UZ9uh97YfXSaZMoW7CftN5uLEMbDOVIuPweyrtWSMPdMMeoCZqn_I77Q5rTbjxmXpStgIXWVoIYUz3l70AXyAxwEJk01o3RYfIhKXMHduOpTUWpgkoCNUpb7p4POXb6RuH3aARJxIIDWi7ke1VQbCPNEN2FutYS_mBhArde0XMXW07-FDD1KEGIBCos5hD5fi-putHju_xFfTbwoOPFfICtB00RKlnKI-PppWfJ6s9xYNQEa-Z9rzGkD9G6f1rehFPDN3wvCqHf3PzXLI77sHRiZac6Q6CxaNSKF7w%26adurl%3D
Requested by
Host: 64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
URL: https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.243.149.243.136.clients.your-server.de
Software
Apache /
Resource Hash
3117ad5de3ea6721f0bf8d52b3cf517ad5d3a1f6cb73c139efc341a256f4de94

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 01:23:27 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4112
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame F8B4 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
117082
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Dec 2022 16:52:05 GMT
expires
Tue, 19 Dec 2023 16:52:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame F8B4 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 15:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35230
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Dec 2023 15:36:17 GMT
request.php
hal900022.redintelligence.net/ Frame C0E1 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900022.redintelligence.net/request.php?zone=s2gk7r78n0fa&nw=20&renderingType=javascript&namespace=1051820b23&subid=&uid=4abdfa0f8b68386f&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DPR6t33mrTJhGlSmLhjWoZQ%26exch_seat%3D20035004448%26mt_aid%3D7522459496293314414%26mt_id%3D6622335%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dc18163a2-600f-4001-8f9c-eaef7f711a55%26mt_cid%3Dc18163a2-600f-4001-8f9c-eaef7f711a55%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC3NFLDmCiY67AKbKKjuwPhc-g-AzPh46bXMCG2YLGAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0zODgwNjYxNDUxNDAwMTQxyAEJ4AIAqAMBqgT3AU_QsICNhRxPU52zcc_96WLBuLGDiFvSurOKwisUNF9M12pIXFYmaKulFIs_g2SLOL9vp3a1aMivjVv6ibC3mdNQlTqSL1a2Ju7QR5AIn6fGxtr3lXwxLQSWfc4ruZpRy-hPx3oCQ97qsgFBdGqSc0gnCgRKoWF0m314PjZM7uCNnNHVmVzaaU9WvlmAMqUpcwojhnC6qI9hRWwxdYEIVasQuhw--qUNDBI2uJRKbPKFs2vNXxya2-cU1junVe9X3w-qLNzmutcC5PXg9_w-YdrAn7NiYFyFNz94vrMhT01LfpKFw_y89f9ePNRpeOu8YXjXEIk93xHgBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2fRXY0ERBEufrNIa8O9Ey2JXukIw%2526client%253Dca-pub-3880661451400141%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=8577101538429&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/s2gk7r78n0fa?subid=&gdpr=1&gdpr_consent=li&rnd=7522459496293314414&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DPR6t33mrTJhGlSmLhjWoZQ%26exch_seat%3D20035004448%26mt_aid%3D7522459496293314414%26mt_id%3D6622335%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dc18163a2-600f-4001-8f9c-eaef7f711a55%26mt_cid%3Dc18163a2-600f-4001-8f9c-eaef7f711a55%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC3NFLDmCiY67AKbKKjuwPhc-g-AzPh46bXMCG2YLGAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0zODgwNjYxNDUxNDAwMTQxyAEJ4AIAqAMBqgT3AU_QsICNhRxPU52zcc_96WLBuLGDiFvSurOKwisUNF9M12pIXFYmaKulFIs_g2SLOL9vp3a1aMivjVv6ibC3mdNQlTqSL1a2Ju7QR5AIn6fGxtr3lXwxLQSWfc4ruZpRy-hPx3oCQ97qsgFBdGqSc0gnCgRKoWF0m314PjZM7uCNnNHVmVzaaU9WvlmAMqUpcwojhnC6qI9hRWwxdYEIVasQuhw--qUNDBI2uJRKbPKFs2vNXxya2-cU1junVe9X3w-qLNzmutcC5PXg9_w-YdrAn7NiYFyFNz94vrMhT01LfpKFw_y89f9ePNRpeOu8YXjXEIk93xHgBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2fRXY0ERBEufrNIa8O9Ey2JXukIw%2526client%253Dca-pub-3880661451400141%2526adurl%253D%26redirect%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
6a002b933231a85e9ee53313408dc9d34d71f6eaa8d79d657d848df3c13cba11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Dec 2022 01:23:27 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
47327900005071000951403012180022
Connection
close
Content-Length
1161
Expires
Wed, 21 Dec 2022 01:23:27 +0100
request.php
hal90007.redintelligence.net/ Frame F581
Redirect Chain
  • https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4c591368de&subid=&uid=d9af5fbc48323ebb&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4c591368de&subid=&uid=d9af5fbc48323ebb&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4c591368de&subid=&uid=d9af5fbc48323ebb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPZpjDmCiY9iAKMKL3gPg4o2QAqblvaBprZWcp8kP8C4QASDiw8g8YJWCgICgB8gBCakCY01OGwTUsT6oAwGqBOMBT9CHxCQcujokdsEHIEfqpu3FArGj1-_JiJ8kdcqBSYBigUuI-rPDB76z4kYG6blZ9Y_exkrcaV_5HCNVXdzwApb_EA9GVIn--UawT2qdO1MGxjfnxJEsBWwtap1U4PQHjOsoTKcav-Zxm8p18MqTy9VF9ignadv1LG-sFCIMu1bAm2kGGdHsUrWhgn1JkE1DS0FF4vq0iXdeKVPS5guoSQ5ZBBJcfrozi-FYRf6QL1ib2J_6sRa3Bq4I-9EruLxjLHf1qzAXYiKTn7oXZUbDJwyT6qGX885mVRAur05ni2Ww3o3ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9V85Zk_Z3-1rLlB7dHZzA8_-3wVelwQFSHQSI4LUHJSrjEpFmQKz6YsRUDtD7nqPguba8rRJW3ojl8qhaqpgj0PT3B0s9DL4YASAT%26sig%3DAOD64_2tEiSxO5Tyh5h8n4zCBfWnNeCZww%26client%3Dca-pub-3880661451400141%26dbm_c%3DAKAmf-BbPB14GTqjfUCmEjrMd-ZPRkpv8xdPUGg1OjyWoJnA4jjVt856t9LdeaFLLKklRwHtnfopawsrD4weIZe84ebbYZkIv1BBDRpzuZAxs7LoRHUl2YTojwIZ1aApNJnYzkS-pvsitWo0nUAveolEjqL-0Gm7T7PrYgeB3vd2aMudi9_TdGc%26cry%3D1%26dbm_d%3DAKAmf-BOb8pLG41W3sAzOwnR8yWbbc8nZO-Du4FEFpMoVkdwtjOGqnsLK5_FNgDoNHk-ZAtjhqeVWwMsKB09b5s9op1gTwt-byeOvsIskLS3NjjCQrZ8q7OTgqPeP4TdFQqO7hhTGk-hvWwsF3kl1gLkl17Gil6XAIQb61sUShyq-OIA7MBKqC9iTL8F3BC4P0cBs6AYKI4H6DO3O0dc4akgh_wVwz6RKuOiUBcmyV89bDovDAjNeN9hMYriCzYUBVHrPHpxAniIYuADE3E0q6dpIDBKD3mQOtt60Ss8L0GefM3hI6_ADq_v4Nx4UZ9uh97YfXSaZMoW7CftN5uLEMbDOVIuPweyrtWSMPdMMeoCZqn_I77Q5rTbjxmXpStgIXWVoIYUz3l70AXyAxwEJk01o3RYfIhKXMHduOpTUWpgkoCNUpb7p4POXb6RuH3aARJxIIDWi7ke1VQbCPNEN2FutYS_mBhArde0XMXW07-FDD1KEGIBCos5hD5fi-putHju_xFfTbwoOPFfICtB00RKlnKI-PppWfJ6s9xYNQEa-Z9rzGkD9G6f1rehFPDN3wvCqHf3PzXLI77sHRiZac6Q6CxaNSKF7w%26adurl%3D&documentReferer=https%3A%2F%2Fwww.carousell.com.hk%2F&ancestorOrigins=https%3A%2F%2Fwww.carousell.com.hk&random=2665032489694&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
URL: https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
3aec5a118d5ba800fbf161c0cfcc7f9966be49774a3599549f6b8672672efd5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Dec 2022 01:23:27 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
90334400005085904444554012180007
Connection
close
Content-Length
1304
Expires
Wed, 21 Dec 2022 01:23:27 +0100

Redirect headers

Pragma
no-cache
Date
Wed, 21 Dec 2022 01:23:27 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4c591368de&subid=&uid=d9af5fbc48323ebb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPZpjDmCiY9iAKMKL3gPg4o2QAqblvaBprZWcp8kP8C4QASDiw8g8YJWCgICgB8gBCakCY01OGwTUsT6oAwGqBOMBT9CHxCQcujokdsEHIEfqpu3FArGj1-_JiJ8kdcqBSYBigUuI-rPDB76z4kYG6blZ9Y_exkrcaV_5HCNVXdzwApb_EA9GVIn--UawT2qdO1MGxjfnxJEsBWwtap1U4PQHjOsoTKcav-Zxm8p18MqTy9VF9ignadv1LG-sFCIMu1bAm2kGGdHsUrWhgn1JkE1DS0FF4vq0iXdeKVPS5guoSQ5ZBBJcfrozi-FYRf6QL1ib2J_6sRa3Bq4I-9EruLxjLHf1qzAXYiKTn7oXZUbDJwyT6qGX885mVRAur05ni2Ww3o3ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9V85Zk_Z3-1rLlB7dHZzA8_-3wVelwQFSHQSI4LUHJSrjEpFmQKz6YsRUDtD7nqPguba8rRJW3ojl8qhaqpgj0PT3B0s9DL4YASAT%26sig%3DAOD64_2tEiSxO5Tyh5h8n4zCBfWnNeCZww%26client%3Dca-pub-3880661451400141%26dbm_c%3DAKAmf-BbPB14GTqjfUCmEjrMd-ZPRkpv8xdPUGg1OjyWoJnA4jjVt856t9LdeaFLLKklRwHtnfopawsrD4weIZe84ebbYZkIv1BBDRpzuZAxs7LoRHUl2YTojwIZ1aApNJnYzkS-pvsitWo0nUAveolEjqL-0Gm7T7PrYgeB3vd2aMudi9_TdGc%26cry%3D1%26dbm_d%3DAKAmf-BOb8pLG41W3sAzOwnR8yWbbc8nZO-Du4FEFpMoVkdwtjOGqnsLK5_FNgDoNHk-ZAtjhqeVWwMsKB09b5s9op1gTwt-byeOvsIskLS3NjjCQrZ8q7OTgqPeP4TdFQqO7hhTGk-hvWwsF3kl1gLkl17Gil6XAIQb61sUShyq-OIA7MBKqC9iTL8F3BC4P0cBs6AYKI4H6DO3O0dc4akgh_wVwz6RKuOiUBcmyV89bDovDAjNeN9hMYriCzYUBVHrPHpxAniIYuADE3E0q6dpIDBKD3mQOtt60Ss8L0GefM3hI6_ADq_v4Nx4UZ9uh97YfXSaZMoW7CftN5uLEMbDOVIuPweyrtWSMPdMMeoCZqn_I77Q5rTbjxmXpStgIXWVoIYUz3l70AXyAxwEJk01o3RYfIhKXMHduOpTUWpgkoCNUpb7p4POXb6RuH3aARJxIIDWi7ke1VQbCPNEN2FutYS_mBhArde0XMXW07-FDD1KEGIBCos5hD5fi-putHju_xFfTbwoOPFfICtB00RKlnKI-PppWfJ6s9xYNQEa-Z9rzGkD9G6f1rehFPDN3wvCqHf3PzXLI77sHRiZac6Q6CxaNSKF7w%26adurl%3D&documentReferer=https%3A%2F%2Fwww.carousell.com.hk%2F&ancestorOrigins=https%3A%2F%2Fwww.carousell.com.hk&random=2665032489694&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Wed, 21 Dec 2022 01:23:27 +0100
gen_204
pagead2.googlesyndication.com/pagead/ Frame F8B4 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BFaVcD2CiY4mJCdCTjuwPkeWQoAMAAAAAOAHgBAI&bg=!iIuli8_NAAYgquz3AKo7ACkAdvg8WqXqB5F2c-ncFjpK2C03DS-i5iTPm_1djAWZ_0gaP_m2UOzPZwIAAABYUgAAAAJoAQeZA0PsSWd7g3_i33uHaxoUVLUIPsvIiMPPh7iZUq6y66ErPyprLAebltHGI_0Uxgms-A11d0ZGo9Mfo_YAdV_QR0QDq924EE--AsLxg1olU5HT7SoMh3ZbARYO-jtUJa-at2bSJC-89EU-6CIOjan6fOG0SYJUcRgtLBhscQ8PLF_cAPr_1bcffdYOtJ80V1eUCsumCG7CmGylFxDdyb3tWtsumI7K1B-MKPpnCchtg1Mu4gEuE3oQOraQSmqF-_x4z60E1nehHieDeyAGq-xMLJXWsdCDwKpOLWulOMuyt1Uo4ZxAG8iIx_fMQSEmXueU2zOLvG7N1x-PM6s713C2qCdjs6hJMZji_4YexfSvYeHjQZ0i1HSpo4IYPwgkcVlSslOk2pAZG_OqOtOmgxQbX7_g7RYpfwgpFqZgcp-wHcPNb2cXq_6M6rtXdOx-OFTDvw_YFTTRVQpqbAsPECloBtdy0Wa7DuGd7ESlPlgr-RU5jTcSVfxMgskPr3daNRqNB5LLj6V1DFcSnjfZ8-UHx6LfJ4aJJ9ZDWAXsb-p9mybub20Uk3HO-b2K35UW6Fyre40P7pnCvrJWAIDlXotx4u6hA5lEBJwpbtZ4qHHIiwtshJrJPlfn4KilbXrx0h67MhAqOyxRhstMaJ7zIRDjwsu74HwSqruOgbAv-rgjWxPbJJ3k-Z4pHD1jLezeP-4kQeWm0GdCcRae7ObCtUqrz1NssuDhMpQF5xY2LCLhd2AJmnLxNn3qU3gHpSmuk8dL1c1-xe2dTAEdP8yn_rtdAZQjVT1MOo2BeMfQVIMCJi-MQC5XexAjFwtepa38bjmkd3K262CiceXv_9O8w6fK_bjPXnlJt1sB04niBFJkIJlyH6C0a8mhj5RmjFBOpwyRuy7tSsBn9Ro7KHI2xgcxSkg2uzT6rEwQhj2knmEKboAEX19ur0lEYptex-OLfFi3npWRVpJlIMgawPFGADvcK64b0X5Yo2BqWXK8-AuaZuDfg3QGp1Xu9pRWJ1RlNYmi052ukEF0ov3xOIj_POdM3adaiVbJ1ajtZKtTEGduLo0hRq4phF8_wTnjo-6W1ZWTVS1gltylmuaA6DGI5yzG6wt90SDZ
Requested by
Host: 64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
URL: https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view.aspx
pb.media01.eu/ Frame BA97
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=47327900005071000951403012180022&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=47327900005071000951403012180022&actionid=981741&produktid=&dt_url=
0
178 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=47327900005071000951403012180022&actionid=981741&produktid=&dt_url=
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=s2gk7r78n0fa&nw=20&renderingType=javascript&namespace=1051820b23&subid=&uid=4abdfa0f8b68386f&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DPR6t33mrTJhGlSmLhjWoZQ%26exch_seat%3D20035004448%26mt_aid%3D7522459496293314414%26mt_id%3D6622335%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dc18163a2-600f-4001-8f9c-eaef7f711a55%26mt_cid%3Dc18163a2-600f-4001-8f9c-eaef7f711a55%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC3NFLDmCiY67AKbKKjuwPhc-g-AzPh46bXMCG2YLGAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0zODgwNjYxNDUxNDAwMTQxyAEJ4AIAqAMBqgT3AU_QsICNhRxPU52zcc_96WLBuLGDiFvSurOKwisUNF9M12pIXFYmaKulFIs_g2SLOL9vp3a1aMivjVv6ibC3mdNQlTqSL1a2Ju7QR5AIn6fGxtr3lXwxLQSWfc4ruZpRy-hPx3oCQ97qsgFBdGqSc0gnCgRKoWF0m314PjZM7uCNnNHVmVzaaU9WvlmAMqUpcwojhnC6qI9hRWwxdYEIVasQuhw--qUNDBI2uJRKbPKFs2vNXxya2-cU1junVe9X3w-qLNzmutcC5PXg9_w-YdrAn7NiYFyFNz94vrMhT01LfpKFw_y89f9ePNRpeOu8YXjXEIk93xHgBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2fRXY0ERBEufrNIa8O9Ey2JXukIw%2526client%253Dca-pub-3880661451400141%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=8577101538429&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 21 Dec 2022 01:23:27 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Wed, 21 Dec 2022 02:23:27 GMT
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

Content-Length
0
Content-Type
application/javascript
Date
Wed, 21 Dec 2022 01:23:27 GMT
Host
pv.medialead.de
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=47327900005071000951403012180022&actionid=981741&produktid=&dt_url=
Proxy-Host
pv.medialead.de
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40027
X-IPLB-Request-ID
D972DA18:957C_91EFC182:01BB_63A2600F_179FD0B:2BF7
/
adv.office-partner.de/ Frame 107B 		930 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=s2gk7r78n0fa&nw=20&renderingType=javascript&namespace=1051820b23&subid=&uid=4abdfa0f8b68386f&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DPR6t33mrTJhGlSmLhjWoZQ%26exch_seat%3D20035004448%26mt_aid%3D7522459496293314414%26mt_id%3D6622335%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dc18163a2-600f-4001-8f9c-eaef7f711a55%26mt_cid%3Dc18163a2-600f-4001-8f9c-eaef7f711a55%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC3NFLDmCiY67AKbKKjuwPhc-g-AzPh46bXMCG2YLGAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0zODgwNjYxNDUxNDAwMTQxyAEJ4AIAqAMBqgT3AU_QsICNhRxPU52zcc_96WLBuLGDiFvSurOKwisUNF9M12pIXFYmaKulFIs_g2SLOL9vp3a1aMivjVv6ibC3mdNQlTqSL1a2Ju7QR5AIn6fGxtr3lXwxLQSWfc4ruZpRy-hPx3oCQ97qsgFBdGqSc0gnCgRKoWF0m314PjZM7uCNnNHVmVzaaU9WvlmAMqUpcwojhnC6qI9hRWwxdYEIVasQuhw--qUNDBI2uJRKbPKFs2vNXxya2-cU1junVe9X3w-qLNzmutcC5PXg9_w-YdrAn7NiYFyFNz94vrMhT01LfpKFw_y89f9ePNRpeOu8YXjXEIk93xHgBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2fRXY0ERBEufrNIa8O9Ey2JXukIw%2526client%253Dca-pub-3880661451400141%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=8577101538429&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Wed, 21 Dec 2022 01:23:27 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Wed, 28 Dec 2022 01:23:27 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
atvi
htlp
futalis.de/ Frame 0029
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=47327900005071000951403012180022&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1889065040
350 B
409 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1889065040
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=s2gk7r78n0fa&nw=20&renderingType=javascript&namespace=1051820b23&subid=&uid=4abdfa0f8b68386f&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DPR6t33mrTJhGlSmLhjWoZQ%26exch_seat%3D20035004448%26mt_aid%3D7522459496293314414%26mt_id%3D6622335%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dc18163a2-600f-4001-8f9c-eaef7f711a55%26mt_cid%3Dc18163a2-600f-4001-8f9c-eaef7f711a55%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC3NFLDmCiY67AKbKKjuwPhc-g-AzPh46bXMCG2YLGAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0zODgwNjYxNDUxNDAwMTQxyAEJ4AIAqAMBqgT3AU_QsICNhRxPU52zcc_96WLBuLGDiFvSurOKwisUNF9M12pIXFYmaKulFIs_g2SLOL9vp3a1aMivjVv6ibC3mdNQlTqSL1a2Ju7QR5AIn6fGxtr3lXwxLQSWfc4ruZpRy-hPx3oCQ97qsgFBdGqSc0gnCgRKoWF0m314PjZM7uCNnNHVmVzaaU9WvlmAMqUpcwojhnC6qI9hRWwxdYEIVasQuhw--qUNDBI2uJRKbPKFs2vNXxya2-cU1junVe9X3w-qLNzmutcC5PXg9_w-YdrAn7NiYFyFNz94vrMhT01LfpKFw_y89f9ePNRpeOu8YXjXEIk93xHgBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2fRXY0ERBEufrNIa8O9Ey2JXukIw%2526client%253Dca-pub-3880661451400141%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=8577101538429&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.22.42 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-3.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Wed, 21 Dec 2022 01:23:27 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1889065040
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
link.html
track.webgains.com/ Frame C0E1 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=47327900005071000951403012180022&nw=1
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.151.109 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-151-109.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
528cc9da1c47b7f1a60c825d01e4726e32d5b4d03db53232a8a9554da9666a5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:27 GMT
last-modified
Wed, 21 Dec 2022 01:23:27 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 21 Dec 2022 01:24:27 GMT
request_content.php
hal900022.redintelligence.net/ Frame 3A6B 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900022.redintelligence.net/request_content.php?s=47327900005071000951403012180022&a=3fbbb2d3
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request.php?zone=s2gk7r78n0fa&nw=20&renderingType=javascript&namespace=1051820b23&subid=&uid=4abdfa0f8b68386f&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DPR6t33mrTJhGlSmLhjWoZQ%26exch_seat%3D20035004448%26mt_aid%3D7522459496293314414%26mt_id%3D6622335%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3Dc18163a2-600f-4001-8f9c-eaef7f711a55%26mt_cid%3Dc18163a2-600f-4001-8f9c-eaef7f711a55%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC3NFLDmCiY67AKbKKjuwPhc-g-AzPh46bXMCG2YLGAsCNtwEQASAAYJWCgICgB4IBF2NhLXB1Yi0zODgwNjYxNDUxNDAwMTQxyAEJ4AIAqAMBqgT3AU_QsICNhRxPU52zcc_96WLBuLGDiFvSurOKwisUNF9M12pIXFYmaKulFIs_g2SLOL9vp3a1aMivjVv6ibC3mdNQlTqSL1a2Ju7QR5AIn6fGxtr3lXwxLQSWfc4ruZpRy-hPx3oCQ97qsgFBdGqSc0gnCgRKoWF0m314PjZM7uCNnNHVmVzaaU9WvlmAMqUpcwojhnC6qI9hRWwxdYEIVasQuhw--qUNDBI2uJRKbPKFs2vNXxya2-cU1junVe9X3w-qLNzmutcC5PXg9_w-YdrAn7NiYFyFNz94vrMhT01LfpKFw_y89f9ePNRpeOu8YXjXEIk93xHgBAGABoznzbbVuJuN0gGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_2fRXY0ERBEufrNIa8O9Ey2JXukIw%2526client%253Dca-pub-3880661451400141%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=8577101538429&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
cbc012fb0c0fa25b73c82446a22d582edd48782b0f97d852b70d211f29cb83a6

Request headers

Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2202
Content-Type
text/html; charset=utf-8
Date
Wed, 21 Dec 2022 01:23:27 GMT
Expires
Wed, 21 Dec 2022 01:23:27 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
native.png
ad-server.eu/wm/pb/ Frame C0E1
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=47327900005071000951403012180022
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=47327900005071000951403012180022
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: 64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
URL: https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 01:26:42 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Wed, 21 Dec 2022 01:23:27 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
D972DA18:959E_91EFC182:01BB_63A2600F_179DEFA:2BF9
X-IPLB-Instance
40027
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
cshow.php
www.awin1.com/ Frame C0E1 		43 B
705 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=47327900005071000951403012180022&pv=1
Requested by
Host: 64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
URL: https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.24.12.207 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-12-207.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Dec 2022 01:23:27 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
truncated
/ Frame C0E1 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
25ec986d54fac97b84a89de86fa9679ef153b1a20566f20ee4827a1a9d509331

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
postback
s.update.mediamathtag.com/2/2.87.1/619621/AbVAWhIUEeMS3Ra2/ Frame C0E1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/619621/AbVAWhIUEeMS3Ra2/postback?oz_pl=1&pp=pub-3880661451400141&sr=4&ci=619621&ui=cb6cf9d6-0000-0000-0000-000000000000&ti=7522459496293314414&si=781327868&cr=6622335&ai=216536&dt=6196211556140246740000&pd=avt&di=https%3A%2F%2Fwww.carousell.com.hk%2Fp%2Fbrand-new-ysl-coins-bag-127871130&r2=&r3=&c1=4562306&r1=2001%3A1b60%3A2%3A%3A&ap=&pv=e8cd9eb3-7151-43f1-9965-f3e25a6a6ad6&de=43003&dm=970x250&ac=651871&_x=1
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130&ui=cb6cf9d6-0000-0000-0000-000000000000&ap=&ti=7522459496293314414&pv=e8cd9eb3-7151-43f1-9965-f3e25a6a6ad6&pp=pub-3880661451400141&sr=4&de=43003&si=781327868&dm=970x250&ac=651871&cr=6622335&ai=216536&c1=4562306&r1=2001:1b60:2::&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 21 Dec 2022 01:23:27 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
main.js
s.update.mediamathtag.com/2/2.87.1/ Frame C0E1 		171 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/main.js
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130&ui=cb6cf9d6-0000-0000-0000-000000000000&ap=&ti=7522459496293314414&pv=e8cd9eb3-7151-43f1-9965-f3e25a6a6ad6&pp=pub-3880661451400141&sr=4&de=43003&si=781327868&dm=970x250&ac=651871&cr=6622335&ai=216536&c1=4562306&r1=2001:1b60:2::&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c80196cf0e91f54b3344d2552774499268d7ecb47d352097198da0401d6db93e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 01:23:27 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
br
Accept-Ch
Viewport-Width, Viewport-Height, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary
Origin, Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Cache-Control
public, no-transform, immutable, max-age=999999999
Timing-Allow-Origin
*
Content-Length
54838
Expires
Fri, 28 Aug 2054 17:27:11 GMT
css
fonts.googleapis.com/ Frame 3A6B 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=47327900005071000951403012180022&a=3fbbb2d3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 21 Dec 2022 01:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 21 Dec 2022 00:02:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Dec 2022 01:23:27 GMT
/
hal9000.redintelligence.net/scale/ Frame 3A6B 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=47327900005071000951403012180022&a=3fbbb2d3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.243.149.243.136.clients.your-server.de
Software
Apache /
Resource Hash
14d06dbdb68c4b7f406492e8bf5f5f7f10f384e9025b9b8e1ec93bf216ee836f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 01:23:27 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 3A6B 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=47327900005071000951403012180022&a=3fbbb2d3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.243.149.243.136.clients.your-server.de
Software
Apache /
Resource Hash
319d26e2af6601102956ac6a0e669587a08d312523727096d2538597d0458b46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 01:23:27 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
57936
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 3A6B 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=47327900005071000951403012180022&a=3fbbb2d3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.243.149.243.136.clients.your-server.de
Software
Apache /
Resource Hash
6052d2b170e393d4299e16293078141b527340737f53f8814a84c776d7ad82f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 01:23:27 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
47354
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 3A6B 		59 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=240&height=150&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=47327900005071000951403012180022&a=3fbbb2d3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.243.149.243.136.clients.your-server.de
Software
Apache /
Resource Hash
6392b9245ca90e7a737483a2ef7dca656a435699a1dbea2f12a54956b9d40ba2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 01:23:27 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
59769
Vary
Accept-Encoding
Content-Type
image/png
/
adv.office-partner.de/ Frame 983F 		930 B
930 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4c591368de&subid=&uid=d9af5fbc48323ebb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPZpjDmCiY9iAKMKL3gPg4o2QAqblvaBprZWcp8kP8C4QASDiw8g8YJWCgICgB8gBCakCY01OGwTUsT6oAwGqBOMBT9CHxCQcujokdsEHIEfqpu3FArGj1-_JiJ8kdcqBSYBigUuI-rPDB76z4kYG6blZ9Y_exkrcaV_5HCNVXdzwApb_EA9GVIn--UawT2qdO1MGxjfnxJEsBWwtap1U4PQHjOsoTKcav-Zxm8p18MqTy9VF9ignadv1LG-sFCIMu1bAm2kGGdHsUrWhgn1JkE1DS0FF4vq0iXdeKVPS5guoSQ5ZBBJcfrozi-FYRf6QL1ib2J_6sRa3Bq4I-9EruLxjLHf1qzAXYiKTn7oXZUbDJwyT6qGX885mVRAur05ni2Ww3o3ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9V85Zk_Z3-1rLlB7dHZzA8_-3wVelwQFSHQSI4LUHJSrjEpFmQKz6YsRUDtD7nqPguba8rRJW3ojl8qhaqpgj0PT3B0s9DL4YASAT%26sig%3DAOD64_2tEiSxO5Tyh5h8n4zCBfWnNeCZww%26client%3Dca-pub-3880661451400141%26dbm_c%3DAKAmf-BbPB14GTqjfUCmEjrMd-ZPRkpv8xdPUGg1OjyWoJnA4jjVt856t9LdeaFLLKklRwHtnfopawsrD4weIZe84ebbYZkIv1BBDRpzuZAxs7LoRHUl2YTojwIZ1aApNJnYzkS-pvsitWo0nUAveolEjqL-0Gm7T7PrYgeB3vd2aMudi9_TdGc%26cry%3D1%26dbm_d%3DAKAmf-BOb8pLG41W3sAzOwnR8yWbbc8nZO-Du4FEFpMoVkdwtjOGqnsLK5_FNgDoNHk-ZAtjhqeVWwMsKB09b5s9op1gTwt-byeOvsIskLS3NjjCQrZ8q7OTgqPeP4TdFQqO7hhTGk-hvWwsF3kl1gLkl17Gil6XAIQb61sUShyq-OIA7MBKqC9iTL8F3BC4P0cBs6AYKI4H6DO3O0dc4akgh_wVwz6RKuOiUBcmyV89bDovDAjNeN9hMYriCzYUBVHrPHpxAniIYuADE3E0q6dpIDBKD3mQOtt60Ss8L0GefM3hI6_ADq_v4Nx4UZ9uh97YfXSaZMoW7CftN5uLEMbDOVIuPweyrtWSMPdMMeoCZqn_I77Q5rTbjxmXpStgIXWVoIYUz3l70AXyAxwEJk01o3RYfIhKXMHduOpTUWpgkoCNUpb7p4POXb6RuH3aARJxIIDWi7ke1VQbCPNEN2FutYS_mBhArde0XMXW07-FDD1KEGIBCos5hD5fi-putHju_xFfTbwoOPFfICtB00RKlnKI-PppWfJ6s9xYNQEa-Z9rzGkD9G6f1rehFPDN3wvCqHf3PzXLI77sHRiZac6Q6CxaNSKF7w%26adurl%3D&documentReferer=https%3A%2F%2Fwww.carousell.com.hk%2F&ancestorOrigins=https%3A%2F%2Fwww.carousell.com.hk&random=2665032489694&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:401::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn-engine /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Wed, 21 Dec 2022 01:23:27 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Wed, 28 Dec 2022 01:23:27 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn-engine
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
atvi
view.aspx
pb.media01.eu/ Frame AC47
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=90334400005085904444554012180007&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=90334400005085904444554012180007&actionid=981741&produktid=&dt_url=
0
605 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=90334400005085904444554012180007&actionid=981741&produktid=&dt_url=
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4c591368de&subid=&uid=d9af5fbc48323ebb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPZpjDmCiY9iAKMKL3gPg4o2QAqblvaBprZWcp8kP8C4QASDiw8g8YJWCgICgB8gBCakCY01OGwTUsT6oAwGqBOMBT9CHxCQcujokdsEHIEfqpu3FArGj1-_JiJ8kdcqBSYBigUuI-rPDB76z4kYG6blZ9Y_exkrcaV_5HCNVXdzwApb_EA9GVIn--UawT2qdO1MGxjfnxJEsBWwtap1U4PQHjOsoTKcav-Zxm8p18MqTy9VF9ignadv1LG-sFCIMu1bAm2kGGdHsUrWhgn1JkE1DS0FF4vq0iXdeKVPS5guoSQ5ZBBJcfrozi-FYRf6QL1ib2J_6sRa3Bq4I-9EruLxjLHf1qzAXYiKTn7oXZUbDJwyT6qGX885mVRAur05ni2Ww3o3ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9V85Zk_Z3-1rLlB7dHZzA8_-3wVelwQFSHQSI4LUHJSrjEpFmQKz6YsRUDtD7nqPguba8rRJW3ojl8qhaqpgj0PT3B0s9DL4YASAT%26sig%3DAOD64_2tEiSxO5Tyh5h8n4zCBfWnNeCZww%26client%3Dca-pub-3880661451400141%26dbm_c%3DAKAmf-BbPB14GTqjfUCmEjrMd-ZPRkpv8xdPUGg1OjyWoJnA4jjVt856t9LdeaFLLKklRwHtnfopawsrD4weIZe84ebbYZkIv1BBDRpzuZAxs7LoRHUl2YTojwIZ1aApNJnYzkS-pvsitWo0nUAveolEjqL-0Gm7T7PrYgeB3vd2aMudi9_TdGc%26cry%3D1%26dbm_d%3DAKAmf-BOb8pLG41W3sAzOwnR8yWbbc8nZO-Du4FEFpMoVkdwtjOGqnsLK5_FNgDoNHk-ZAtjhqeVWwMsKB09b5s9op1gTwt-byeOvsIskLS3NjjCQrZ8q7OTgqPeP4TdFQqO7hhTGk-hvWwsF3kl1gLkl17Gil6XAIQb61sUShyq-OIA7MBKqC9iTL8F3BC4P0cBs6AYKI4H6DO3O0dc4akgh_wVwz6RKuOiUBcmyV89bDovDAjNeN9hMYriCzYUBVHrPHpxAniIYuADE3E0q6dpIDBKD3mQOtt60Ss8L0GefM3hI6_ADq_v4Nx4UZ9uh97YfXSaZMoW7CftN5uLEMbDOVIuPweyrtWSMPdMMeoCZqn_I77Q5rTbjxmXpStgIXWVoIYUz3l70AXyAxwEJk01o3RYfIhKXMHduOpTUWpgkoCNUpb7p4POXb6RuH3aARJxIIDWi7ke1VQbCPNEN2FutYS_mBhArde0XMXW07-FDD1KEGIBCos5hD5fi-putHju_xFfTbwoOPFfICtB00RKlnKI-PppWfJ6s9xYNQEa-Z9rzGkD9G6f1rehFPDN3wvCqHf3PzXLI77sHRiZac6Q6CxaNSKF7w%26adurl%3D&documentReferer=https%3A%2F%2Fwww.carousell.com.hk%2F&ancestorOrigins=https%3A%2F%2Fwww.carousell.com.hk&random=2665032489694&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 21 Dec 2022 01:23:27 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Wed, 21 Dec 2022 02:23:27 GMT
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

Content-Length
0
Content-Type
application/javascript
Date
Wed, 21 Dec 2022 01:23:27 GMT
Host
pv.medialead.de
Keep-Alive
timeout=20
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=90334400005085904444554012180007&actionid=981741&produktid=&dt_url=
Proxy-Host
pv.medialead.de
Server
nginx/1.17.5
Strict-Transport-Security
max-age=15768000
X-IPLB-Instance
40027
X-IPLB-Request-ID
D972DA18:9594_91EFC182:01BB_63A2600F_179FD0D:2BF7
index.html
www.parship.de/wplp/htlp/de/ Frame FE64
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2661283&v=11524&q=391598&r=296283&pref1=90334400005085904444554012180007&pv=1
  • https://trf.greatviews.de/cl?m315=c&q=nyVlHJ2acuRY7q9fsD728kyQ
  • https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1671585807.5712300.1265d5ba-80ce-11ed-a929-00155d255900ID
558 B
895 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1671585807.5712300.1265d5ba-80ce-11ed-a929-00155d255900ID
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4c591368de&subid=&uid=d9af5fbc48323ebb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPZpjDmCiY9iAKMKL3gPg4o2QAqblvaBprZWcp8kP8C4QASDiw8g8YJWCgICgB8gBCakCY01OGwTUsT6oAwGqBOMBT9CHxCQcujokdsEHIEfqpu3FArGj1-_JiJ8kdcqBSYBigUuI-rPDB76z4kYG6blZ9Y_exkrcaV_5HCNVXdzwApb_EA9GVIn--UawT2qdO1MGxjfnxJEsBWwtap1U4PQHjOsoTKcav-Zxm8p18MqTy9VF9ignadv1LG-sFCIMu1bAm2kGGdHsUrWhgn1JkE1DS0FF4vq0iXdeKVPS5guoSQ5ZBBJcfrozi-FYRf6QL1ib2J_6sRa3Bq4I-9EruLxjLHf1qzAXYiKTn7oXZUbDJwyT6qGX885mVRAur05ni2Ww3o3ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9V85Zk_Z3-1rLlB7dHZzA8_-3wVelwQFSHQSI4LUHJSrjEpFmQKz6YsRUDtD7nqPguba8rRJW3ojl8qhaqpgj0PT3B0s9DL4YASAT%26sig%3DAOD64_2tEiSxO5Tyh5h8n4zCBfWnNeCZww%26client%3Dca-pub-3880661451400141%26dbm_c%3DAKAmf-BbPB14GTqjfUCmEjrMd-ZPRkpv8xdPUGg1OjyWoJnA4jjVt856t9LdeaFLLKklRwHtnfopawsrD4weIZe84ebbYZkIv1BBDRpzuZAxs7LoRHUl2YTojwIZ1aApNJnYzkS-pvsitWo0nUAveolEjqL-0Gm7T7PrYgeB3vd2aMudi9_TdGc%26cry%3D1%26dbm_d%3DAKAmf-BOb8pLG41W3sAzOwnR8yWbbc8nZO-Du4FEFpMoVkdwtjOGqnsLK5_FNgDoNHk-ZAtjhqeVWwMsKB09b5s9op1gTwt-byeOvsIskLS3NjjCQrZ8q7OTgqPeP4TdFQqO7hhTGk-hvWwsF3kl1gLkl17Gil6XAIQb61sUShyq-OIA7MBKqC9iTL8F3BC4P0cBs6AYKI4H6DO3O0dc4akgh_wVwz6RKuOiUBcmyV89bDovDAjNeN9hMYriCzYUBVHrPHpxAniIYuADE3E0q6dpIDBKD3mQOtt60Ss8L0GefM3hI6_ADq_v4Nx4UZ9uh97YfXSaZMoW7CftN5uLEMbDOVIuPweyrtWSMPdMMeoCZqn_I77Q5rTbjxmXpStgIXWVoIYUz3l70AXyAxwEJk01o3RYfIhKXMHduOpTUWpgkoCNUpb7p4POXb6RuH3aARJxIIDWi7ke1VQbCPNEN2FutYS_mBhArde0XMXW07-FDD1KEGIBCos5hD5fi-putHju_xFfTbwoOPFfICtB00RKlnKI-PppWfJ6s9xYNQEa-Z9rzGkD9G6f1rehFPDN3wvCqHf3PzXLI77sHRiZac6Q6CxaNSKF7w%26adurl%3D&documentReferer=https%3A%2F%2Fwww.carousell.com.hk%2F&ancestorOrigins=https%3A%2F%2Fwww.carousell.com.hk&random=2665032489694&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17456f8db64aa1850fded220ab227c27b308fa5197c09e35cdf108b91a688bcd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
8
cache-control
private, no-cache, no-store, proxy-revalidate, no-transform
cdn-cache-control
max-age=30, stale-if-error=432000
cf-cache-status
HIT
cf-ray
77ccd003bc11bbec-FRA
content-encoding
gzip
content-length
325
content-type
text/html; charset=utf-8
date
Wed, 21 Dec 2022 01:23:27 GMT
last-modified
Mon, 28 Feb 2022 14:30:12 GMT
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=15552000
vary
Accept-Encoding
x-content-type-options
nosniff
x-ua-compatible
IE=edge

Redirect headers

access-control-allow-origin
*
content-type
text/html; charset=UTF-8
date
Wed, 21 Dec 2022 01:23:27 GMT
location
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1671585807.5712300.1265d5ba-80ce-11ed-a929-00155d255900ID
p3p
policyref="/w3c/p3p.xml", CP="DSP COR NID OUR IND COM NAV INT"
server
nginx
server-id
12
x-robots-tag
noindex, nofollow
link.html
track.webgains.com/ Frame F581 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=90334400005085904444554012180007&nw=1
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.133.151.109 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-133-151-109.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
eb50c95bcfb3022df529e554b0e4b435de89bdb74578a0f4d687297802e46b3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:27 GMT
last-modified
Wed, 21 Dec 2022 01:23:27 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Wed, 21 Dec 2022 01:24:27 GMT
activityi;dc_pre=CPOtorLGifwCFYT21QodwZcG7g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5923052162055.061
5994599.fls.doubleclick.net/ Frame 6135
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5923052162055.061?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CPOtorLGifwCFYT21QodwZcG7g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5923052162055.061?
391 B
241 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPOtorLGifwCFYT21QodwZcG7g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5923052162055.061?
Requested by
Host: www.carousell.com.hk
URL: https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.180.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s33-in-f6.1e100.net
Software
cafe /
Resource Hash
524a9d9e1b1c85ad9c5ce67525a0b09db650abe595c300094bd415fce2d1b13e
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=0
content-encoding
br
content-length
218
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:23:27 GMT
expires
Wed, 21 Dec 2022 01:23:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:23:27 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CPOtorLGifwCFYT21QodwZcG7g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5923052162055.061?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
request_content.php
hal90007.redintelligence.net/ Frame FDC9 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90007.redintelligence.net/request_content.php?s=90334400005085904444554012180007&a=7407c1fe
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request.php?zone=iju9wczm8trb&nw=20&renderingType=javascript&namespace=4c591368de&subid=&uid=d9af5fbc48323ebb&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCPZpjDmCiY9iAKMKL3gPg4o2QAqblvaBprZWcp8kP8C4QASDiw8g8YJWCgICgB8gBCakCY01OGwTUsT6oAwGqBOMBT9CHxCQcujokdsEHIEfqpu3FArGj1-_JiJ8kdcqBSYBigUuI-rPDB76z4kYG6blZ9Y_exkrcaV_5HCNVXdzwApb_EA9GVIn--UawT2qdO1MGxjfnxJEsBWwtap1U4PQHjOsoTKcav-Zxm8p18MqTy9VF9ignadv1LG-sFCIMu1bAm2kGGdHsUrWhgn1JkE1DS0FF4vq0iXdeKVPS5guoSQ5ZBBJcfrozi-FYRf6QL1ib2J_6sRa3Bq4I-9EruLxjLHf1qzAXYiKTn7oXZUbDJwyT6qGX885mVRAur05ni2Ww3o3ABOuP_I73A-AEA5AGAaAGTYAHrK31nwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgdMgKqAjoCgECACgOYCwHICwGADAGwE4-10Q7QEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAQSTADq26N9V85Zk_Z3-1rLlB7dHZzA8_-3wVelwQFSHQSI4LUHJSrjEpFmQKz6YsRUDtD7nqPguba8rRJW3ojl8qhaqpgj0PT3B0s9DL4YASAT%26sig%3DAOD64_2tEiSxO5Tyh5h8n4zCBfWnNeCZww%26client%3Dca-pub-3880661451400141%26dbm_c%3DAKAmf-BbPB14GTqjfUCmEjrMd-ZPRkpv8xdPUGg1OjyWoJnA4jjVt856t9LdeaFLLKklRwHtnfopawsrD4weIZe84ebbYZkIv1BBDRpzuZAxs7LoRHUl2YTojwIZ1aApNJnYzkS-pvsitWo0nUAveolEjqL-0Gm7T7PrYgeB3vd2aMudi9_TdGc%26cry%3D1%26dbm_d%3DAKAmf-BOb8pLG41W3sAzOwnR8yWbbc8nZO-Du4FEFpMoVkdwtjOGqnsLK5_FNgDoNHk-ZAtjhqeVWwMsKB09b5s9op1gTwt-byeOvsIskLS3NjjCQrZ8q7OTgqPeP4TdFQqO7hhTGk-hvWwsF3kl1gLkl17Gil6XAIQb61sUShyq-OIA7MBKqC9iTL8F3BC4P0cBs6AYKI4H6DO3O0dc4akgh_wVwz6RKuOiUBcmyV89bDovDAjNeN9hMYriCzYUBVHrPHpxAniIYuADE3E0q6dpIDBKD3mQOtt60Ss8L0GefM3hI6_ADq_v4Nx4UZ9uh97YfXSaZMoW7CftN5uLEMbDOVIuPweyrtWSMPdMMeoCZqn_I77Q5rTbjxmXpStgIXWVoIYUz3l70AXyAxwEJk01o3RYfIhKXMHduOpTUWpgkoCNUpb7p4POXb6RuH3aARJxIIDWi7ke1VQbCPNEN2FutYS_mBhArde0XMXW07-FDD1KEGIBCos5hD5fi-putHju_xFfTbwoOPFfICtB00RKlnKI-PppWfJ6s9xYNQEa-Z9rzGkD9G6f1rehFPDN3wvCqHf3PzXLI77sHRiZac6Q6CxaNSKF7w%26adurl%3D&documentReferer=https%3A%2F%2Fwww.carousell.com.hk%2F&ancestorOrigins=https%3A%2F%2Fwww.carousell.com.hk&random=2665032489694&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
04f73161d65fbd2bbffb11ac940e30fb7b3bca6b377147e9afc2cd8ce0de3a68

Request headers

Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2075
Content-Type
text/html; charset=utf-8
Date
Wed, 21 Dec 2022 01:23:27 GMT
Expires
Wed, 21 Dec 2022 01:23:27 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
native.png
ad-server.eu/wm/pb/ Frame F581
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=90334400005085904444554012180007
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=90334400005085904444554012180007
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: 64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
URL: https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 01:26:42 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Wed, 21 Dec 2022 01:23:27 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx/1.17.5
Host
pv.medialead.de
X-IPLB-Request-ID
D972DA18:957C_91EFC182:01BB_63A2600F_179FD0F:2BF7
X-IPLB-Instance
40027
Content-Type
application/go
Location
https://ad-server.eu/wm/pb/native.png
Keep-Alive
timeout=20
Content-Length
0
Proxy-Host
pv.medialead.de
truncated
/ Frame F581 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
47050d26ee72f07d767cd80f249a2f5197e4d96f50b97a5d900d3abc91f23753

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
experiment
www.carousell.com.hk/ds/ 		2 B
111 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.carousell.com.hk/ds/experiment?
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

csrf-token
oUVrfriq-vYqc6ZAW1YfBa3cItXCyn8B0l4c
Referer
https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
application/json

Response headers

date
Wed, 21 Dec 2022 01:23:27 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
x-envoy-upstream-service-time
12
cf-ray
77ccd001ec9c903d-FRA
gtm.js
www.googletagmanager.com/ Frame 107B 		102 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0113a7a06a4ed6eb09b609e616e2c87f9e152f1b061f12f102e45aed8e40c4a3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40324
x-xss-protection
0
last-modified
Wed, 21 Dec 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 21 Dec 2022 01:23:27 GMT
gtm.js
www.googletagmanager.com/ Frame 983F 		102 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b345ecbc4215f2ad048ce1f7107edb6c973c70e0f4d6f5133d82a1d92c0d10e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40324
x-xss-protection
0
last-modified
Wed, 21 Dec 2022 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 21 Dec 2022 01:23:27 GMT
viewability
hal900022.redintelligence.net/ Frame 3A6B 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900022.redintelligence.net/viewability?s=47327900005071000951403012180022&a=f2634f38&vb=m
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=47327900005071000951403012180022&a=3fbbb2d3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/request_content.php?s=47327900005071000951403012180022&a=3fbbb2d3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 01:23:27 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 3A6B 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900022.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:24:52 GMT
x-content-type-options
nosniff
age
539915
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:24:52 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 3A6B 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900022.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 13:30:55 GMT
x-content-type-options
nosniff
age
301952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 13:30:55 GMT
css
fonts.googleapis.com/ Frame FDC9 		4 KB
651 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=90334400005085904444554012180007&a=7407c1fe
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 21 Dec 2022 01:23:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 20 Dec 2022 23:56:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 21 Dec 2022 01:23:27 GMT
/
hal9000.redintelligence.net/scale/ Frame FDC9 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=90334400005085904444554012180007&a=7407c1fe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.243.149.243.136.clients.your-server.de
Software
Apache /
Resource Hash
4b45d3f8613e74366ebc2bcdbdf664173057eab11deca29e6e4711c97b762fe1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 01:23:27 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
12113
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame FDC9 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=90334400005085904444554012180007&a=7407c1fe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.243.149.243.136.clients.your-server.de
Software
Apache /
Resource Hash
f96eee64e6089d31455cbb26a8222e4e5220eb52ef8c53be291027fcebab40fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 01:23:27 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
11597
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame FDC9 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=100&height=50&url=https://cdn.contentspread.net/24i/advertiser/51649/creativesup/PS_Herbstkampagne2019_Inga1_OnlineMarketing_Display_Yahoo_1200x627.jpg
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=90334400005085904444554012180007&a=7407c1fe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
136.243.149.243 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.243.149.243.136.clients.your-server.de
Software
Apache /
Resource Hash
e1b4343ccade4743a4d78ac6bb6a0d36e1973c65d465d9637d67012a93f81c0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90007.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 01:23:27 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
5322
Vary
Accept-Encoding
Content-Type
image/png
postback
s.update.mediamathtag.com/2/2.87.1/619621/AbVAWhIUEeMS3Ra2/ Frame C0E1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/619621/AbVAWhIUEeMS3Ra2/postback?oz_pl=1&pp=pub-3880661451400141&sr=4&ci=619621&ui=cb6cf9d6-0000-0000-0000-000000000000&ti=7522459496293314414&si=781327868&cr=6622335&ai=216536&dt=6196211556140246740000&pd=avt&di=https%3A%2F%2Fwww.carousell.com.hk%2Fp%2Fbrand-new-ysl-coins-bag-127871130&r2=&r3=&c1=4562306&r1=2001%3A1b60%3A2%3A%3A&ap=&pv=e8cd9eb3-7151-43f1-9965-f3e25a6a6ad6&de=43003&dm=970x250&ac=651871&_x=1
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=https%3A//www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130&ui=cb6cf9d6-0000-0000-0000-000000000000&ap=&ti=7522459496293314414&pv=e8cd9eb3-7151-43f1-9965-f3e25a6a6ad6&pp=pub-3880661451400141&sr=4&de=43003&si=781327868&dm=970x250&ac=651871&cr=6622335&ai=216536&c1=4562306&r1=2001:1b60:2::&r2=&r3=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 21 Dec 2022 01:23:27 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
pvClk.min.js
analytics.webgains.io/ Frame F581 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=90334400005085904444554012180007&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-41.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 08:50:10 GMT
content-encoding
gzip
via
1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 10:53:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
59598
etag
W/"0d5045593d14c9612a5d5576928a5209"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
ZBA66V1aoe6bT17y8kP5fBIyM7kGZ5Kwh8qe1Z32WSZE2oSAHrEZSw==
1x1.png
cdn.track.production.webgains.team/7121/ Frame F581 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1671586107&Signature=dY0biwlzmr3ZFMYWRrtsev~wQIJ2BYolQcTFdNGIIr1vt~6Gdy9ERhxqzba3rxAVJiTP1oOIuMSpd3Bx4ysN8OiYr0RawP~Zwad6YgPalX2T7Giy0LHMWBCIczNdxEOJfQS-yYFYIAkRjuiH2x0HKYSeicuPS6~FPEYN0pYYfCPKE1U8~Tt-iO1EGysnHT~iCzdmPCjxwkSCtGvRKwquZ4uDLYh8d1HjXhkvFCZQOFNyL4MbOfK0lpfmuotIOFNZxhl4o4oGkNynNROeLTdteumLUN2TEmWcxVMqNZqD~uInYPZFn9v0lZplGUswA9pMno~4QWgY7z6CxB1zIHIm4g__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: 64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
URL: https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 20 Dec 2022 06:06:04 GMT
via
1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
69444
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
eabEaLa5-vPVtBV7U6g8ppUa_wLWB35MCs49x4zQGqbEvLebUWnxOg==
ts.js
cdn.retailads.net/ Frame 0029 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1889065040
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:27 GMT
last-modified
Fri, 21 Jan 2022 14:35:51 GMT
server
Apache
etag
"14aa-5d6188919baaa"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5290
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=1978005561745261&bg=!dXaldjLNAAYgquz3AKo7ACkAdvg8WlBvvnQIJ32K9mS3M2DXt8xMmrtHvMZ942GP2yLwcy_4gyQuPgIAAACXUgAAAANoAQeZAuLjZhcN3PRCmtyq5KF6mpK_gg976B37WHv7jHJvzP3DxCwitmFKDeRMp9J4i9teRc7zdWz-_wT4As8xuWhWv2av3sgYKvlNeH0CUnVrr-cE3UG628yHaBmZHAqVIO2AX4hfQtByCtEaIf4nFc2lPWsXj6KJuDuuCbCCOWv-25Y-vZMlOjdZxnxlIny0Fu_yKAj9CvO88JdEuI4Vf3W51F3V6Nv2oPJN6GR-UGQ3iF4CwdAb16pyju4YoeWgqomZFPKvDJ8dM36LKefn3uex-lUF-m-Z8Qe9bFHtc9xo_a3CZ5YRgqhR6cmJM79LdxgJmdF3lQ9lataLIoHI-tL0Uqht3Ev5I22tR3jzlFfTUBqWTi9fAmfJ4gO-eBGxHHucKEvF5CFhC3bJ0Yr2vyr6zgjnJ345ZUQY_3XHNUJrhp2_kC9ywrsvlD8mA2co8mOUZo18N2J1_Wj087Fos1bSPocS9SuWo6i_t48EpY8eqDPng6tz0TXk7L1_15j1ZZNZhvvfJ3EtG3jT1ATVl_EfD_RCc0uFDyfnasDCzyZDTvq-xTE2JK9e3q2y-r2_FUESnEF2mBPTK324e_a93gTZyT0fvzSqHCmzaKixVvqhbG-EPfHRKbl_Vc_UUYt4Ctk59_g0d-nbVJpLEU21Z1_Vh2oDGWGChy-o-K8KcM3ZoDFBxR4zvzhXFjBThx8cdFSO8HycKDu6qspwOFgO0C1HD5H_9E6sdvpOfgezDPtI_ZS-FUxrQsglQgxeV6ZNVyvujM2_PSJFHHTF8NmzWQjjQNqQxLR-29hpDA9ooPqOrSSFC1_ZdfaHInqNDqwK9u2A1rgdDrWtm6PNbDhSGQlD72N9wvDG4YKnDwDH7IhQYObvWk_w7z0InmVbcltdZtk8Yu6ZWb04hdzY6NVKnqyDINTw2_o-gLfUufIPdKT4x75llA3e0YZVfNiBvuRH_xKP7Wg4QKT2Y7OM1VhXQRQVpXuqWqY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.carousell.com.hk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
postback
s.update.mediamathtag.com/2/2.87.1/619621/AbVAWhIUEeMS3Ra2/ Frame C0E1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/619621/AbVAWhIUEeMS3Ra2/postback?pp=pub-3880661451400141&sr=4&ci=619621&ui=cb6cf9d6-0000-0000-0000-000000000000&ti=7522459496293314414&si=781327868&cr=6622335&ai=216536&dt=6196211556140246740000&pd=avt&di=https%3A%2F%2Fwww.carousell.com.hk%2Fp%2Fbrand-new-ysl-coins-bag-127871130&r2=&r3=&c1=4562306&r1=2001%3A1b60%3A2%3A%3A&ap=&pv=e8cd9eb3-7151-43f1-9965-f3e25a6a6ad6&de=43003&dm=970x250&ac=651871&sid=AbVAWhIUEeMS3Ra2&oz_sc=9f563800c180e916faf73dc5&oz_df=1671585807790&oz_l=243&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.87.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 21 Dec 2022 01:23:27 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
pvClk.min.js
analytics.webgains.io/ Frame C0E1 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=47327900005071000951403012180022&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-41.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 08:50:10 GMT
content-encoding
gzip
via
1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
last-modified
Fri, 09 Dec 2022 10:53:01 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
59598
etag
W/"0d5045593d14c9612a5d5576928a5209"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
fmCQbyibTeg5nzt2sPutMVdinU1inUvJusNzVnlx2O-3KAC-9SFWqQ==
1x1.png
cdn.track.production.webgains.team/7121/ Frame C0E1 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.png?Expires=1671586107&Signature=dY0biwlzmr3ZFMYWRrtsev~wQIJ2BYolQcTFdNGIIr1vt~6Gdy9ERhxqzba3rxAVJiTP1oOIuMSpd3Bx4ysN8OiYr0RawP~Zwad6YgPalX2T7Giy0LHMWBCIczNdxEOJfQS-yYFYIAkRjuiH2x0HKYSeicuPS6~FPEYN0pYYfCPKE1U8~Tt-iO1EGysnHT~iCzdmPCjxwkSCtGvRKwquZ4uDLYh8d1HjXhkvFCZQOFNyL4MbOfK0lpfmuotIOFNZxhl4o4oGkNynNROeLTdteumLUN2TEmWcxVMqNZqD~uInYPZFn9v0lZplGUswA9pMno~4QWgY7z6CxB1zIHIm4g__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2513135&wgcampaignid=99582&js=1&viewref=47327900005071000951403012180022&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-89.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 20 Dec 2022 06:06:04 GMT
via
1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
69444
etag
"4e57de0506fbdb487ffcd53b450caee1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
2808
x-amz-cf-id
ZpPDWkTuMqFCkik1NxvrQTwLCMPnPfCX6zWJ7FAtIu_wHj-O_ETyGw==
viewability
hal90007.redintelligence.net/ Frame FDC9 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90007.redintelligence.net/viewability?s=90334400005085904444554012180007&a=56c60595&vb=m
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=90334400005085904444554012180007&a=7407c1fe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90007.redintelligence.net/request_content.php?s=90334400005085904444554012180007&a=7407c1fe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 01:23:27 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame FDC9 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90007.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 14 Dec 2022 19:24:52 GMT
x-content-type-options
nosniff
age
539915
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Dec 2023 19:24:52 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame FDC9 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90007.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 17 Dec 2022 13:30:55 GMT
x-content-type-options
nosniff
age
301952
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 17 Dec 2023 13:30:55 GMT
24cc617b-a43e-43d2-b1cf-b428ff02e290
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/ Frame 4482 		185 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/24cc617b-a43e-43d2-b1cf-b428ff02e290
Requested by
Host: 64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
URL: https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
185
Content-Type
application/javascript
sync
x.bidswitch.net/ul_cb/ Frame A134
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-QYPmpNytiZJNmLZkZTD0IvQQvbGOS4i0fIRUvg&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-QYPmpNytiZJNmLZkZTD0IvQQvbGOS4i0fIRUvg&expires=30
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-QYPmpNytiZJNmLZkZTD0IvQQvbGOS4i0fIRUvg&expires=30
Protocol
H2
Server
52.58.171.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-171-208.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-QYPmpNytiZJNmLZkZTD0IvQQvbGOS4i0fIRUvg&expires=30
date
Wed, 21 Dec 2022 01:23:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame A134
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-M8GRA9ytiZJNmLZkZTD0IvQQvbGjI4xUx6bZpw&google_cm&google_hm=ay1NOEdSQTl5dGlaSk5tTFprWlREMEl2UVF2YkdqSTR4V...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-M8GRA9ytiZJNmLZkZTD0IvQQvbGjI4xUx6bZpw&google_gid=CAESEGXBNnAK6ozWBLAt8ECt4n8&google_cver=1&google_ula=913071,0
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-M8GRA9ytiZJNmLZkZTD0IvQQvbGjI4xUx6bZpw&google_gid=CAESEGXBNnAK6ozWBLAt8ECt4n8&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1512728
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-M8GRA9ytiZJNmLZkZTD0IvQQvbGjI4xUx6bZpw&google_gid=CAESEGXBNnAK6ozWBLAt8ECt4n8&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame A134
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4525205322057580566
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4525205322057580566
Protocol
H2
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1739008
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Wed, 21 Dec 2022 01:23:27 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.24; 217.114.218.24; 952.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
bcd043b3-aa1e-4a79-a1c9-716c33281e66
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=4525205322057580566
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
r.casalemedia.com/ Frame A134 		43 B
870 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-3_og4NytiZJNmLZkZTD0IvQQvbEqWGb-SXjAtA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.154.237 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I8klALifAgl2gM0nnwTvWjZZVGrP0nZ8dZ%2FBNZOWOC7kVeIDitp8oT3mdM9hT2%2FaKrzJGKeQ5WOmkx6%2BWS2E%2F%2FRll71lrBQbWQH8w2wEYIsZGsY0VW5IBm1Mx61n3eM2hJKj"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
77ccd0044902bbbf-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0
match
ad.360yield.com/ul_cb/ Frame A134
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-7GcJxdytiZJNmLZkZTD0IvQQvbHTLpWz9vQ4GQ
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-7GcJxdytiZJNmLZkZTD0IvQQvbHTLpWz9vQ4GQ
43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-7GcJxdytiZJNmLZkZTD0IvQQvbHTLpWz9vQ4GQ
Protocol
H2
Server
34.248.149.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-149-34.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 21 Dec 2022 01:23:28 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-7GcJxdytiZJNmLZkZTD0IvQQvbHTLpWz9vQ4GQ
date
Wed, 21 Dec 2022 01:23:28 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cksync.php
contextual.media.net/ Frame A134 		45 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-VDIDsNytiZJNmLZkZTD0IvQQvbFyUDg_CPaiZQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.168.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-168-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Wed, 21 Dec 2022 01:23:28 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Wed, 21 Dec 2022 01:23:28 GMT
cookie-sync
sync.outbrain.com/ Frame A134 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-ZSI8fdytiZJNmLZkZTD0IvQQvbEAmU6HYm7sjw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 01:23:28 GMT
Cache-Control
no-cache
X-TraceId
d98846d2ca9f1f1f23afe97f5e547f8f
Content-Length
0
tap.php
pixel.rubiconproject.com/ Frame A134 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-g6aRCNytiZJNmLZkZTD0IvQQvbGhXvVhX_As5w&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame A134 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-GXL1ttytiZJNmLZkZTD0IvQQvbFiBd-eDg_WQA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.159.155.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-159-155-47.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:28 GMT
/
rtb-csync.smartadserver.com/redir/ Frame A134 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-KDhdF9ytiZJNmLZkZTD0IvQQvbEg2b9fRSPp-A
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:27 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame A134 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-Eam4rNytiZJNmLZkZTD0IvQQvbEn7o16tzuCTQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:28 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
30002
um
criteo-sync.teads.tv/ Frame A134 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-rwlEs9ytiZJNmLZkZTD0IvQQvbEtp0zKUlLdSA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

expires
Wed, 21 Dec 2022 01:23:28 GMT
pragma
no-cache
date
Wed, 21 Dec 2022 01:23:28 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame A134 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-lMR3dtytiZJNmLZkZTD0IvQQvbFr7bokKERNGQ&dongle=013b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame A134
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-pDnHSNytiZJNmLZkZTD0IvQQvbHQOioivWNVJQ
  • https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-pDnHSNytiZJNmLZkZTD0IvQQvbHQOioivWNVJQ&verify=true
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-pDnHSNytiZJNmLZkZTD0IvQQvbHQOioivWNVJQ&verify=true
Protocol
H2
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-pDnHSNytiZJNmLZkZTD0IvQQvbHQOioivWNVJQ&verify=true
date
Wed, 21 Dec 2022 01:23:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
put
e1.emxdgt.com/ Frame A134 		0
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-B-eWjtytiZJNmLZkZTD0IvQQvbHZTrTwWZHJ3Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.71.169.66 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-169-66.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:28 GMT
content-length
0
content-type
text/html
pixel
cm.adform.net/ Frame A134 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-dgouI9ytiZJNmLZkZTD0IvQQvbFE3GVUeyZAVg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:28 GMT
last-modified
Wed, 11 Oct 2017 13:40:08 GMT
server
nginx
accept-ranges
bytes
etag
"59de1f38-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame A134 		49 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-xMBdidytiZJNmLZkZTD0IvQQvbFcgkmLr0LWpw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.152 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:28 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
1
content-length
49
expires
0
demconf.jpg
dpm.demdex.net/ Frame A134
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=q_r8xqRkclu5vlwzVqiKlIyvtZwGGq9e
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=q_r8xqRkclu5vlwzVqiKlIyvtZwGGq9e
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=q_r8xqRkclu5vlwzVqiKlIyvtZwGGq9e
Protocol
HTTP/1.1
Server
52.18.15.195 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-15-195.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v045-0665c523e.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
TLBFxcPXSt8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v045-0dc3ea27c.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
7W+DanLGRB4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=q_r8xqRkclu5vlwzVqiKlIyvtZwGGq9e
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame A134 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-diuuPNytiZJNmLZkZTD0IvQQvbErKwMCZTFVbg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Wed, 21 Dec 2022 01:23:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
sync
matching.ivitrack.com/ Frame A134 		42 B
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-JlHjgNytiZJNmLZkZTD0IvQQvbFP4PVyTtTCEg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:27 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame A134 		0
881 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-6Du9CdytiZJNmLZkZTD0IvQQvbFTmITr3NwDnw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.163.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-163-246.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:28 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame A134 		42 B
584 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-o9lLmtytiZJNmLZkZTD0IvQQvbHMrdxjQaVgwQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Wed, 21 Dec 2022 01:23:28 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
criteo-partners.tremorhub.com/ Frame A134 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-4DKel9ytiZJNmLZkZTD0IvQQvbHY6H4bowm4xQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4200:d154:f19:a39d:8ac Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Wed, 21 Dec 2022 01:23:28 GMT
server
Apache-Coyote/1.1
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame A134 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-0knLf9ytiZJNmLZkZTD0IvQQvbF1WQXbfgYvWQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 21 Dec 2022 01:23:28 GMT
server
Apache
x-powered-by
PHP/7.3.29
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame A134 		0
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-6dIEUtytiZJNmLZkZTD0IvQQvbGBsCAcSxVXmQ
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
96.16.132.239 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a96-16-132-239.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 21 Dec 2022 01:23:28 GMT
x-content-type-options
nosniff
x-frame-options
DENY
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
x-xss-protection
1; mode=block
x-application-context
application
Expires
Tue, 20 Dec 2022 01:23:28 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame A134 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-W5m7WdytiZJNmLZkZTD0IvQQvbGJZrBCatUo_Q&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.251.236.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-251-236-239.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Wed, 21 Dec 2022 01:23:28 GMT
content-type
image/gif
content-length
43
access-control-allow-methods
GET, OPTIONS
access-control-request-headers
Cache-Control, Pragma
dc_pre=CPOtorLGifwCFYT21QodwZcG7g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5923052162055.061
adservice.google.com/ddm/fls/z/ Frame 6135 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CPOtorLGifwCFYT21QodwZcG7g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5923052162055.061
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CPOtorLGifwCFYT21QodwZcG7g;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5923052162055.061?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
peg_logger.js
www.parship.de/static_cms/parship/static/peg_utils/peg_logger/ Frame FE64 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Requested by
Host: www.parship.de
URL: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1671585807.5712300.1265d5ba-80ce-11ed-a929-00155d255900ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70be16b9dc61f64b3bdd8f879f8dcaaa114c52d8d22229f34605d75477555105
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1671585807.5712300.1265d5ba-80ce-11ed-a929-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:28 GMT
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Wed, 30 Nov 2022 12:34:09 GMT
x-content-type-options
nosniff
server
cloudflare
age
44722
etag
W/"63874dc1-2fc0"
vary
Accept-Encoding
content-type
application/x-javascript
content-encoding
br
cache-control
max-age=86400
cf-ray
77ccd0040c8dbbec-FRA
expires
Wed, 21 Dec 2022 12:58:01 GMT
pegtracking_combined.js
www.parship.de/static_cms/parship/static/peg_utils/tracking/ Frame FE64 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Requested by
Host: www.parship.de
URL: https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1671585807.5712300.1265d5ba-80ce-11ed-a929-00155d255900ID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b4ad4c7e9f95aa3f37f4f71e91eb0def0f2d8f5d9936eb8739718c151268fbb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1671585807.5712300.1265d5ba-80ce-11ed-a929-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:28 GMT
strict-transport-security
max-age=15552000
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Wed, 05 Oct 2022 07:17:58 GMT
x-content-type-options
nosniff
server
cloudflare
age
64243
etag
W/"633d2fa6-77ae"
vary
Accept-Encoding
content-type
application/x-javascript
content-encoding
br
cache-control
max-age=86400
cf-ray
77ccd0040c8ebbec-FRA
expires
Wed, 21 Dec 2022 07:30:13 GMT
postback
s.update.mediamathtag.com/2/2.87.1/619621/AbVAWhIUEeMS3Ra2/ Frame C0E1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/619621/AbVAWhIUEeMS3Ra2/postback?pp=pub-3880661451400141&sr=4&ci=619621&ui=cb6cf9d6-0000-0000-0000-000000000000&ti=7522459496293314414&si=781327868&cr=6622335&ai=216536&dt=6196211556140246740000&pd=avt&di=https%3A%2F%2Fwww.carousell.com.hk%2Fp%2Fbrand-new-ysl-coins-bag-127871130&r2=&r3=&c1=4562306&r1=2001%3A1b60%3A2%3A%3A&ap=&pv=e8cd9eb3-7151-43f1-9965-f3e25a6a6ad6&de=43003&dm=970x250&ac=651871&sid=AbVAWhIUEeMS3Ra2&oz_sc=9f563800c180e916faf73dc5&oz_df=1671585808018&oz_l=4847&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.87.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 21 Dec 2022 01:23:27 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
eum.min.js
eum.instana.io/ Frame FE64 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eum.instana.io/eum.min.js
Requested by
Host: www.parship.de
URL: https://www.parship.de/static_cms/parship/static/peg_utils/peg_logger/peg_logger.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:cb16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1b901586d2dba4cbb94e0ebd2edc28366164be66b6c5c6ca365f2b1cbc6d309

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1671585807.5712300.1265d5ba-80ce-11ed-a929-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:28 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Thu, 1 Jan 1970 00:00:01 GMT
server
cloudflare
age
9881
etag
1562908762--gzip
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=604800, stale-while-revalidate=2678400, stale-if-error=2678400
timing-allow-origin
*
cf-ray
77ccd0055adc9101-FRA
nvi
www.parship.de/nocache/ Frame FE64 		15 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.parship.de/nocache/nvi?url_path=%2Fwplp%2Fhtlp%2Fde%2Findex.html&pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1671585807.5712300.1265d5ba-80ce-11ed-a929-00155d255900ID&ref=https%3A%2F%2F64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com%2F
Requested by
Host: www.parship.de
URL: https://www.parship.de/static_cms/parship/static/peg_utils/tracking/pegtracking_combined.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:b979 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.parship.de/wplp/htlp/de/index.html?pscode=01_100_60078_1469_0001_0001_empty_AF00ID_GV1671585807.5712300.1265d5ba-80ce-11ed-a929-00155d255900ID
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:23:28 GMT
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cf-ray
77ccd0044cdfbbec-FRA
content-length
15
track
www.carousell.com.hk/ds/ 		2 B
111 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.carousell.com.hk/ds/track?
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

csrf-token
oUVrfriq-vYqc6ZAW1YfBa3cItXCyn8B0l4c
Referer
https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
application/json

Response headers

date
Wed, 21 Dec 2022 01:23:28 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
x-envoy-upstream-service-time
10
cf-ray
77ccd004bec8903d-FRA
postback
s.update.mediamathtag.com/2/2.87.1/619621/AbVAWhIUEeMS3Ra2/ Frame C0E1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/619621/AbVAWhIUEeMS3Ra2/postback?pp=pub-3880661451400141&sr=4&ci=619621&ui=cb6cf9d6-0000-0000-0000-000000000000&ti=7522459496293314414&si=781327868&cr=6622335&ai=216536&dt=6196211556140246740000&pd=avt&di=https%3A%2F%2Fwww.carousell.com.hk%2Fp%2Fbrand-new-ysl-coins-bag-127871130&r2=&r3=&c1=4562306&r1=2001%3A1b60%3A2%3A%3A&ap=&pv=e8cd9eb3-7151-43f1-9965-f3e25a6a6ad6&de=43003&dm=970x250&ac=651871&sid=AbVAWhIUEeMS3Ra2&oz_sc=9f563800c180e916faf73dc5&oz_df=1671585808188&oz_l=6545&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.87.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 21 Dec 2022 01:23:28 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
usermatch.gif
beacon.krxd.net/ Frame A134
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=1tvcODphhTnI_Ij_A-_Azu8mHrg8KhTO
0
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=1tvcODphhTnI_Ij_A-_Azu8mHrg8KhTO
Protocol
H2
Server
54.78.77.101 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-77-101.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by
beacon-n005-dub-prod.krxd.net
date
Wed, 21 Dec 2022 01:23:28 GMT
cache-control
private, no-cache, no-store
x-request-time
D=47 t=1671585808
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=1tvcODphhTnI_Ij_A-_Azu8mHrg8KhTO
date
Wed, 21 Dec 2022 01:23:28 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1270828
content-length
0
postback
s.update.mediamathtag.com/2/2.87.1/619621/AbVAWhIUEeMS3Ra2/ Frame C0E1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/619621/AbVAWhIUEeMS3Ra2/postback?pp=pub-3880661451400141&sr=4&ci=619621&ui=cb6cf9d6-0000-0000-0000-000000000000&ti=7522459496293314414&si=781327868&cr=6622335&ai=216536&dt=6196211556140246740000&pd=avt&di=https%3A%2F%2Fwww.carousell.com.hk%2Fp%2Fbrand-new-ysl-coins-bag-127871130&r2=&r3=&c1=4562306&r1=2001%3A1b60%3A2%3A%3A&ap=&pv=e8cd9eb3-7151-43f1-9965-f3e25a6a6ad6&de=43003&dm=970x250&ac=651871&sid=AbVAWhIUEeMS3Ra2&oz_sc=9f563800c180e916faf73dc5&oz_df=1671585808383&oz_l=423&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.87.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 21 Dec 2022 01:23:28 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
6f8c2dad-d3f9-4620-b86c-9c902006853d
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/ Frame C0E1 		802 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/6f8c2dad-d3f9-4620-b86c-9c902006853d
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10448ad99ad3f9dc0626df18f1bcf7c64e71f7d0aa66d070304d47fe350d242d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
802
postback
s.update.mediamathtag.com/2/2.87.1/619621/AbVAWhIUEeMS3Ra2/ Frame C0E1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/619621/AbVAWhIUEeMS3Ra2/postback?pp=pub-3880661451400141&sr=4&ci=619621&ui=cb6cf9d6-0000-0000-0000-000000000000&ti=7522459496293314414&si=781327868&cr=6622335&ai=216536&dt=6196211556140246740000&pd=avt&di=https%3A%2F%2Fwww.carousell.com.hk%2Fp%2Fbrand-new-ysl-coins-bag-127871130&r2=&r3=&c1=4562306&r1=2001%3A1b60%3A2%3A%3A&ap=&pv=e8cd9eb3-7151-43f1-9965-f3e25a6a6ad6&de=43003&dm=970x250&ac=651871&sid=AbVAWhIUEeMS3Ra2&oz_sc=9f563800c180e916faf73dc5&oz_df=1671585808552&oz_l=643&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.87.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 21 Dec 2022 01:23:28 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
activeview
pagead2.googlesyndication.com/pcs/ Frame C0E1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvWyQVQtlWOGvAldybC7KdoHtq8A1R-3nxdSYZJl6whif3Fzx3TVhPLfM06udlSFDiCTDE8XnPqJ6Pgh3XHMImZuyih&sig=Cg0ArKJSzC7ZkYKhcPKTEAE&id=lidar2&mcvt=1147&p=140,315,390,1285&mtos=1147,1147,1147,1147,1147&tos=1147,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4083047336&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671585806984&rpt=574&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F581 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZdl_jjhsJPfdod9yDC4F9y1kATC_JmfCZ-K8BmLE1VTihvFMcEYeVfd8sP-sypYaApEa3bS7N5-nQZab3shk-nHXLurtvRPcETGrFZixRSXyMhtfYNSeQWuTo&sai=AMfl-YT7lzD8cbx2bDQD8DqMDQubsrxwPGafrB9dokTVX652M3Zrm0HkXblV6bli0E64aI0aXX-f4IMlR2zwnPj8wxfpa__vL9SufrpRb0j57GVHd-TUGpo8abFn0eNHiTCMmM1S6iM9mpecffZL5LKY&sig=Cg0ArKJSzApu6UmO84_LEAE&cid=CAQSTADq26N9V85Zk_Z3-1rLlB7dHZzA8_-3wVelwQFSHQSI4LUHJSrjEpFmQKz6YsRUDtD7nqPguba8rRJW3ojl8qhaqpgj0PT3B0s9DL4YASAT&id=lidar2&mcvt=1101&p=995,1136,1245,1436&mtos=0,1101,1101,1101,1101&tos=0,1101,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=0.82&if=1&app=0&itpl=20&adk=1617945776&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671585806940&rpt=711&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900022.redintelligence.net/ Frame 3A6B 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900022.redintelligence.net/viewability?s=47327900005071000951403012180022&a=f2634f38&vb=v
Requested by
Host: hal900022.redintelligence.net
URL: https://hal900022.redintelligence.net/request_content.php?s=47327900005071000951403012180022&a=3fbbb2d3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.53.104.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900022.redintelligence.net/request_content.php?s=47327900005071000951403012180022&a=3fbbb2d3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 01:23:28 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
cs
s.thebrighttag.com/ Frame A134
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=LdeBhD81TJttoiIbIcZDLDlRSeOcPLNF
35 B
268 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=LdeBhD81TJttoiIbIcZDLDlRSeOcPLNF
Protocol
H2
Server
13.58.86.229 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-58-86-229.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Dec 2022 01:23:29 GMT
x-bt-requestid
13301550-80ce-11ed-a131-0000ac170331
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=LdeBhD81TJttoiIbIcZDLDlRSeOcPLNF
date
Wed, 21 Dec 2022 01:23:28 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1018730
content-length
0
tracking-event
api.webgains.io/ Frame C0E1 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.178.175 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-178-175.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 21 Dec 2022 01:23:29 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.178.175 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-178-175.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 21 Dec 2022 01:23:28 GMT
server
nginx
viewability
hal90007.redintelligence.net/ Frame FDC9 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90007.redintelligence.net/viewability?s=90334400005085904444554012180007&a=56c60595&vb=v
Requested by
Host: hal90007.redintelligence.net
URL: https://hal90007.redintelligence.net/request_content.php?s=90334400005085904444554012180007&a=7407c1fe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.157 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.157.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90007.redintelligence.net/request_content.php?s=90334400005085904444554012180007&a=7407c1fe
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 21 Dec 2022 01:23:28 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
postback
s.update.mediamathtag.com/2/2.87.1/619621/AbVAWhIUEeMS3Ra2/ Frame C0E1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/619621/AbVAWhIUEeMS3Ra2/postback?pp=pub-3880661451400141&sr=4&ci=619621&ui=cb6cf9d6-0000-0000-0000-000000000000&ti=7522459496293314414&si=781327868&cr=6622335&ai=216536&dt=6196211556140246740000&pd=avt&di=https%3A%2F%2Fwww.carousell.com.hk%2Fp%2Fbrand-new-ysl-coins-bag-127871130&r2=&r3=&c1=4562306&r1=2001%3A1b60%3A2%3A%3A&ap=&pv=e8cd9eb3-7151-43f1-9965-f3e25a6a6ad6&de=43003&dm=970x250&ac=651871&sid=AbVAWhIUEeMS3Ra2&oz_sc=9f563800c180e916faf73dc5&oz_df=1671585808823&oz_l=85&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.87.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 21 Dec 2022 01:23:28 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
tracking-event
api.webgains.io/ Frame F581 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.178.175 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-178-175.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 21 Dec 2022 01:23:29 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.132.178.175 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-132-178-175.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Wed, 21 Dec 2022 01:23:28 GMT
server
nginx
postback
s.update.mediamathtag.com/2/2.87.1/619621/AbVAWhIUEeMS3Ra2/ Frame C0E1 		0
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.update.mediamathtag.com/2/2.87.1/619621/AbVAWhIUEeMS3Ra2/postback?pp=pub-3880661451400141&sr=4&ci=619621&ui=cb6cf9d6-0000-0000-0000-000000000000&ti=7522459496293314414&si=781327868&cr=6622335&ai=216536&dt=6196211556140246740000&pd=avt&di=https%3A%2F%2Fwww.carousell.com.hk%2Fp%2Fbrand-new-ysl-coins-bag-127871130&r2=&r3=&c1=4562306&r1=2001%3A1b60%3A2%3A%3A&ap=&pv=e8cd9eb3-7151-43f1-9965-f3e25a6a6ad6&de=43003&dm=970x250&ac=651871&sid=AbVAWhIUEeMS3Ra2&oz_sc=9f563800c180e916faf73dc5&oz_df=1671585809049&oz_l=2551&cv=3
Requested by
Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.87.1/main.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Wed, 21 Dec 2022 01:23:28 GMT
Timing-Allow-Origin
*
Content-Length
0
Vary
Origin
track
www.carousell.com.hk/ds/ 		2 B
111 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.carousell.com.hk/ds/track?
Requested by
Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/5.4.0/bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:f76 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

csrf-token
oUVrfriq-vYqc6ZAW1YfBa3cItXCyn8B0l4c
Referer
https://www.carousell.com.hk/p/brand-new-ysl-coins-bag-127871130/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
application/json

Response headers

date
Wed, 21 Dec 2022 01:23:31 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Accept-Encoding, Accept-Encoding
content-type
application/json; charset=utf-8
x-envoy-upstream-service-time
16
cf-ray
77ccd0189814903d-FRA

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Carousell (E-commerce)

115 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| oncontentvisibilityautostatechange object| config object| initialState object| __LOADABLE_LOADED_CHUNKS__ object| dataLayer object| eventBuffer function| __initSentry__ object| Sentry object| platform function| _ boolean| hasInitialScriptFailure object| __SENTRY__ object| googletag object| default_gsi object| google object| closure_lm_951340 object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| clevertap object| branch string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| customData string| product_category_id string| listing_id string| deviceType object| criteo_q object| wizrocket object| $WZRK_WR object| $CLTP_WR object| gaplugins object| gaGlobal object| gaData object| headertag function| headertag_render object| rubicontag object| pbjs object| ggeac object| google_js_reporting_queue function| onYouTubeIframeAPIReady undefined| google_measure_js_timing object| Criteo object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl boolean| __bt_already_invoked object| __bt object| google_conversion_id object| google_custom_params object| google_remarketing_only object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| GoogleGcLKhOms object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests

76 Cookies

Domain/Path Name / Value
www.carousell.com.hk/ Name: _csrf
Value: iE29iXv5qEt7N-bkp_IViAad
.carousell.com.hk/ Name: _t
Value: a%3D-a2QqI6eS8%26t%3D1671585804280
.carousell.com.hk/ Name: _t2
Value: sgK51pvZcf
www.carousell.com.hk/ Name: siv_2
Value: 2055acb3-13c0-480c-909e-0c0352d5bad5
www.carousell.com.hk/ Name: latra
Value: 1671580800000
.carousell.com.hk/ Name: _gcl_au
Value: 1.1.1317580212.1671585806
.carousell.com.hk/ Name: _gid
Value: GA1.3.2358544.1671585806
.www.carousell.com.hk/ Name: _gaclientid
Value: 2121875430.1671585806
.www.carousell.com.hk/ Name: _gasessionid
Value: 20221221|08731412
.www.carousell.com.hk/ Name: _gahitid
Value: 01:23:26
.carousell.com.hk/ Name: _dc_gtm_UA-32231169-26
Value: 1
.carousell.com.hk/ Name: _ga_BTYMG7D1RH
Value: GS1.1.1671585806.1.0.1671585806.60.0.0
.carousell.com.hk/ Name: _ga
Value: GA1.1.2121875430.1671585806
.carousell.com.hk/ Name: WZRK_G
Value: 0a0df42c0d4949e9bb16c44213182d8a
.carousell.com.hk/ Name: WZRK_S_8R9-448-845Z
Value: %7B%22p%22%3A1%2C%22s%22%3A1671585806%2C%22t%22%3A1671585806%7D
.carousell.com.hk/ Name: _fbp
Value: fb.2.1671585806221.1035598061
.app.link/ Name: _s
Value: 7R1O9uZ8x7MFNw5Lvu%2FtmnGBTijpmmY1FnCKunIFaDL%2FBj2TavXUYT%2BTVsN%2Fh6Xz
.criteo.com/ Name: uid
Value: f8acbf8c-3efe-4488-ab21-bf23910c847b
.rubiconproject.com/ Name: khaos
Value: LBWZ130R-1X-GF6M
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/EiIIociqtdarrU1ZxogGjlwOA+xFj1I9scPlNhSTbzUQ6nwN4043c2NIP+YGT66vH2rcIfStnGLXDvN1WUJ/Voc54wCEYshvdUpv8xe66gp6Q==
.carousell.com.hk/ Name: cto_bundle
Value: zffaYF8zVTJqWTVDbmphcGRWaXVyQ1lORThSamFBbW5oaVVRWjNYYnVJVVVldEFBelU5VElhamw1NGNZR1dIaHptViUyQmJnWVV4RlpmZURwRmxSQ2lxQW5tSklHWSUyRndzSFQ0TGxQNTRPSjV6eFlXJTJGRGdlbWFDZ3h4b1JOUERYUW83a1o4OWJQaXlSbEp5MmpldURmRHgwOXV1VndYZXAxYW5FNmtEcHdIeThvTGU2JTJCZyUzRA
.carousell.com.hk/ Name: __gads
Value: ID=1b74a00a37833dd6:T=1671585806:S=ALNI_MbMFwD90D5tcLsQL32xJuqSf9bGRw
.carousell.com.hk/ Name: __gpi
Value: UID=00000b959dbf4698:T=1671585806:RT=1671585806:S=ALNI_MYnXtJnT1Wm0X3rO4KEohAKMX_iVQ
.doubleclick.net/ Name: IDE
Value: AHWqTUngAZTbTScnSOFdMEWERUTxOQlJ34xhSTTbhBz6K77C5oeOc__dvZU-iDqcUEQ
.mathtag.com/ Name: uuid
Value: c18163a2-600f-4001-8f9c-eaef7f711a55
.adnxs.com/ Name: uuid2
Value: 4525205322057580566
.casalemedia.com/ Name: CMPS
Value: 5173
.casalemedia.com/ Name: CMPRO
Value: 5173
.doubleclick.net/ Name: DSID
Value: NO_DATA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C%@DMh$q!@wnfH8K6pQK`!5=E<*L5?%LWe6VL31U<ez0Wwxt85Sb18>g>?8gW0FpCOsSP(hw9P-HC_#u#VA)^7<I
.casalemedia.com/ Name: CMID
Value: Y6JgD9waWPXCBnavnA02SgAA
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 6f6f3d75e7c3eb8d
.retailads.net/ Name: ppb2172
Value: 1889065040
.awin1.com/ Name: awpv14098
Value: 296283|1671585807|12469fb0-80ce-11ed-af39-22634e1a9496
.awin1.com/ Name: awpv11524
Value: 296283|1671585807|124f0420-80ce-11ed-b8a6-2239e8532efd
.awin1.com/ Name: AWSESS
Value: 391598:2661283
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1671585807794,"clickCookie":false}}
.futalis.de/ Name: raSIDb
Value: 1889065040
pb.media01.eu/ Name: DTU
Value: AABBC69E0DFB0065EF652299745EF615
trf.greatviews.de/ Name: ads_si
Value: a%3A3%3A%7Bs%3A2%3A%22si%22%3Bs%3A36%3A%221265d6be-80ce-11ed-a929-00155d255900%22%3Bs%3A3%3A%22sit%22%3Bs%3A10%3A%221671672207%22%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
trf.greatviews.de/ Name: cjcookie
Value: a%3A2%3A%7Bs%3A2%3A%22id%22%3Bs%3A38%3A%22cj1265f39c-80ce-11ed-a929-00155d255900%22%3Bs%3A6%3A%22expire%22%3Bi%3A1734657807%3B%7D
trf.greatviews.de/ Name: mcookie
Value: a%3A3%3A%7Bs%3A4%3A%22m316%22%3Bs%3A36%3A%221265d65a-80ce-11ed-a929-00155d255900%22%3Bs%3A11%3A%22click_12771%22%3Bs%3A57%3A%221671585807%25%255712300%25%251265d5ba-80ce-11ed-a929-00155d255900%22%3Bs%3A6%3A%22expire%22%3Bi%3A1687137807%3B%7D
trf.greatviews.de/ Name: ads_pu
Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bs%3A1%3A%221%22%3Bs%3A6%3A%22expire%22%3Bi%3A1672190607%3B%7D
trf.greatviews.de/ Name: ads_ps
Value: a%3A2%3A%7Bs%3A4%3A%22seen%22%3Bs%3A1%3A%221%22%3Bs%3A6%3A%22expire%22%3Bi%3A0%3B%7D
.www.parship.de/ Name: __cf_bm
Value: LZu7iDRR9Xp6QuGA8XuvsqUpgQbYSiXVgK3iw9CkT9M-1671585807-0-AZPAaU3jguNykM6gCU1EQMjmgPpMWQHseg08+n99o4jANSEJPmrsYKZUt44QTeQHgNuxgIO3wJL1Tjby8iqKIXI=
.casalemedia.com/ Name: CMTS
Value: 3195
.parship.de/ Name: NVI_LC2
Value: 01_100_60078_1469_0001_0001_empty_AF00ID_GV1671585807.5712300.1265d5ba-80ce-11ed-a929-00155d255900ID_TS%3A1671585808
.parship.de/ Name: NVI_FC
Value: 01_100_60078_1469_0001_0001_empty_AF00ID_GV1671585807.5712300.1265d5ba-80ce-11ed-a929-00155d255900ID_TS%3A1671585808
.media.net/ Name: visitor-id
Value: 3145874088280811000V10
.media.net/ Name: data-c-ts
Value: 1671585808
.media.net/ Name: data-c
Value: k-VDIDsNytiZJNmLZkZTD0IvQQvbFyUDg_CPaiZQ~~3
.bidswitch.net/ Name: tuuid
Value: 30ad0612-5085-49a7-9e3d-7545b9e44e37
.bidswitch.net/ Name: c
Value: 1671585808
.bidswitch.net/ Name: tuuid_lu
Value: 1671585808
.yahoo.com/ Name: A3
Value: d=AQABBBBgomMCEILIJ_dR6O0ZxYXtMOdJyjkFEgEBAQGxo2OsYwAAAAAA_eMAAA&S=AQAAAmBoK6ZC-mTB5cCBSuqydmE
.360yield.com/ Name: tuuid
Value: d0f5e89b-7461-4c90-bc25-22a0468757f2
.360yield.com/ Name: tuuid_lu
Value: 1671585808
.analytics.yahoo.com/ Name: IDSYNC
Value: 18zh~28yp
.demdex.net/ Name: demdex
Value: 49866882545706792001619577181049436336
.360yield.com/ Name: um
Value: !38,Z0rq0Hoyr6z9QAEAE8tvTOfxD6PIG9fHybNZygXJk4lIDVx6vVECRsoJZ0ZRgUEHVsGMhJ1n,1679361808
.360yield.com/ Name: umeh
Value: !38,0,1733793808,-1
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%2212aa4380-80ce-11ed-ba60-77d76b1b782f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%2212aa4380-80ce-11ed-ba60-77d76b1b782f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%2212aa4380-80ce-11ed-ba60-77d76b1b782f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%2212aa4380-80ce-11ed-ba60-77d76b1b782f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-6Du9CdytiZJNmLZkZTD0IvQQvbFTmITr3NwDnw%22%2C%22version%22%3A%22criteo%22%7D
.dpm.demdex.net/ Name: dpm
Value: 49866882545706792001619577181049436336
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-o9lLmtytiZJNmLZkZTD0IvQQvbHMrdxjQaVgwQ&KRTB&23144-uid:k-o9lLmtytiZJNmLZkZTD0IvQQvbHMrdxjQaVgwQ&KRTB&23286-uid:k-o9lLmtytiZJNmLZkZTD0IvQQvbHMrdxjQaVgwQ&KRTB&23287-uid:k-o9lLmtytiZJNmLZkZTD0IvQQvbHMrdxjQaVgwQ
.pubmatic.com/ Name: PugT
Value: 1671585808
.krxd.net/ Name: _kuid_
Value: PRSTWzqV

6 Console Messages

Source Level URL
Text
javascript warning URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
javascript warning URL: https://www.googleadservices.com/pagead/conversion.js(Line 28)
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
worker error URL: blob:https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/24cc617b-a43e-43d2-b1cf-b428ff02e290
Message:
Mixed Content: The page at 'blob:https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/24cc617b-a43e-43d2-b1cf-b428ff02e290' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker error URL: blob:https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/24cc617b-a43e-43d2-b1cf-b428ff02e290
Message:
Mixed Content: The page at 'blob:https://64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com/24cc617b-a43e-43d2-b1cf-b428ff02e290' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * data: blob: 'unsafe-inline' 'unsafe-eval';frame-ancestors 'self' support.carousell.com
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
64f3faa3aca0ad5da9638247c63ef8fa.safeframe.googlesyndication.com
a.teads.tv
a.twiago.com
accounts.google.com
ad-delivery.net
ad-server.eu
ad.360yield.com
ad.doubleclick.net
ad.yieldlab.net
adservice.google.com
adservice.google.de
adv.office-partner.de
analytics.webgains.io
api.btloader.com
api.rlcdn.com
api.webgains.io
api2.branch.io
app.link
as-sec.casalemedia.com
beacon.krxd.net
browser.sentry-cdn.com
btloader.com
c2shb.ssp.yahoo.com
cdn.ampproject.org
cdn.branch.io
cdn.retailads.net
cdn.tercept.com
cdn.track.production.webgains.team
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
d2r1yp2w7bby2u.cloudfront.net
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
eum.instana.io
exchange.mediavine.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900022.redintelligence.net
hal90007.redintelligence.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id5-sync.com
js-sec.indexww.com
match.adsrvr.org
match.sharethrough.com
matching.ivitrack.com
media.karousell.com
medialead.de
mug.criteo.com
mweb-cdn.karousell.com
pagead2.googlesyndication.com
pb.media01.eu
pixel.mathtag.com
pixel.rubiconproject.com
pv.medialead.de
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.thebrighttag.com
s.update.mediamathtag.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
sl3-cdn.karousell.com
sslwidget.criteo.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tags.mathtag.com
tpc.googlesyndication.com
track.webgains.com
trf.greatviews.de
ups.analytics.yahoo.com
visitor.omnitagjs.com
widget.as.criteo.com
www.awin1.com
www.carousell.com.hk
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.parship.de
wzrkt.com
x.bidswitch.net
104.18.36.94
13.58.86.229
130.211.23.194
136.243.149.243
138.201.63.157
141.226.228.48
142.250.180.198
142.250.185.102
142.250.185.162
143.204.215.49
143.204.215.60
144.76.104.53
145.239.193.130
162.19.138.116
172.64.154.237
178.250.2.146
178.250.2.151
18.132.178.175
18.133.151.109
18.156.0.31
18.156.195.47
18.159.155.47
18.203.96.5
18.66.147.41
18.66.147.89
182.161.74.16
184.24.12.207
185.255.84.152
185.29.134.249
185.64.189.112
185.64.190.80
185.80.39.216
185.86.137.131
185.89.210.82
2001:4860:4802:34::36
216.58.212.162
23.35.237.56
2600:1f18:612b:4200:d154:f19:a39d:8ac
2600:9000:2057:da00:19:9934:6a80:93a1
2600:9000:206f:b000:11:f728:3040:93a1
2600:9000:2171:f600:14:2bf1:b3c0:93a1
2600:9000:223e:3a00:1e:3056:9b00:93a1
2602:803:c003:200::21
2606:4700:20::681a:346
2606:4700:20::681a:78b
2606:4700::6810:cb16
2606:4700::6812:f76
2606:4700::6813:b979
2606:4700::be5d:f653
2606:4700::be5d:f753
2a00:1450:4001:806::2004
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200d
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4025:401::9c
2a01:4f8:d0a:2321::2
2a02:2638:1::d
2a02:2638::1c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42::729
2a0b:4d07:401::1
3.122.163.246
3.71.169.66
34.117.157.22
34.120.133.55
34.248.149.34
34.251.236.239
37.157.4.23
49.12.22.42
52.18.15.195
52.223.40.198
52.58.171.208
54.76.176.197
54.78.77.101
69.173.144.138
70.42.32.31
76.223.111.18
85.215.5.31
85.239.105.10
88.198.250.30
88.221.168.207
88.221.168.23
88.221.169.49
94.23.99.218
96.16.132.239
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
0113a7a06a4ed6eb09b609e616e2c87f9e152f1b061f12f102e45aed8e40c4a3
01aacd3ad5032a7d10e9ede82b020e6836082c8cd4dc1a9432613a4140a43c9e
024f716e254a46ebf29f00fc651ba334bea73683d4dd8c57217a47c580506b5f
04f73161d65fbd2bbffb11ac940e30fb7b3bca6b377147e9afc2cd8ce0de3a68
06f72eac9c80f72f0f036695f0ab9b0bc4458b664fda40910ec17bd8e70c3024
07e4e2ca892430bf5684617984be1149779c043496fdebf64f807b128d57fa53
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
087fa3b38029acd3f7b13a5f201aec29b76de1be9400c2351d9f553eac3f6175
0b4ad4c7e9f95aa3f37f4f71e91eb0def0f2d8f5d9936eb8739718c151268fbb
0b75e862b07ce8e50a68ca70cca0a15dd3499dd21392794875e18256dc72705f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf0e9c69a9d655d6bbe80f469b9b9a59d1ae85e4fc9bef68c0f40b46278a225
0cfc638dcb3ed36e4a8c11a37ca45deda92bd839154c08126ac5a37bb928fafa
0de5f6017da13230fc85ca899ae15413c38ea8307a527e1aa9999aaaf9ec1681
0f2906d7c2ed8480e09a0bd0994866cc71415264db831da9756418c7b76d2712
0f57d7911dbbcb2b4a12ae01085287b9050efecd95a8360276f6c15e69acd8c3
0f880ab98b5b4d0cf39ca4c70960092ce931c0daff1d70c298d8c3fde3c35285
10448ad99ad3f9dc0626df18f1bcf7c64e71f7d0aa66d070304d47fe350d242d
1077a51d11b7574513663f84234cd5ffeb8a0d1f69b2f873efbffc8f5109c417
120cd22904849ab02cd4b1e2869f32fb9e3292230dc59483e3cf6dbb63b968e7
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12fb2dfa8ddad01b61cf997aec65535297f66216e84f37b3f3154397d063a134
14d06dbdb68c4b7f406492e8bf5f5f7f10f384e9025b9b8e1ec93bf216ee836f
17456f8db64aa1850fded220ab227c27b308fa5197c09e35cdf108b91a688bcd
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
19aeec44d010ebb846dc38aa2b4e83d12b158b60884481e86a6dfbfd4d9d0232
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1bfb47592fdad4e81d9c3ba431aff9b0c93bce6d2cc8ebc5c0661048be4a3bbf
1c7235e88a37c0ac666e9a8d11cd254997f4a963bc53db3678a97a8cd26beefb
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e00d2c7def7e587f1997fd9d61920dcc047ed17a7888f8d0beae38cd284a3e1
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
214472ba518448dd1909b8b92f23197d53200e6c3b0c3cbe072a948b2fb2219c
232d3fbf590a584138bb563319747dbef0c9e41db91f19ff45d41e785a5f4f98
25a6c7dbf6babd073c35574d5b14b3ae48e5249f8487a6b6120470c81931c546
25ec986d54fac97b84a89de86fa9679ef153b1a20566f20ee4827a1a9d509331
25f79a8025a3c67f7d21208a4878cfd8b254ec549c5a9c7cbc23976a3c1d3963
262785bc0d8a03b026882325ccf0a0e1a2e2ada6ed3cdcc7c86abf2b5580f281
262d3de9ff69ab2dc0614dd7bd7608b4a34e5a9a84509cde239120829e4e5500
29ad957ab410ea6a2ef3ea32f502674ccfe0863210a4ececb575b4b955ad950b
2d57ea584b19c22aef6bad554d80710e06fd81c90c14b1165d5cf95334413e8c
2d6bffcd621fef78af8c8676c25a006bb6813af12bd0aa005aeb7bd7203f8331
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f1d6eaa3fbd7019b87ddb1a37aa814f1614203dc16b4fd8063818c93c6b8a36
2f8ad60d61a67a391df66a66cf0f436b4bc7365c7a34ada1285ffd506247241d
3019062b18ca4fd18405ab0b9c0ac037e71f19e8697729159b42d1008b3810dc
3117ad5de3ea6721f0bf8d52b3cf517ad5d3a1f6cb73c139efc341a256f4de94
312a8901042e770134d80045ffb474f3e242ab4d5124e4f4c7d6ac839db8fe27
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
319d26e2af6601102956ac6a0e669587a08d312523727096d2538597d0458b46
325f2088f991f5739b946bf31744eb3bc524c01adde0590671c5939a3dc2c2f1
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34e116ba63c8a85d481135a33eb0ef5b314fd239d7739325e8b3e952156b6960
36e62549c917eec1c290875a1a08c81c62420a16e56dba7c6e03d872b7372aac
380dc68aae1f79c129ed7cb65e47dcd984f0a5a145d59ef6d5af7a3edffb29b1
3823531671aebb38e46f0e1472f31401885bcdc24fab82cdbf585d62ca7bd03f
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3a8d72934ca9ca0fd21123125762ca9d4a6b0527693ade00582bdf53f4669f37
3aec5a118d5ba800fbf161c0cfcc7f9966be49774a3599549f6b8672672efd5d
3b9bb073fcb45cf049d574400fc51319a68ae2e3eb0db5d771ab251934b94531
40d1c5232175b84519dad6f2c85ae8db21282b4e75c27ede5b186d41fadb1340
4161345049eee66e715f67a3eeb5854939968fae342649e80973f3827dd1d2ae
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45ae1d9448bfd1ef3251d46f3e59149d609697ac7d40a414c17b799476aac1a4
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47050d26ee72f07d767cd80f249a2f5197e4d96f50b97a5d900d3abc91f23753
4b45d3f8613e74366ebc2bcdbdf664173057eab11deca29e6e4711c97b762fe1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5023a2729094107051479e0dd2f2478dd99e80dd3ce8d0bc294d0e9e1b35e7de
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5081c4c77d5fedd4b5bb4fd76691daf14dc35fa5a0c539e5984507a96d3ab5b1
524a9d9e1b1c85ad9c5ce67525a0b09db650abe595c300094bd415fce2d1b13e
528cc9da1c47b7f1a60c825d01e4726e32d5b4d03db53232a8a9554da9666a5e
52e79f865eac5e2adae588cc685421878f63f5d4bbe7f814eedba611d6c843db
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
59048b1bcb54f0f7bf0292fba3689cdd7b6b8b1dd5122b1e1b72615aaecb2ad0
5b3a9d311d77d8bc61e6466b03226ea7595eb087c895c24401338c21ed7e4e38
5cbca4f8a00bc085f2329559cc484ab00771755f679578a31b30c6c2312b88ea
6052d2b170e393d4299e16293078141b527340737f53f8814a84c776d7ad82f3
60ce25579493fe16f3758b7b53d7ef333d4e5431bc297879697e739952f79fdb
61822ff1ee4c1c154e32bf4649434ad1556250bb36d3af57dfbb00bc9b9388c1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6392b9245ca90e7a737483a2ef7dca656a435699a1dbea2f12a54956b9d40ba2
667df766b6af46a53f512eb0747e320357a0da0e0d5188f43c9369de2c0b8523
6757e58ca6b4e011ea9df07b404d98d4167bc855ea779a4d397f2971fa0dd1e2
687309a7f8298a5ff1b0c66b8a933c91ee5cf41a130faa540ed72d8c80832d5e
68cd7511f3c73fd571901456ded96f3de6005eedcf0a44f84f4c0eeec52d0814
6a002b933231a85e9ee53313408dc9d34d71f6eaa8d79d657d848df3c13cba11
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6b9fab8e3cf0adeaf18949e2c4cab04a3939445e65479da737cb78b3c3e80085
7074b0c63c7544707b789697def08a85619cf5651e273faf9fdc95c9c0afebda
70be16b9dc61f64b3bdd8f879f8dcaaa114c52d8d22229f34605d75477555105
730729f93fbe079457c35ef8389427350e92c430f1da0169f9c9cfb62ec243dd
7b9c74527ea434e2f1394f3d225a202d4fe9fe3db38bcd9e8127dc5ca4759f68
7e4b356ed10775a6dd80fa9ee1a0532202a92a7bafe32a25c8f14f40bf9cea94
802b5cbbd81ba3de29038b89ddbf96951c1afb279ffcd9debbc38d1c8a2dfc4f
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83cad37f70113f7b8bbb98c2ef8ee949f9a611e402e55ee826aef65130f2ef77
843e3eaeac8ae09be7885074476642ab31be36a18016d0701fde78b1ae9b736c
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
856785e72e16485b10ef0dd89efbccd979f0dd5edd3bc5779ed62da58ec0b85e
8997a7bbba8f87c2ad3607f38efc5285dce30a4549cea032350417992a25b48a
89edf9fee1fc73e711d53490a40628edc4875108fdae39a256103908d6b59d50
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
906fca4c18701acc18bb2df751c0711264095f2a678a85d6a60f8bf8544708ee
910d42773de429538b60f2bd714ebd734dd66dea33fcd52845228ea0daa77fe1
91e47045f2aae2d3350498753cb9113df4c55c7db9daf410ff2df3a5ff38bd93
9228412fefc589ecd8007f17d6df84ccb33b52b3c93183b7a74876c9acb6a18d
92f75b3d52eb22fd4d5af5352dc0bb43e5d0bc979f274783e7cd17884221b72e
93a16e164f3892d15051c3eeaf4947ab73691953fe0f4d25256300c6d698015e
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
9579da557fc242abc2cadf41dde9c84761826231c91e9acd746a2d4af9811d33
95adb0f82a37f4266f03887af6990f927c1267b4e86071cf56d5e51bbe4a7ffe
97e7bf9a988e2d532bbcd9543e3a09bd14bd633021fe28130d1f58b8f65336fb
984ff5267ed0fb5492cbdcfbdf8746979337a78deb7f7e4c1939f367beaba35a
99c97bfb86ec50068d59b003416a3c07412dc4cbf1ed41f5c78bf5cf028c1549
9c3d35404207b1fe085181b6ec820be2b5e91c5878c4116355c2b67e5f5cdbca
9c95f69a643b3790b19b636796a8d975416e0502eb4b41d7d15e2e1e21f43b89
9d8ede5b7c76535a0b0348492feba88f10c72c27b88762b956a37f167cf2ef5c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a005e6569096e1a1d224a2664864f41f35b4b5668481666dcc73c94e15679266
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a305d9e28e4d0171c610d1168df3a739b1ea6483258952ac4d8bb6e22185b58b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a818385591d327befbeb5b06dfaea9c113b7ac9537e1546d7379a3a9428e5d60
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
a82e253bcae3f47de67954d157fcbbf7ed3904af886bfdac856f6b10e2e6690e
a8619d335bb3cf42aa32ad3909eec58427fc0b6c3b856e340c70eab65ee6632a
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
ae0fcae300a1273f05a8e327f569451b28b86ecd37d0959e7cdff80fa986a75a
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b296ccdecda596d7159649beb53ce45d4cd003e06d36daa7455cd60bf873f1e9
b345ecbc4215f2ad048ce1f7107edb6c973c70e0f4d6f5133d82a1d92c0d10e9
b3758a7e5188ec434e27be19c84b412d008beb8a390c8e2e3b2d2675a453f1bf
b3c381ed7cdf2086919f9b5690079aa8286679b4fd512bfd87dd42be2eea24bf
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b50942ba1825f2bbd806654ed8c134b6b5e2aa68e8f6977fef393e78be2661e5
b79cffc40a67d64a8562dedab3273506b86f059140ffecfb31dfcd40c85de2b9
b860d4ddf147946b1444c753ebad976d3210b53baaa0dc982526cbf2a8a044b7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
c0bd9f1873ba91ac085002d6715dd3121072e07bc9a7038cbe8deaf8c63df706
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
c40e935b2bc1b0b1d6e745b29afe02b02e5c00844c3bc4894bb56d1c5635eb9e
c45230800c241531e18fddd28714ace36969ae2fc5f1248bc75f36a65ec2dd1c
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c5c8f601894574f67d1f3f251d0de06878a30b14849765377ae5d39adf2fc44d
c5fdb3b1a3604bb180fcecbf4bd490f8ea9e7363e1a4afb911bd662d21a4c6f9
c66274bcfe27bed915e7bc0633d78063723154d012b5f079387bf07fa35047d9
c80196cf0e91f54b3344d2552774499268d7ecb47d352097198da0401d6db93e
c8b99470967243bef5d592390c2c693bdb43e051fb12b73e2700dc1a2f7ed9fe
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cbc012fb0c0fa25b73c82446a22d582edd48782b0f97d852b70d211f29cb83a6
cdec40313a1d6ef4b65499738364ed1f2956f9a9650e090429dd6bf206bf3a21
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1ed0cdcca66a5c1c2b9a9ca63136b26e7ce277dbb71fff9ee4ac413b6eedbe0
d2889652559e117499d1e59ba3b904d52c4e6b8e2379a927f56747c04388000a
d38e44284bb9658cc5ff787c8432bdecb44c0d702c6369cd605eccc6f8cc06ed
d3a69f1c6b3b80945f66315393b52339b554fe8d4e82a3980703671cf2a41367
d50809324232d2a2892f2824ea4cd85099dc6e631aac62e670f9038bcc0d1b23
d79e199e083a1a82dd3f32be9907a8b5d6e2c2eec926cd2445bebd8e4a530255
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
dfa1ecdb69b9ee93e87159bfcd4ad2b1248a7de0d6346fd42e0b600723ae7b6b
e1b4343ccade4743a4d78ac6bb6a0d36e1973c65d465d9637d67012a93f81c0d
e1b901586d2dba4cbb94e0ebd2edc28366164be66b6c5c6ca365f2b1cbc6d309
e2e69728a3eec972528637ad27347ae5abe392a63a286288dc696a3bfe84ef44
e33629c95618288f313b1eb8acfe58ba60a75b2a3c78bf48bf3e010a6978cc13
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fa2a7135f77ffe505e5f94a11ede65bd33136db10944c9ebe15ba2213bdfd8
e609d254e19d6a99ee71ffcf3bce31a7e9ed61886a48fcfffb8827d472a2c3d6
e67f227cae68c48f2271412359f3bd69ceece78f99db2759ce9c600be896f0eb
e86f42a5a355c36f087b40105a9cbd0d7c6998d37a4c89d6b87260dcde3b863d
e8d2c4e21d45d9a10ce1f2ad1d74d24334b148f1cf1f3a19091440eb4515729f
eb50c95bcfb3022df529e554b0e4b435de89bdb74578a0f4d687297802e46b3f
ebcd43274f956ef6d5c0f690695cc56c35a3a77180c9d1b80791febe4e27f601
ed593122d83695250071b25ba8d143c4ea86c55b6f8c1f5667522f06b3c075c2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f031d0330fa0902ad02a7158a8b4aa01cefacc0f4743ab7b78f4ed517723d130
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f46595b05dbbc6fb6a8f6b66965ad44bd8f83de5304073189fc26114faa5b7ef
f4981a8a8824bf46461515a00b8909a3207f489625d39ada0d147cc903c91516
f4a158eeb5dc7db4add5c7f06477ecd06bc77c8b505492109ea60598ce8d05eb
f4fc9cc1658caa314918ae5cb876df5fd893fa78bef4d192d08f9f9bbb4c1fa8
f7801f6db6a53f2b27d1560d374a408e70201b5c09b58b6e9098a8512cd6380c
f96eee64e6089d31455cbb26a8222e4e5220eb52ef8c53be291027fcebab40fd
fa0aafbd3c71c9a0f1cdc69c9c1a6f53d7c067462aedc91f60bfc30c92abd227
fb3ca98cfecd7a2824a4a85769b570933d03fa159b378718de5869b28460ef72
fbe8c4a4270e631a97fd64b304b9926834c9b89971573ec2c119c3e05925fc73
fc31b1328d6c7b1703ed71d30deae52dabf39b639cad2c278ad9d9dd825b214a
ff252c24b32aa7ee418051e6a35c58d68b9d5827d4584818ddfc1fe3fc6019e9