leekangw.github.io Open in urlscan Pro
2606:50c0:8002::153 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://leekangw.github.io/
Effective URL:
https://leekangw.github.io/
Submission: On February 02 via api (February 2nd 2024, 8:39:23 am UTC) from US — Scanned from DE

Summary HTTP 148 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 43 IPs in 6 countries across 27 domains to perform 148 HTTP transactions. The main IP is 2606:50c0:8002::153, located in United States and belongs to FASTLY, US. The main domain is leekangw.github.io.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 21st 2023. Valid for: a year.

This is the only time leekangw.github.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:50c0:800... 2606:50c0:8003::153	54113 (FASTLY) (FASTLY)
6	2606:50c0:800... 2606:50c0:8002::153	54113 (FASTLY) (FASTLY)
24	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::15	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6 8	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
4 8	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
8	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:21f... 2600:9000:21f3:2400:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
4	88.99.165.19 88.99.165.19	24940 (HETZNER-AS) (HETZNER-AS)
1	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.64.122.89 104.64.122.89	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	159.69.70.9 159.69.70.9	24940 (HETZNER-AS) (HETZNER-AS)
1	18.66.192.112 18.66.192.112	16509 (AMAZON-02) (AMAZON-02)
1	2a0b:4d07:102::1 2a0b:4d07:102::1	44239 (PROINITY ...) (PROINITY PROINITY)
2	91.121.248.44 91.121.248.44	16276 (OVH) (OVH)
1	18.134.223.160 18.134.223.160	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
1	2.23.68.89 2.23.68.89	16625 (AKAMAI-AS) (AKAMAI-AS)
1	65.9.86.121 65.9.86.121	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:26d... 2600:9000:26db:fe00:a:deb0:3380:93a1	16509 (AMAZON-02) (AMAZON-02)
6	184.30.20.47 184.30.20.47	16625 (AKAMAI-AS) (AKAMAI-AS)
1	108.138.36.89 108.138.36.89	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.53 99.86.4.53	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
3	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	52.28.104.40 52.28.104.40	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	13.42.93.91 13.42.93.91	16509 (AMAZON-02) (AMAZON-02)
148	43

1 2606:50c0:8003::153 (United States) 1 redirects

ASN54113 (FASTLY, US)

leekangw.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)

leekangw.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::15 (United States)

ASN15169 (GOOGLE, US)

hits.seeyoufarm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.64.151.101 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.46 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:2400:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.166 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.99.165.19 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.19.165.99.88.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.64.122.89 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-122-89.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 159.69.70.9 (Nuremberg, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.9.70.69.159.clients.your-server.de

hal900017.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-112.muc50.r.cloudfront.net

ajs-assets.ftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:102::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

adv.office-partner.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.121.248.44 (Paris, France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.134.223.160 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-223-160.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.198 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.23.68.89 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-68-89.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.86.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-121.ams1.r.cloudfront.net

agen-assets.ftstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26db:fe00:a:deb0:3380:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 184.30.20.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-47.deploy.static.akamaitechnologies.com

cdn.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stat.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.36.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-89.muc50.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-53.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.104.40 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-104-40.eu-central-1.compute.amazonaws.com

ad-events.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.42.93.91 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-42-93-91.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	466 KB
23	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 309589	93 KB
20	criteo.net static.criteo.net — Cisco Umbrella Rank: 657 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9386 csm.eu.criteo.net — Cisco Umbrella Rank: 8850	134 KB
9	flashtalking.com servedby.flashtalking.com — Cisco Umbrella Rank: 954 cdn.flashtalking.com — Cisco Umbrella Rank: 1296 ad-events.flashtalking.com — Cisco Umbrella Rank: 1404 stat.flashtalking.com — Cisco Umbrella Rank: 1445 secure.flashtalking.com — Cisco Umbrella Rank: 2387	157 KB
8	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 38309 hal900017.redintelligence.net — Cisco Umbrella Rank: 247115	57 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	4 KB
7	github.io 1 redirects leekangw.github.io	201 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	6 KB
6	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	393 KB
5	gstatic.com fonts.gstatic.com	81 KB
4	ad-score.com js.ad-score.com — Cisco Umbrella Rank: 3066 data.ad-score.com — Cisco Umbrella Rank: 2906	161 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	340 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 28599 api.webgains.io — Cisco Umbrella Rank: 69568	19 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8778 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10462 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15704	59 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	195 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	medialead.de pv.medialead.de — Cisco Umbrella Rank: 41332	687 B
2	ftstatic.com ajs-assets.ftstatic.com — Cisco Umbrella Rank: 1744 agen-assets.ftstatic.com — Cisco Umbrella Rank: 1473	29 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 69384	437 B
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 16092	702 B
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 55633	2 KB
1	office-partner.de adv.office-partner.de — Cisco Umbrella Rank: 148117	923 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	5 KB
1	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 2006	581 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2029	256 B
1	seeyoufarm.com hits.seeyoufarm.com — Cisco Umbrella Rank: 551424	1 KB
148	27

	Domain	Requested by
24	pagead2.googlesyndication.com	leekangw.github.io pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
10	imageproxy.eu.criteo.net	ads.eu.criteo.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	static.criteo.net	ads.eu.criteo.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
7	leekangw.github.io	1 redirects leekangw.github.io cdn.jsdelivr.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	cdn.jsdelivr.net	leekangw.github.io cdn.jsdelivr.net
5	fonts.gstatic.com	fonts.googleapis.com
4	hal900017.redintelligence.net	1 redirects googleads.g.doubleclick.net hal900017.redintelligence.net
4	hal9000.redintelligence.net	googleads.g.doubleclick.net hal900017.redintelligence.net
4	www.googletagmanager.com	leekangw.github.io adv.office-partner.de www.googletagmanager.com
3	stat.flashtalking.com
3	data.ad-score.com	js.ad-score.com
3	ad.doubleclick.net	googleads.g.doubleclick.net 8019191.fls.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
2	api.webgains.io	analytics.webgains.io
2	ad-events.flashtalking.com
2	cdn.flashtalking.com	ajs-assets.ftstatic.com leekangw.github.io
2	8019191.fls.doubleclick.net	1 redirects leekangw.github.io
2	pv.medialead.de	hal900017.redintelligence.net googleads.g.doubleclick.net
2	csm.eu.criteo.net	ads.eu.criteo.com
2	fonts.googleapis.com	leekangw.github.io hal900017.redintelligence.net
1	secure.flashtalking.com
1	www.google.com	tpc.googlesyndication.com
1	adservice.google.com	8019191.fls.doubleclick.net
1	cdn.track.production.webgains.team	googleads.g.doubleclick.net
1	analytics.webgains.io	track.webgains.com
1	js.ad-score.com	ajs-assets.ftstatic.com
1	agen-assets.ftstatic.com	ajs-assets.ftstatic.com
1	www.awin1.com	googleads.g.doubleclick.net
1	track.webgains.com	leekangw.github.io
1	adv.office-partner.de	hal900017.redintelligence.net
1	ajs-assets.ftstatic.com	servedby.flashtalking.com
1	servedby.flashtalking.com	googleads.g.doubleclick.net
1	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	secure-gl.imrworldwide.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	region1.google-analytics.com	www.googletagmanager.com
1	hits.seeyoufarm.com	leekangw.github.io
148	44

This site contains links to these domains. Also see Links.

Domain
hits.seeyoufarm.com
github.com
twitter.com
jekyllrb.com

Subject Issuer	Validity	Valid
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
hits.seeyoufarm.com GTS CA 1D4	`2024-01-04` - `2024-04-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.imrworldwide.com GlobalSign RSA OV SSL CA 2018	`2024-01-02` - `2025-02-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-27` - `2024-03-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
redintelligence.net R3	`2023-12-13` - `2024-03-12`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-08` - `2024-03-03`	3 months	crt.sh
servedby.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-09-14` - `2024-09-14`	a year	crt.sh
*.ftstatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-03-08`	a year	crt.sh
adv.office-partner.de R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
pv.medialead.de R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh
*.webgains.com Amazon RSA 2048 M01	`2023-05-15` - `2024-06-13`	a year	crt.sh
www.awin1.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-10` - `2025-01-10`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2023-09-02` - `2024-10-03`	a year	crt.sh
cdn.flashtalking.com DigiCert TLS RSA SHA256 2020 CA1	`2023-05-04` - `2024-05-03`	a year	crt.sh
*.webgains.io Amazon RSA 2048 M01	`2023-07-24` - `2024-08-22`	a year	crt.sh
cdn.track.production.webgains.team Amazon RSA 2048 M03	`2023-08-30` - `2024-09-27`	a year	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
ad-events.flashtalking.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-17` - `2024-09-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 20 frames:

Primary Page: https://leekangw.github.io/
Frame ID: B36B501FB603483CCEA0CBA2556DB2DE
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/zrt_lookup_inhead_fy2021.html?hello=world
Frame ID: E91D313288EEDFF6081990F7966C0F82
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&adk=1812271804&adf=3025194257&lmt=1698915193&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fleekangw.github.io%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158782&bpp=20&bdt=116&idt=197&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4106480496177&frm=20&pv=2&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=208
Frame ID: 231091D8C6700CFE6AD102430E76B680
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=600&slotname=3225019129&adk=4081495040&adf=1200720800&pi=t.ma~as.3225019129&w=212&fwrn=4&fwrnh=100&lmt=1698915193&rafmt=1&format=212x600&url=https%3A%2F%2Fleekangw.github.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158802&bpp=7&bdt=135&idt=193&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=24&ady=619&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=201
Frame ID: DFA5E91E6E5085F258E2FC1049C96956
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=140&slotname=9466993845&adk=236759356&adf=336455553&pi=t.ma~as.9466993845&w=858&lmt=1698915193&rafmt=11&format=858x140&url=https%3A%2F%2Fleekangw.github.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158809&bpp=5&bdt=143&idt=204&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C212x600&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=338&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
Frame ID: FD640FC19DC191C5559016020889A179
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=140&slotname=9466993845&adk=236759356&adf=3694931959&pi=t.ma~as.9466993845&w=858&lmt=1698915193&rafmt=11&format=858x140&url=https%3A%2F%2Fleekangw.github.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158816&bpp=5&bdt=150&idt=202&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C212x600%2C858x140&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=338&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=207
Frame ID: 008CB221AFC4B80FECB0DE167900A2FC
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbyqNwAAcXgIFVp9AAUeFUHYRr7OB2suB08j4Q&u=%7CjlT0%2FacZ0%2BrfgwbWbqzYdz666K9Wk3IV9G0hbC0fSCI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2ziwMkVTe5fvUdz0zx8syQO6EFFgYV5fN6mzW3clqtoRdM7w-kiJkGTKuhDuqX_cO_5JT9Jd6h25ouUu06fvnNJ5NSbS0CWduX_SgEgyCth-BRkSfbbbSDmc92TfYnfWybwNynyqDm9yaSj4iOtd8gxLNvYYYNEQB3Kqp2vD7WrtTTfj8qjDqNF3CdfXPFNv_MAk7pIMEPdP6HvNiwYAIq08jtRYyahp2PEwnFCgzajsj5rqtHlmV9cQUcQFbMPq8Zj0COnS5HzEt8T8uIrjyv6ggh0lP9fIjAEYOmEjFtVaZy3SF4jQy490T732iZtc-8711eh_-ZsH9Jwf7BWKitBwxGHsBmgI_iDCRx-QZk3Z4hPARwXW-GQa5v_rc2aF7O8oIMmESA56AMtHqTN-Km81x7I1nRCHEqpc38g_UqBE61thm5KfI0GA1_zKM5ikUB76NHVMLOJ-s7TcLVh2u-2c2bv0C-PMXf0zXtRCuFuyLxWNqBcVPFAEhyKG0b6XGqHWG3rwLZI6GFxzhDO9U9jDVKxd_y3NLazZKm3_9hB8mNrQKf0UGQZDZ4lwFamIm1HLcGwbyI1YLBdLOB3PZcoWwmmOrkND4kw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC25OzN6q8ZfjiAf201fAPlbyU4AfJntKxXPXqoYaIAcCNtwEQASAAYJXi9YGUB4IBF2NhLXB1Yi00NjEyMTYyMTg1MjA5NzEzyAEJqQI9mh0vtj2yPqgDAcgDAqoE5QFP0HZq3arw_MaJeYcozaXeeYxqVXErZUoXXQHY9RalPFgx_-x_SYvBqEwoSud4SeXPxVR7OEABDCJTwhVFWhSHdRO6IMHnBahUhOLYJHqaqCA9VJHmuhxCUHeBfh76eonmFw5eu7h8kpLWsMostAK4p-mIxckRGBYMGKD-7HM82sLEXA-fKy9XShnATcJXam1JR-KA1lpg7NgeuRqau8Gk3ALkwyj9ivRfoFVcY1Ql_OznDLYiVdTOkzVzndPJPbMWyu-HCE8rS5W-rvNS4xv8KQVyfVjt840a76reWEaRyLbd5aWqgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIIwiA4YAQEAEyAqoCOgiAQICAhICABEi9_cE6WNP8l-KgjIQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bZ7MdkTIsw0KPV4NX4g0PZlG5mw%26client%3Dca-pub-4612162185209713%26adurl%3D
Frame ID: 7EF582607357EA240B24A1E2F7C47BC8
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVkXjz7RsaQ-BSHOW6QpQhsWwkzMNWnevF5VrLbbU-F9H6trsbOBVEfUjyhAzFR8gM6MqG5IWQmBtqRfgxOwhB1Ou8gNDN2lv5tmyuMzzJXYveIXB8tw3sYrFqK1-jpvw1PlQw_WEpXdhZHgBYir8QE_06JsbRJOWBH6z02Mt5z3piK9RY
Frame ID: D940E745FD192AF3DA42305D38C0423C
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: B8B055295261D1980C717D81A25D76E9
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQY_MqegAIwAQ&v=APEucNXBUeJoyQ3-5YfODQhc8jhtCaLhjzYoTuF79givg4JntohQMKzWn8lcn7GcD3nnuLiI1IhjzPwx_Q7oi9i7AFxbgz5esKpSawf5X64G-GYRaVRXiqCvqCbhen71NTJocXhBrdGObHCtcMej3ETOczv5-V_Z86ghlgh_Z1l8sdNwRX2IafA
Frame ID: EFE2A8A1781E80146591C65A04B323A0
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: B486783986CDA39C44BDC1591052A65D
Requests: 34 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 956AFECA5811F72BDC883D1DE9373DB1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 16E72421762B5D6E7C43F633C9068136
Requests: 3 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 2DA46C752E0CA841E979BC24C1A10E7C
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873e27022e22519b6a9?subid=29308200044990004444550012588017&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: 4F95ED2611A5689DC8B177079964DA8F
Requests: 1 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJSq2uKgjIQDFaZgHgIdCwEC6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=509913104931.9627
Frame ID: 15AB2E3A59616EE6FEA68763420CB4EC
Requests: 3 HTTP requests in this frame

Frame: https://hal900017.redintelligence.net/request_content.php?s=29308200044990004444550012588017&a=87b7803a
Frame ID: 940B6E12F473DBD49648DF61F702186F
Requests: 6 HTTP requests in this frame

Frame: data://truncated
Frame ID: DA10035B0B36D96B3DBA1E1C15F0179F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1A979336C2BD22462670B7A55AE85FCE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C5E2F4636C28000F1E0FE3C534817ABB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Night's Devlog

Page URL History Show full URLs

http://leekangw.github.io/ HTTP 301
https://leekangw.github.io/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

GitHub Pages (CDN) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.github\.io

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

148
Requests

92 %
HTTPS

53 %
IPv6

27
Domains

44
Subdomains

43
IPs

6
Countries

2399 kB
Transfer

5892 kB
Size

18
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://hits.seeyoufarm.com/

Search URL Search Domain Scan URL

URL: https://github.com/LeeKangW

Search URL Search Domain Scan URL

URL: https://twitter.com/

Search URL Search Domain Scan URL

URL: https://jekyllrb.com/
Title: Jekyll

Search URL Search Domain Scan URL

URL: https://github.com/cotes2020/jekyll-theme-chirpy
Title: Chirpy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://leekangw.github.io/ HTTP 301
https://leekangw.github.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENIntpGz4fVwcSSgttHiTLw&google_cver=1

Request Chain 47

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbyqN3wBc1t6GDVleKmKmgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJiLZBSAKRRiKs0DaLKfPwc&google_cver=1

Request Chain 48

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEC6LhxamCi9Smj-63LYKINg&google_cver=1

Request Chain 49

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA2MjU2MzMzNjk1Mzc5MjYzMw%3D%3D

Request Chain 59

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJiLZBSAKRRiKs0DaLKfPwc&google_cver=1

Request Chain 60

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbyqN3wBc1t6GDVleKmKmgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJiLZBSAKRRiKs0DaLKfPwc&google_cver=1

Request Chain 61

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGncb61vSrlAFxg6VSEPjiY&google_cver=1

Request Chain 62

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA2MjU2MzMzNjk1Mzc5MjYzMw%3D%3D

Request Chain 93

https://hal900017.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=be6138669f&subid=&uid=0849b6d46c3faf6c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCF3vTN6q8ZZCEB7Gs2OMP2PGtsAim5b2gaYWVnKfJD_AuEAEgrZWljgFgleL1gZQHyAEJqQI9mh0vtj2yPqgDAcgDmwSqBJACT9B1uvcvtYcisByHHEkaWvS8KGonj-MpP5bdgaa5pL8TUMwuX9uJm462Jn_Q8IG6XViPRW_0oW5qDmQFM2N8u2cnh7djFA5QUZ0hSBIzYZL5axHHbJZDWDx6otDVIx4erQkxgK2swwYF3LYVwXtmLWL_5z_6vx96Uwv4JR-RffD8vtLS6FGJcEG8egXeCr-lJLn0OpHqruA16XaOcnxLqku5gBwm4VKnToCwwMCQhUQJ_i5juntn1OMiIQDh2HJ8QlmQ_FfT7W9jdI2yboN7CSlbWJz7210WxFtYA_92HkIgisnHMvLHgibniadH-TUU03EljGPzJ2dgj1i7w9MixwjNyYnsadl0nh8QM5yPsSLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJQiA4YAQEAEYHzICqgI6CIBAgICEgIAESL39wTpYkqaZ4qCMhAOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_btBCkdBJcpuxv95na9ATpSpiF0RBGWCqVLaJ9WcyRS2kYztTAB-OMM7GZOuaGAhHF5saiMoIWUgTK96tdH9AXsMWT1Z6sSWGi40YAQ%26sig%3DAOD64_0z-qQSYDrq_77tkaUXP1UirofYTw%26client%3Dca-pub-4612162185209713%26dbm_c%3DAKAmf-AWXOQ38TJeIGnUPPInn1Pl-7RSl2M-Se01O-4bVK8iHD5EFgTk-EQc9Qa4sQtpYLjWykSSVsMh_yz7Nchc4FWg1V4dlDziU1bgR0e1x4GmQx5fJELu9UGa7zxUT1X0Sq8MqohsZNBEaBQ7h8XIdKuaakNqtGL4iiVRSrm9VSfrJd-ZaDQ%26cry%3D1%26dbm_d%3DAKAmf-AOWv6YlVCEIQCANn5Ty4DdvxEm5n9U10GLM8w-6pk5SuGvMmFjqIIvLewtW82RH9eG3_Y3qPMIndxze2QEBhnoz9Vzy_XMYYQP1NgH7NbtI_Spt4p-naqLL3jgYYdAuSF3m2G6FG__MVns-Iu_Ws7NfQYVEgh44NaKlZzkLj5nWzR_Tm859-RPjq1gv55pH6DxeYH22RGFdmth8rOrBnlgdtnur16PhOgeJ_CJPQd6LmiAS6xn81s7fVihJrLOtM5wfXqv6nuLICMuhYEY4t5o_lUHph4nOcTR8HdK8lLGSzHsFy_U1bGaACPGka562_Bhw600nHgXXatluoM9QtjuixwrH0NQNtHr4CPxYlpbHosA5nlqU0P0Lremo0ZhwLxvm9OpIEWXJgDAEKqkmkyChggVtdpF2DJx9r3B8PDQp5sZ3X0jOUtn6zcObXF-MUbHF7XWq7UDGYYptD3We-ZAXgu1jF0jHB6TkU7njs9F7HsJP3mqldHbGFygZPbEQlapkirhlIvv-frQ7LjCoVGVUD4smRN9TfsppP8EnLI25eBnN3adRKJ3EPKzumcp3vp4-4Pm%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4612162185209713%26output%3Dhtml%26h%3D140%26slotname%3D9466993845%26adk%3D236759356%26adf%3D3694931959%26pi%3Dt.ma~as.9466993845%26w%3D858%26lmt%3D1698915193%26rafmt%3D11%26format%3D858x140%26url%3Dhttps%253A%252F%252Fleekangw.github.io%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1706863158816%26bpp%3D5%26bdt%3D150%26idt%3D202%26shv%3Dr20240131%26mjsv%3Dm202401290101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C212x600%252C858x140%26nras%3D1%26correlator%3D4106480496177%26frm%3D20%26pv%3D1%26ga_vid%3D1863963592.1706863159%26ga_sid%3D1706863159%26ga_hid%3D838409285%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D338%26ady%3D1764%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C44809004%252C31080826%252C95322180%252C95323007%26oid%3D2%26pvsid%3D989059356523449%26tmod%3D1338357150%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26dtd%3D207&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fleekangw.github.io&random=3493803717467&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal900017.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=be6138669f&subid=&uid=0849b6d46c3faf6c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCF3vTN6q8ZZCEB7Gs2OMP2PGtsAim5b2gaYWVnKfJD_AuEAEgrZWljgFgleL1gZQHyAEJqQI9mh0vtj2yPqgDAcgDmwSqBJACT9B1uvcvtYcisByHHEkaWvS8KGonj-MpP5bdgaa5pL8TUMwuX9uJm462Jn_Q8IG6XViPRW_0oW5qDmQFM2N8u2cnh7djFA5QUZ0hSBIzYZL5axHHbJZDWDx6otDVIx4erQkxgK2swwYF3LYVwXtmLWL_5z_6vx96Uwv4JR-RffD8vtLS6FGJcEG8egXeCr-lJLn0OpHqruA16XaOcnxLqku5gBwm4VKnToCwwMCQhUQJ_i5juntn1OMiIQDh2HJ8QlmQ_FfT7W9jdI2yboN7CSlbWJz7210WxFtYA_92HkIgisnHMvLHgibniadH-TUU03EljGPzJ2dgj1i7w9MixwjNyYnsadl0nh8QM5yPsSLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJQiA4YAQEAEYHzICqgI6CIBAgICEgIAESL39wTpYkqaZ4qCMhAOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_btBCkdBJcpuxv95na9ATpSpiF0RBGWCqVLaJ9WcyRS2kYztTAB-OMM7GZOuaGAhHF5saiMoIWUgTK96tdH9AXsMWT1Z6sSWGi40YAQ%26sig%3DAOD64_0z-qQSYDrq_77tkaUXP1UirofYTw%26client%3Dca-pub-4612162185209713%26dbm_c%3DAKAmf-AWXOQ38TJeIGnUPPInn1Pl-7RSl2M-Se01O-4bVK8iHD5EFgTk-EQc9Qa4sQtpYLjWykSSVsMh_yz7Nchc4FWg1V4dlDziU1bgR0e1x4GmQx5fJELu9UGa7zxUT1X0Sq8MqohsZNBEaBQ7h8XIdKuaakNqtGL4iiVRSrm9VSfrJd-ZaDQ%26cry%3D1%26dbm_d%3DAKAmf-AOWv6YlVCEIQCANn5Ty4DdvxEm5n9U10GLM8w-6pk5SuGvMmFjqIIvLewtW82RH9eG3_Y3qPMIndxze2QEBhnoz9Vzy_XMYYQP1NgH7NbtI_Spt4p-naqLL3jgYYdAuSF3m2G6FG__MVns-Iu_Ws7NfQYVEgh44NaKlZzkLj5nWzR_Tm859-RPjq1gv55pH6DxeYH22RGFdmth8rOrBnlgdtnur16PhOgeJ_CJPQd6LmiAS6xn81s7fVihJrLOtM5wfXqv6nuLICMuhYEY4t5o_lUHph4nOcTR8HdK8lLGSzHsFy_U1bGaACPGka562_Bhw600nHgXXatluoM9QtjuixwrH0NQNtHr4CPxYlpbHosA5nlqU0P0Lremo0ZhwLxvm9OpIEWXJgDAEKqkmkyChggVtdpF2DJx9r3B8PDQp5sZ3X0jOUtn6zcObXF-MUbHF7XWq7UDGYYptD3We-ZAXgu1jF0jHB6TkU7njs9F7HsJP3mqldHbGFygZPbEQlapkirhlIvv-frQ7LjCoVGVUD4smRN9TfsppP8EnLI25eBnN3adRKJ3EPKzumcp3vp4-4Pm%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4612162185209713%26output%3Dhtml%26h%3D140%26slotname%3D9466993845%26adk%3D236759356%26adf%3D3694931959%26pi%3Dt.ma~as.9466993845%26w%3D858%26lmt%3D1698915193%26rafmt%3D11%26format%3D858x140%26url%3Dhttps%253A%252F%252Fleekangw.github.io%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1706863158816%26bpp%3D5%26bdt%3D150%26idt%3D202%26shv%3Dr20240131%26mjsv%3Dm202401290101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C212x600%252C858x140%26nras%3D1%26correlator%3D4106480496177%26frm%3D20%26pv%3D1%26ga_vid%3D1863963592.1706863159%26ga_sid%3D1706863159%26ga_hid%3D838409285%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D338%26ady%3D1764%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C44809004%252C31080826%252C95322180%252C95323007%26oid%3D2%26pvsid%3D989059356523449%26tmod%3D1338357150%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26dtd%3D207&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fleekangw.github.io&random=3493803717467&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 103

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=509913104931.9627 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CJSq2uKgjIQDFaZgHgIdCwEC6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=509913104931.9627

148 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
leekangw.github.io/
Redirect Chain

http://leekangw.github.io/
https://leekangw.github.io/

27 KB
8 KB

146ms
119ms

Document
text/html

2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://leekangw.github.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

dbcaaffb8316ec8f2e6ee6825a8bde4bfe9866993f5d6b30766ad0cb7f15146c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 0
cache-control: max-age=600
content-encoding: gzip
content-length: 7759
content-type: text/html; charset=utf-8
date: Fri, 02 Feb 2024 08:39:18 GMT
etag: W/"65436379-6abd"
expires: Fri, 02 Feb 2024 08:49:18 GMT
last-modified: Thu, 02 Nov 2023 08:53:13 GMT
permissions-policy: interest-cohort=()
server: GitHub.com
strict-transport-security: max-age=31556952
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-fastly-request-id: 83b1d3cf3146219c1d99b90771573b77750449d5
x-github-request-id: 5FF6:0EBE:436D3B3:44D51EC:65BCAA36
x-proxy-cache: MISS
x-served-by: cache-ams21043-AMS
x-timer: S1706863159.550319,VS0,VE107

Redirect headers

Accept-Ranges: bytes
Age: 0
Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Fri, 02 Feb 2024 08:39:18 GMT
Location: https://leekangw.github.io/
Server: GitHub.com
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-Cache-Hits: 0
X-Fastly-Request-ID: 803d6fcf6e1e771d671d668d734e97fd9b88d4a0
X-GitHub-Request-Id: 1A70:2C1448:3BCE959:3CFCDD8:65BCAA36
X-Served-By: cache-ams21040-AMS
X-Timer: S1706863158.408104,VS0,VE102
permissions-policy: interest-cohort=()

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
51 KB 73ms
50ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4612162185209713

Requested by

Host: leekangw.github.io
URL: https://leekangw.github.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bc7efc8c589298b44bb63c71158d9a15aa244ea977f90ecbceaa68c6601f565

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leekangw.github.io/
Origin: https://leekangw.github.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51370
x-xss-protection: 0
server: cafe
etag: 7038470704666981424
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 02 Feb 2024 08:39:18 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 48ms
24ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M41H0PRK7N

Requested by

Host: leekangw.github.io
URL: https://leekangw.github.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

28300c650d86a63c22733cac8b4ce85bd62c3029620d11742c0b12a98b6bb04b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leekangw.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93999
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 02 Feb 2024 08:39:18 GMT

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 54ms
29ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato&family=Source+Sans+Pro:wght@400;600;700;900&display=swap

Requested by

Host: leekangw.github.io
URL: https://leekangw.github.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a3dfc01bfefc0087efec74c8b50a7813e3c0a828d99867102d08a0afc8612fde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leekangw.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Feb 2024 08:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 08:39:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Feb 2024 08:39:18 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/ 190 KB
29 KB 42ms
21ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.2.3/dist/css/bootstrap.min.css

Requested by

Host: leekangw.github.io
URL: https://leekangw.github.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leekangw.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8045105
x-jsd-version: 5.2.3
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230083-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"2f955-d5HdHzFzoNYsw5wh0q1x/I2tDnI"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E2EO%2F0ZAOrGRqOzNZiAo2teD9cGh%2FTlB8QyEZMa2Q60DBvA3%2BtJC5XTJs5m4rri4kzemhXMYeHa6eOmTqYkDPSjMoR74PgRx0IIyypHAVQpsFgf5aQCVZZUvZvSvUrPpB8mL7qKiubWEqbyB3nE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84f11f75d8febbc8-FRA

GET
H2 200 all.min.css
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.4.0/css/ 100 KB
23 KB 40ms
19ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.4.0/css/all.min.css

Requested by

Host: leekangw.github.io
URL: https://leekangw.github.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leekangw.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5542180
x-jsd-version: 6.4.0
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230110-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"18e89-jAbYJznRSwlP9tkDYCGiUr0dmF0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uh%2FMMh3PX616tQTLGIp%2B%2F6gSA3orA3YDE7yIg7TGb1l5v7UR7Oynlm0UcPU8v5j0Tv8OtteKm%2FdffzOWU%2Bks2%2F9659cKbFQ6JYc3Ch3BLVc57KL24n8ZvR5VyWnXSeb1%2BFJGVuYbZA%2BxrITRQIo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84f11f75d8fbbbc8-FRA

GET
H2 200 style.css
leekangw.github.io/assets/css/ 67 KB
12 KB 120ms
115ms Stylesheet
text/css 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://leekangw.github.io/assets/css/style.css

Requested by

Host: leekangw.github.io
URL: https://leekangw.github.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

a03f17cc2800b943db9fc43b6922530bd460b6e0362ee23f087f8f5b13e528c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leekangw.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-fastly-request-id: 8356193fbe70206758e5721c61756200cf739db0
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Fri, 02 Feb 2024 08:39:18 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 12391
x-served-by: cache-ams21043-AMS
last-modified: Thu, 02 Nov 2023 08:53:13 GMT
server: GitHub.com
x-github-request-id: F9AE:364744:B6D35D:BAEE19:65BCAA36
x-timer: S1706863159.678095,VS0,VE101
etag: W/"65436379-10ddc"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Fri, 02 Feb 2024 08:49:18 GMT

GET
H2 200 blog_icon.jpg
leekangw.github.io/assets/img/ 53 KB
53 KB 137ms
133ms Image
image/jpeg 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://leekangw.github.io/assets/img/blog_icon.jpg

Requested by

Host: leekangw.github.io
URL: https://leekangw.github.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

8842a8f110d5266ec17ed32c20d373c1d5eff7c7143d04e42359474bfd5f54b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leekangw.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-fastly-request-id: 6566c0ba73ab934a398a01e418b716091289731c
strict-transport-security: max-age=31556952
date: Fri, 02 Feb 2024 08:39:18 GMT
via: 1.1 varnish
x-cache-hits: 0
age: 0
x-cache: MISS
x-proxy-cache: MISS
content-length: 53812
x-served-by: cache-ams21043-AMS
last-modified: Thu, 02 Nov 2023 08:50:20 GMT
server: GitHub.com
x-github-request-id: 5A98:EABB9:47A9DD4:4916CE5:65BCAA36
x-timer: S1706863159.678043,VS0,VE120
etag: "654362cc-d234"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Fri, 02 Feb 2024 08:49:18 GMT

GET
H2 200 badge.svg
hits.seeyoufarm.com/api/count/incr/ 936 B
1 KB 199ms
132ms Image
image/svg+xml 2001:4860:4802:32::15
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hits.seeyoufarm.com/api/count/incr/badge.svg?url=https%3A%2F%2Fleekangw.github.io&count_bg=%235A5A5A&title_bg=%2300C5FF&icon=&icon_color=%23000000&title=visitors&edge_flat=false

Requested by

Host: leekangw.github.io
URL: https://leekangw.github.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:32::15 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

5479c67bc793969961db0fba17823653327a1066e5f60f5d21c3a6dfd2f834ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubdomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leekangw.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:18 GMT
via: 1.1 google
strict-transport-security: max-age=2592000; includeSubdomains; preload
content-type: image/svg+xml
cache-control: no-cache, no-store, must-revalidate
content-length: 936
expires: 0

GET
H2 200 localizedFormat.min.js Show response
cdn.jsdelivr.net/combine/npm/jquery@3.7.0/dist/jquery.min.js,npm/bootstrap@5.2.3/dist/js/bootstrap.bundle.min.js,npm/simple-jekyll-search@1.10.0/dest/simple-jekyll-search.min.js,npm/lazysizes@5.3.2... 187 KB
63 KB 27ms
26ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/combine/npm/jquery@3.7.0/dist/jquery.min.js,npm/bootstrap@5.2.3/dist/js/bootstrap.bundle.min.js,npm/simple-jekyll-search@1.10.0/dest/simple-jekyll-search.min.js,npm/lazysizes@5.3.2/lazysizes.min.js,npm/dayjs@1.11.7/dayjs.min.js,npm/dayjs@1.11.7/locale/en.min.js,npm/dayjs@1.11.7/plugin/relativeTime.min.js,npm/dayjs@1.11.7/plugin/localizedFormat.min.js

Requested by

Host: leekangw.github.io
URL: https://leekangw.github.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c424026592e2f97ca179d813a8dfbe76cd156827b0253fcd071fb57310b111b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leekangw.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 686744
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-etou8220060-FRA, cache-lga21928-LGA
server: cloudflare
etag: W/"2ea52-3Tq/SgYbIPHYttWNgdWsmiMOZAc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1sw7%2FO9j6IC9D%2FhHit3B0Rwm%2BUcBWENfC2e6oRSaiX033gsCB9bHAd8%2FCHzwiUEXBaOb79yNOALRSRMDCCH38bs%2Bk%2BuN1ubCjUu16RZGo4PbNDGYj8j9mItYFWbW5w9viywJ87aqph3sUvewqDw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 84f11f7689b7bbc8-FRA

GET
H2 200 home.min.js Show response
leekangw.github.io/assets/js/dist/ 5 KB
2 KB 122ms
121ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://leekangw.github.io/assets/js/dist/home.min.js

Requested by

Host: leekangw.github.io
URL: https://leekangw.github.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

e7773570573ca08c633a1a379230b59dcd189a2e606fb05854c7019e23bd8c47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leekangw.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-fastly-request-id: 3977835b7575f4544ea287aa84290b90227b4909
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Fri, 02 Feb 2024 08:39:18 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 2049
x-served-by: cache-ams21043-AMS
last-modified: Thu, 02 Nov 2023 08:50:20 GMT
server: GitHub.com
x-github-request-id: 9AA8:EABB9:47A9E0B:4916D17:65BCAA36
x-timer: S1706863159.807335,VS0,VE107
etag: W/"654362cc-13df"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Fri, 02 Feb 2024 08:49:18 GMT

GET
H2 200 app.js Show response
leekangw.github.io/ 943 B
802 B 121ms
120ms Script
application/javascript 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://leekangw.github.io/app.js

Requested by

Host: leekangw.github.io
URL: https://leekangw.github.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

05093fc29b69f47176cef4de948ca4f1c22d7703b8ce2e20c2725cc2be62080d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leekangw.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-fastly-request-id: a5bdaaa74244acf1c6117b576eba83ad48761171
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Fri, 02 Feb 2024 08:39:18 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 406
x-served-by: cache-ams21043-AMS
last-modified: Thu, 02 Nov 2023 08:53:13 GMT
server: GitHub.com
x-github-request-id: 28A2:0EC1:49CD42F:4B421D9:65BCAA36
x-timer: S1706863159.807301,VS0,VE107
etag: W/"65436379-3af"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Fri, 02 Feb 2024 08:49:18 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
256 B 47ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-M41H0PRK7N&gtm=45je41v0v9132598213za200&_p=1706863158677&gcd=11l1l1l1l1&npa=0&dma_cps=sypham&dma=1&cid=1863963592.1706863159&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706863158&sct=1&seg=0&dl=https%3A%2F%2Fleekangw.github.io%2F&dt=Night%27s%20Devlog&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=391
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M41H0PRK7N
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leekangw.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://leekangw.github.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/ 406 KB
138 KB 92ms
69ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4612162185209713&plah=leekangw.github.io

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4612162185209713

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb3a20dbc5fc3dc1a19b35700732b894289142501dd5bbc2cf1a85a8ce8a57b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leekangw.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140908
x-xss-protection: 0
server: cafe
etag: 7665969183280553807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 08:39:18 GMT

GET
H2 200 zrt_lookup_inhead_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/ Frame E91D 9 KB
5 KB 54ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240131/r20190131/zrt_lookup_inhead_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4612162185209713

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4d94af534c700b4cc663a664528a8578fb4f73f09df71d98f331f70ae8f101b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leekangw.github.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 56546
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4202
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 01 Feb 2024 16:56:52 GMT
etag: 16527497774665505917
expires: Thu, 15 Feb 2024 16:56:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 44ms
9ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3iu4nwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato&family=Source+Sans+Pro:wght@400;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aee584e3d58344a41b190bb7b6e550f98ad3bb8e28fbc7ea6ddca22f0ef97183

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://leekangw.github.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:58:29 GMT
x-content-type-options: nosniff
age: 222049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14188
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:53:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 18:58:29 GMT

GET
H3 200 fa-solid-900.woff2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.4.0/webfonts/ 147 KB
147 KB 42ms
31ms Font
font/woff2 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.4.0/webfonts/fa-solid-900.woff2

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.4.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.4.0/css/all.min.css
Origin: https://leekangw.github.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5457947
x-jsd-version: 6.4.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 150124
x-served-by: cache-fra-eddf8230107-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"24a6c-a5mqZQvRKjbKoU4BJ0Ndj0zTunM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2FN8YJq08MKWZaewrSrjXNgLJB9sY6uguTeQA89oG6Th0qbctInOyaR7ai7gRZ%2BmFsv9t%2FxxHlm1Uqe8KwnjIdM69XEVUQZvw%2FOR0tsh6BoB9rSGZinOnRx9BJhkZFhRCfKUg4dnHD8YNq6Fix0%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84f11f7698833a85-FRA

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 55ms
20ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato&family=Source+Sans+Pro:wght@400;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://leekangw.github.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 07:59:08 GMT
x-content-type-options: nosniff
age: 261610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14824
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 07:59:08 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 60ms
56ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4612162185209713

Requested by

Host: leekangw.github.io
URL: https://leekangw.github.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3139d14c8cf6af557105bb9de05f1243643e37a619d8765df798bbc1d87b955

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leekangw.github.io/
Origin: https://leekangw.github.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51367
x-xss-protection: 0
server: cafe
etag: 4734346536356394278
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 02 Feb 2024 08:39:18 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 46ms
15ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato&family=Source+Sans+Pro:wght@400;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://leekangw.github.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 18:47:48 GMT
x-content-type-options: nosniff
age: 222690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 18:47:48 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
15 KB 34ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato&family=Source+Sans+Pro:wght@400;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://leekangw.github.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Wed, 31 Jan 2024 14:12:54 GMT
x-content-type-options: nosniff
age: 152784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Jan 2025 14:12:54 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 41ms
17ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato&family=Source+Sans+Pro:wght@400;600;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://leekangw.github.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Mon, 29 Jan 2024 22:07:30 GMT
x-content-type-options: nosniff
age: 297108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Jan 2025 22:07:30 GMT

GET
H3 200 fa-regular-400.woff2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.4.0/webfonts/ 24 KB
25 KB 25ms
24ms Font
font/woff2 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.4.0/webfonts/fa-regular-400.woff2

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.4.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e7e5ea1b15f62ab14dbd41768e8fbcd21cc859a4ea5da812457ee714299fb35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.4.0/css/all.min.css
Origin: https://leekangw.github.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7963469
x-jsd-version: 6.4.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 24948
x-served-by: cache-fra-eddf8230137-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"6174-+zY9J8/f5xokP6KsPasoFSMrm34"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1y9gJMrb3UOmjTOp7AX%2FILl9hamKK%2BTxi4Y986aROtpF%2Fc0cM2dmYdzpYFY0ow%2Fiz2NS4z36cJLEe4o59MtFqs1B2RvzC2FObjq9P1UhVq5zSsjWiLf8fvM5Fyx8JGUk6jq8SOkg4XSdh2NaRI%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84f11f7698893a85-FRA

GET
H3 200 fa-brands-400.woff2
cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.4.0/webfonts/ 105 KB
106 KB 54ms
53ms Font
font/woff2 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.4.0/webfonts/fa-brands-400.woff2

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.4.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/@fortawesome/fontawesome-free@6.4.0/css/all.min.css
Origin: https://leekangw.github.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7186491
x-jsd-version: 6.4.0
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 108020
x-served-by: cache-fra-eddf8230055-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"1a5f4-Q1D5upM4RjT6819BxQPJnHZ/EGk"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CJKx4L4cI6TKJ0h%2Fll%2FT7gktK5CD3N9uZVipQfp39wiBTF9MDyN7%2BUkj%2BKuHrjSfQ2Gsx%2FRfLqWlj609z7LonYX4Es%2FeaINUedP%2BNQd54X6GzCxHYgVUbLt%2FqgiliA244NiUbMbHj12Oaax5jFg%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84f11f7698863a85-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 277 KB
92 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M41H0PRK7N

Requested by

Host: leekangw.github.io
URL: https://leekangw.github.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

405ed26a3e42faec2b163b01c0b614c318138def8e32da3ad1b34bb76d0480eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leekangw.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94000
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 02 Feb 2024 08:39:18 GMT

GET
H2 200 search.json Show response
leekangw.github.io/assets/js/data/ 490 KB
125 KB 146ms
146ms XHR
application/json 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://leekangw.github.io/assets/js/data/search.json

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/combine/npm/jquery@3.7.0/dist/jquery.min.js,npm/bootstrap@5.2.3/dist/js/bootstrap.bundle.min.js,npm/simple-jekyll-search@1.10.0/dest/simple-jekyll-search.min.js,npm/lazysizes@5.3.2/lazysizes.min.js,npm/dayjs@1.11.7/dayjs.min.js,npm/dayjs@1.11.7/locale/en.min.js,npm/dayjs@1.11.7/plugin/relativeTime.min.js,npm/dayjs@1.11.7/plugin/localizedFormat.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

GitHub.com /

Resource Hash

689770f9f15ed9c68cfb8834c4473bb63cf8967ecd5b3b5930b6f4ff17ff5f4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leekangw.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-fastly-request-id: 70b9c9b6be2d938cd2b16425b4745a13c02534f9
strict-transport-security: max-age=31556952
content-encoding: gzip
via: 1.1 varnish
date: Fri, 02 Feb 2024 08:39:18 GMT
age: 0
x-cache: MISS
x-cache-hits: 0
x-proxy-cache: MISS
content-length: 127669
x-served-by: cache-ams21043-AMS
last-modified: Thu, 02 Nov 2023 08:53:13 GMT
server: GitHub.com
x-github-request-id: 595A:0EC1:49CD43F:4B421EB:65BCAA36
x-timer: S1706863159.852161,VS0,VE133
etag: W/"65436379-7a7a9"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
expires: Fri, 02 Feb 2024 08:49:18 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2310 0
159 B 237ms
236ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&adk=1812271804&adf=3025194257&lmt=1698915193&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fleekangw.github.io%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158782&bpp=20&bdt=116&idt=197&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4106480496177&frm=20&pv=2&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=208

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4612162185209713&plah=leekangw.github.io

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leekangw.github.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 08:39:19 GMT
expires: Fri, 02 Feb 2024 08:39:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DFA5 37 KB
15 KB 186ms
185ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=600&slotname=3225019129&adk=4081495040&adf=1200720800&pi=t.ma~as.3225019129&w=212&fwrn=4&fwrnh=100&lmt=1698915193&rafmt=1&format=212x600&url=https%3A%2F%2Fleekangw.github.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158802&bpp=7&bdt=135&idt=193&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=24&ady=619&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=201

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d965f3a9df7b66192bc96b3ff4aeb802189ac961c7710d33a00fec474a0335aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leekangw.github.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 15132
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 08:39:19 GMT
expires: Fri, 02 Feb 2024 08:39:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FD64 46 KB
17 KB 479ms
478ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=140&slotname=9466993845&adk=236759356&adf=336455553&pi=t.ma~as.9466993845&w=858&lmt=1698915193&rafmt=11&format=858x140&url=https%3A%2F%2Fleekangw.github.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158809&bpp=5&bdt=143&idt=204&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C212x600&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=338&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

343b94e49200f7c2ae4af0f2c9f5cc183b241d40c6e0854dd98b1fa142883736

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leekangw.github.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17892
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 08:39:19 GMT
expires: Fri, 02 Feb 2024 08:39:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 008C 43 KB
17 KB 429ms
429ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=140&slotname=9466993845&adk=236759356&adf=3694931959&pi=t.ma~as.9466993845&w=858&lmt=1698915193&rafmt=11&format=858x140&url=https%3A%2F%2Fleekangw.github.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158816&bpp=5&bdt=150&idt=202&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C212x600%2C858x140&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=338&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=207

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8ac0cec888fb8419bc7420359d82bc6e0de8f2accc8edec1ad701d7bbddc529

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leekangw.github.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17183
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 08:39:19 GMT
expires: Fri, 02 Feb 2024 08:39:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame DFA5 3 KB
1 KB 342ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=600&slotname=3225019129&adk=4081495040&adf=1200720800&pi=t.ma~as.3225019129&w=212&fwrn=4&fwrnh=100&lmt=1698915193&rafmt=1&format=212x600&url=https%3A%2F%2Fleekangw.github.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158802&bpp=7&bdt=135&idt=193&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=24&ady=619&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=201

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 23:32:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32785
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Feb 2024 23:32:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame DFA5 20 KB
9 KB 341ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 16:28:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Feb 2024 16:28:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame DFA5 205 KB
65 KB 406ms
73ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66348
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706704584918460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 08:39:19 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 7EF5 189 KB
59 KB 397ms
67ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbyqNwAAcXgIFVp9AAUeFUHYRr7OB2suB08j4Q&u=%7CjlT0%2FacZ0%2BrfgwbWbqzYdz666K9Wk3IV9G0hbC0fSCI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2ziwMkVTe5fvUdz0zx8syQO6EFFgYV5fN6mzW3clqtoRdM7w-kiJkGTKuhDuqX_cO_5JT9Jd6h25ouUu06fvnNJ5NSbS0CWduX_SgEgyCth-BRkSfbbbSDmc92TfYnfWybwNynyqDm9yaSj4iOtd8gxLNvYYYNEQB3Kqp2vD7WrtTTfj8qjDqNF3CdfXPFNv_MAk7pIMEPdP6HvNiwYAIq08jtRYyahp2PEwnFCgzajsj5rqtHlmV9cQUcQFbMPq8Zj0COnS5HzEt8T8uIrjyv6ggh0lP9fIjAEYOmEjFtVaZy3SF4jQy490T732iZtc-8711eh_-ZsH9Jwf7BWKitBwxGHsBmgI_iDCRx-QZk3Z4hPARwXW-GQa5v_rc2aF7O8oIMmESA56AMtHqTN-Km81x7I1nRCHEqpc38g_UqBE61thm5KfI0GA1_zKM5ikUB76NHVMLOJ-s7TcLVh2u-2c2bv0C-PMXf0zXtRCuFuyLxWNqBcVPFAEhyKG0b6XGqHWG3rwLZI6GFxzhDO9U9jDVKxd_y3NLazZKm3_9hB8mNrQKf0UGQZDZ4lwFamIm1HLcGwbyI1YLBdLOB3PZcoWwmmOrkND4kw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC25OzN6q8ZfjiAf201fAPlbyU4AfJntKxXPXqoYaIAcCNtwEQASAAYJXi9YGUB4IBF2NhLXB1Yi00NjEyMTYyMTg1MjA5NzEzyAEJqQI9mh0vtj2yPqgDAcgDAqoE5QFP0HZq3arw_MaJeYcozaXeeYxqVXErZUoXXQHY9RalPFgx_-x_SYvBqEwoSud4SeXPxVR7OEABDCJTwhVFWhSHdRO6IMHnBahUhOLYJHqaqCA9VJHmuhxCUHeBfh76eonmFw5eu7h8kpLWsMostAK4p-mIxckRGBYMGKD-7HM82sLEXA-fKy9XShnATcJXam1JR-KA1lpg7NgeuRqau8Gk3ALkwyj9ivRfoFVcY1Ql_OznDLYiVdTOkzVzndPJPbMWyu-HCE8rS5W-rvNS4xv8KQVyfVjt840a76reWEaRyLbd5aWqgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIIwiA4YAQEAEyAqoCOgiAQICAhICABEi9_cE6WNP8l-KgjIQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bZ7MdkTIsw0KPV4NX4g0PZlG5mw%26client%3Dca-pub-4612162185209713%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

eb449938e7af7411dcd1c436fbc293b05a3be79cb2368c656523f6a61239ec3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 08:39:18 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=7SYrc5ahXooD2a1cFimMUv0PhjREMt2m1CtMuHzf0CrpLL1tESN98FxPHlfMnHEuI4pLcXOiDBP244BXRSPz0mq1FV8uf2NsY0MhfO2bDmzoU_Y0M85ljeSOQ9LKC2gCCTaSAfda0Cjcjqoe0-3GhxX_y0bTgwNFlEEIyrBsmnRWryUGn770pV5c7yNc3hQmqIk8bZpB0ATmhNfBScpNAyuqXA7otc3C7dSvrCDsAhZdmVSh6vcPp7s9sXeAuheyStq4aA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 53400138
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D940 624 B
246 B 47ms
46ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVkXjz7RsaQ-BSHOW6QpQhsWwkzMNWnevF5VrLbbU-F9H6trsbOBVEfUjyhAzFR8gM6MqG5IWQmBtqRfgxOwhB1Ou8gNDN2lv5tmyuMzzJXYveIXB8tw3sYrFqK1-jpvw1PlQw_WEpXdhZHgBYir8QE_06JsbRJOWBH6z02Mt5z3piK9RY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=140&slotname=9466993845&adk=236759356&adf=3694931959&pi=t.ma~as.9466993845&w=858&lmt=1698915193&rafmt=11&format=858x140&url=https%3A%2F%2Fleekangw.github.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158816&bpp=5&bdt=150&idt=202&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C212x600%2C858x140&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=338&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=207

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=140&slotname=9466993845&adk=236759356&adf=3694931959&pi=t.ma~as.9466993845&w=858&lmt=1698915193&rafmt=11&format=858x140&url=https%3A%2F%2Fleekangw.github.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158816&bpp=5&bdt=150&idt=202&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C212x600%2C858x140&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=338&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=207
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 08:39:19 GMT
expires: Fri, 02 Feb 2024 08:39:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B8B0 93 KB
33 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 08:39:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame B8B0 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 23:32:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32785
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Feb 2024 23:32:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame B8B0 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 16:28:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Feb 2024 16:28:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B8B0 205 KB
65 KB 99ms
98ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66348
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706704584918460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 08:39:19 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B8B0 42 B
63 B 38ms
38ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DZA4fb3k1daM3vwMoyw5tXNKwh-F0Z0hp47xnHms-uT5rOheeu58zxEnRbAE192GgcvYwwMBahkCjVyb3qXNnhiDWJS5UBQ_V2AajIHlkoWvHQeQc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame EFE2 624 B
246 B 49ms
47ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQY_MqegAIwAQ&v=APEucNXBUeJoyQ3-5YfODQhc8jhtCaLhjzYoTuF79givg4JntohQMKzWn8lcn7GcD3nnuLiI1IhjzPwx_Q7oi9i7AFxbgz5esKpSawf5X64G-GYRaVRXiqCvqCbhen71NTJocXhBrdGObHCtcMej3ETOczv5-V_Z86ghlgh_Z1l8sdNwRX2IafA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=140&slotname=9466993845&adk=236759356&adf=336455553&pi=t.ma~as.9466993845&w=858&lmt=1698915193&rafmt=11&format=858x140&url=https%3A%2F%2Fleekangw.github.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158809&bpp=5&bdt=143&idt=204&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C212x600&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=338&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=140&slotname=9466993845&adk=236759356&adf=336455553&pi=t.ma~as.9466993845&w=858&lmt=1698915193&rafmt=11&format=858x140&url=https%3A%2F%2Fleekangw.github.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158809&bpp=5&bdt=143&idt=204&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C212x600&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=338&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 08:39:19 GMT
expires: Fri, 02 Feb 2024 08:39:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B486 93 KB
33 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=140&slotname=9466993845&adk=236759356&adf=336455553&pi=t.ma~as.9466993845&w=858&lmt=1698915193&rafmt=11&format=858x140&url=https%3A%2F%2Fleekangw.github.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158809&bpp=5&bdt=143&idt=204&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C212x600&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=338&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Fri, 02 Feb 2024 08:39:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame B486 3 KB
1 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=140&slotname=9466993845&adk=236759356&adf=336455553&pi=t.ma~as.9466993845&w=858&lmt=1698915193&rafmt=11&format=858x140&url=https%3A%2F%2Fleekangw.github.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158809&bpp=5&bdt=143&idt=204&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C212x600&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=338&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 23:32:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32785
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Feb 2024 23:32:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/ Frame B486 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240131/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=140&slotname=9466993845&adk=236759356&adf=336455553&pi=t.ma~as.9466993845&w=858&lmt=1698915193&rafmt=11&format=858x140&url=https%3A%2F%2Fleekangw.github.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158809&bpp=5&bdt=143&idt=204&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C212x600&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=338&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 16:28:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Feb 2024 16:28:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B486 205 KB
65 KB 85ms
83ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=140&slotname=9466993845&adk=236759356&adf=336455553&pi=t.ma~as.9466993845&w=858&lmt=1698915193&rafmt=11&format=858x140&url=https%3A%2F%2Fleekangw.github.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158809&bpp=5&bdt=143&idt=204&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C212x600&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=338&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66348
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706704584918460"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 02 Feb 2024 08:39:19 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B486 42 B
63 B 39ms
38ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DWsLSgB1HHhEbmktYpzlbDIgdX-O5XtHXapsmzu0XyydU9bU7XgbZzvoJTuAyccdiZm4W49JBSobwn-IvcfXObE7g8UXSphrbmYzrwxUESTCAiZ4s

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=140&slotname=9466993845&adk=236759356&adf=336455553&pi=t.ma~as.9466993845&w=858&lmt=1698915193&rafmt=11&format=858x140&url=https%3A%2F%2Fleekangw.github.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158809&bpp=5&bdt=143&idt=204&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C212x600&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=338&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame DFA5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8bdac9dd8e8e67f3a3bbcc7e232a336f72ed4934f7bd619f4bbe8c5e041fec1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame D940
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENIntpGz4fVwcSSgttHiTLw&google_cver=1

43 B
339 B

24ms
22ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENIntpGz4fVwcSSgttHiTLw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVkXjz7RsaQ-BSHOW6QpQhsWwkzMNWnevF5VrLbbU-F9H6trsbOBVEfUjyhAzFR8gM6MqG5IWQmBtqRfgxOwhB1Ou8gNDN2lv5tmyuMzzJXYveIXB8tw3sYrFqK1-jpvw1PlQw_WEpXdhZHgBYir8QE_06JsbRJOWBH6z02Mt5z3piK9RY
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8ZcwniLkfjRa5uOpOXkHsKnk%2BNdYc4hZFYuuLKRIH7OpwyT56eqb%2BlUzI%2FAGeJnU2zxC86VOJ%2FgAdOHlDoD7Atq7CvWmtEtS1xuM%2FJ0uaNzyzCq79JocOtWGnqtCmriOZaAGGi5stoanHA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84f11f7be9169176-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENIntpGz4fVwcSSgttHiTLw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D940
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbyqN3wBc1t6GDVleKmKmgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJiLZBSAKRRiKs0DaLKfPwc&google_cver=1

43 B
734 B

23ms
23ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJiLZBSAKRRiKs0DaLKfPwc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVkXjz7RsaQ-BSHOW6QpQhsWwkzMNWnevF5VrLbbU-F9H6trsbOBVEfUjyhAzFR8gM6MqG5IWQmBtqRfgxOwhB1Ou8gNDN2lv5tmyuMzzJXYveIXB8tw3sYrFqK1-jpvw1PlQw_WEpXdhZHgBYir8QE_06JsbRJOWBH6z02Mt5z3piK9RY
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l70GZqIbxeAdb52OWjIix3y16E1xxwdf5W1fgOhDq2F9U0ziBkfb0HLNu2fVqEwh%2BfTNDRNeam%2B6216JovcH%2BkLUJGyH%2B1lTMeI3lJQKwlOZ%2BF6Fd6z9h5lvP0tEqCrdgRTI5VWxb2ozng%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84f11f7cae6a049b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJiLZBSAKRRiKs0DaLKfPwc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame D940
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEC6LhxamCi9Smj-63LYKINg&google_cver=1

43 B
1 KB

15ms
14ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEC6LhxamCi9Smj-63LYKINg&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxj-rbvGATAB&v=APEucNVkXjz7RsaQ-BSHOW6QpQhsWwkzMNWnevF5VrLbbU-F9H6trsbOBVEfUjyhAzFR8gM6MqG5IWQmBtqRfgxOwhB1Ou8gNDN2lv5tmyuMzzJXYveIXB8tw3sYrFqK1-jpvw1PlQw_WEpXdhZHgBYir8QE_06JsbRJOWBH6z02Mt5z3piK9RY

Protocol

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
an-x-request-uuid: 03b89fd6-c730-47e8-889d-bdbd19b0e72f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 81.95.5.44; 81.95.5.44; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEC6LhxamCi9Smj-63LYKINg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D940
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA2MjU2MzMzNjk1Mzc5MjYzMw%3D%3D

170 B
188 B

17ms
16ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA2MjU2MzMzNjk1Mzc5MjYzMw%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
an-x-request-uuid: 97a537b8-b61f-410a-8cb1-c60600d08a37
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA2MjU2MzMzNjk1Mzc5MjYzMw%3D%3D
x-proxy-origin: 81.95.5.44; 81.95.5.44; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 7EF5 2 KB
1 KB 43ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbyqNwAAcXgIFVp9AAUeFUHYRr7OB2suB08j4Q&u=%7CjlT0%2FacZ0%2BrfgwbWbqzYdz666K9Wk3IV9G0hbC0fSCI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2ziwMkVTe5fvUdz0zx8syQO6EFFgYV5fN6mzW3clqtoRdM7w-kiJkGTKuhDuqX_cO_5JT9Jd6h25ouUu06fvnNJ5NSbS0CWduX_SgEgyCth-BRkSfbbbSDmc92TfYnfWybwNynyqDm9yaSj4iOtd8gxLNvYYYNEQB3Kqp2vD7WrtTTfj8qjDqNF3CdfXPFNv_MAk7pIMEPdP6HvNiwYAIq08jtRYyahp2PEwnFCgzajsj5rqtHlmV9cQUcQFbMPq8Zj0COnS5HzEt8T8uIrjyv6ggh0lP9fIjAEYOmEjFtVaZy3SF4jQy490T732iZtc-8711eh_-ZsH9Jwf7BWKitBwxGHsBmgI_iDCRx-QZk3Z4hPARwXW-GQa5v_rc2aF7O8oIMmESA56AMtHqTN-Km81x7I1nRCHEqpc38g_UqBE61thm5KfI0GA1_zKM5ikUB76NHVMLOJ-s7TcLVh2u-2c2bv0C-PMXf0zXtRCuFuyLxWNqBcVPFAEhyKG0b6XGqHWG3rwLZI6GFxzhDO9U9jDVKxd_y3NLazZKm3_9hB8mNrQKf0UGQZDZ4lwFamIm1HLcGwbyI1YLBdLOB3PZcoWwmmOrkND4kw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC25OzN6q8ZfjiAf201fAPlbyU4AfJntKxXPXqoYaIAcCNtwEQASAAYJXi9YGUB4IBF2NhLXB1Yi00NjEyMTYyMTg1MjA5NzEzyAEJqQI9mh0vtj2yPqgDAcgDAqoE5QFP0HZq3arw_MaJeYcozaXeeYxqVXErZUoXXQHY9RalPFgx_-x_SYvBqEwoSud4SeXPxVR7OEABDCJTwhVFWhSHdRO6IMHnBahUhOLYJHqaqCA9VJHmuhxCUHeBfh76eonmFw5eu7h8kpLWsMostAK4p-mIxckRGBYMGKD-7HM82sLEXA-fKy9XShnATcJXam1JR-KA1lpg7NgeuRqau8Gk3ALkwyj9ivRfoFVcY1Ql_OznDLYiVdTOkzVzndPJPbMWyu-HCE8rS5W-rvNS4xv8KQVyfVjt840a76reWEaRyLbd5aWqgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIIwiA4YAQEAEyAqoCOgiAQICAhICABEi9_cE6WNP8l-KgjIQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bZ7MdkTIsw0KPV4NX4g0PZlG5mw%26client%3Dca-pub-4612162185209713%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 08:39:19 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7EF5 2 KB
1 KB 44ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 08:39:19 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 7EF5 308 B
636 B 42ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:19 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 27 Jan 2025 08:39:19 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 7EF5 293 B
622 B 41ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:19 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 27 Jan 2025 08:39:19 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 7EF5 43 B
348 B 66ms
13ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=tk4wGFM5f0MUAg_BvTGjTYK_zXDcVApEEPcLmaJS0xFLGCWBMMwS_zgUZ8KnoFFjqTQELbkvsw7p1sI0HxV7asY8_e4EKuw2T_MGL5Gcois2DvqhwkCw0IBPG45GloEFYbQrGseMCh1BR7Ltz-WeHoKO75Qy-JImnGb6d14Lxid37eK36WsQ785Q5EL7MeDr4xuUSlJ_bD2_ZR3wIbXk27D4pEtjM7nF_0IYyAFJmv6KP0w-HAPyksBRangdZUXZ-7HaV6G9H2_2t7NtNIG7Q6A4NINer5TftCCgi5pBOOr5_Ra8d46MTHB6mSvOTc_0gJelyGhVLe6Ee7AcVHQefhr36uFUW1xKPqw7mCLoXq0DHycfRfa9OXxZOsTcRyayDPxRb90WLvUCIrrJzMcq1nXOTcM3Ah035TPYn23eXGCmoB-Bpd8IY283MiBOojoOO5SY6w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1586720
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 7EF5 44 B
581 B 86ms
33ms Image
image/gif 2600:9000:21f3:2400:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1706863159
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbyqNwAAcXgIFVp9AAUeFUHYRr7OB2suB08j4Q&u=%7CjlT0%2FacZ0%2BrfgwbWbqzYdz666K9Wk3IV9G0hbC0fSCI%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgNg2xIeFvE2ziwMkVTe5fvUdz0zx8syQO6EFFgYV5fN6mzW3clqtoRdM7w-kiJkGTKuhDuqX_cO_5JT9Jd6h25ouUu06fvnNJ5NSbS0CWduX_SgEgyCth-BRkSfbbbSDmc92TfYnfWybwNynyqDm9yaSj4iOtd8gxLNvYYYNEQB3Kqp2vD7WrtTTfj8qjDqNF3CdfXPFNv_MAk7pIMEPdP6HvNiwYAIq08jtRYyahp2PEwnFCgzajsj5rqtHlmV9cQUcQFbMPq8Zj0COnS5HzEt8T8uIrjyv6ggh0lP9fIjAEYOmEjFtVaZy3SF4jQy490T732iZtc-8711eh_-ZsH9Jwf7BWKitBwxGHsBmgI_iDCRx-QZk3Z4hPARwXW-GQa5v_rc2aF7O8oIMmESA56AMtHqTN-Km81x7I1nRCHEqpc38g_UqBE61thm5KfI0GA1_zKM5ikUB76NHVMLOJ-s7TcLVh2u-2c2bv0C-PMXf0zXtRCuFuyLxWNqBcVPFAEhyKG0b6XGqHWG3rwLZI6GFxzhDO9U9jDVKxd_y3NLazZKm3_9hB8mNrQKf0UGQZDZ4lwFamIm1HLcGwbyI1YLBdLOB3PZcoWwmmOrkND4kw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC25OzN6q8ZfjiAf201fAPlbyU4AfJntKxXPXqoYaIAcCNtwEQASAAYJXi9YGUB4IBF2NhLXB1Yi00NjEyMTYyMTg1MjA5NzEzyAEJqQI9mh0vtj2yPqgDAcgDAqoE5QFP0HZq3arw_MaJeYcozaXeeYxqVXErZUoXXQHY9RalPFgx_-x_SYvBqEwoSud4SeXPxVR7OEABDCJTwhVFWhSHdRO6IMHnBahUhOLYJHqaqCA9VJHmuhxCUHeBfh76eonmFw5eu7h8kpLWsMostAK4p-mIxckRGBYMGKD-7HM82sLEXA-fKy9XShnATcJXam1JR-KA1lpg7NgeuRqau8Gk3ALkwyj9ivRfoFVcY1Ql_OznDLYiVdTOkzVzndPJPbMWyu-HCE8rS5W-rvNS4xv8KQVyfVjt840a76reWEaRyLbd5aWqgAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIIwiA4YAQEAEyAqoCOgiAQICAhICABEi9_cE6WNP8l-KgjIQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bZ7MdkTIsw0KPV4NX4g0PZlG5mw%26client%3Dca-pub-4612162185209713%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:2400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:19 GMT
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: H8vBEhOvv1I20ynExJTvldjUaqb1-pI8TorXr_ZQzJIBVnXjeIpHpQ==
expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B8B0 0
20 B 44ms
43ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3446143132826&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B8B0 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3446143132826&version=m202401290101&ct=77&x=1&cor=7981786362068439000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B8B0 20 KB
13 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUssZHhn0EPtSeZQMj1A2HJctm8hz7iR5d7MY_N1IAyL5okDmYVQ5V4aA-qeQHVaeyeBkGGDW7iG7xry8NarhLu5bJYRTz41z2Gl-Xy5Q9KsnM8zRu9TaUSU2eCveqgGcOYBf5DvY4pR2U-tey9tBai6P7ED0znCkFG_Mp71NCnd_Y0Xc&cry=1&dbm_d=AKAmf-DVT0_IN4Txg5-HC4mZwPi_hCoemZV5BlXzt-NPNJDnpRq6Nwyei9bBa9Wabqwai9I5ERoe3wyjBV2MfUqkmlT_uJNADN5NyFTBJRA4p91Kxldrs5xegSSqH97ePAAIwDjoVvcss_XudHYZZVK9iEoclu0gJDbXYgf4LWMc4EqA6jHfu9OFWer-qxta-ufqMxHPudCqNuqHw1bjw-vqZm2C93GeTsEq0uGAzGPA328B2K7Lf3hks0OFE2UYik2IfN0asXysAAEJePl9Ul26P2MmDRNQbFwnYhkCrThb7a0rOQYZMUexQMzrNFtfDSgOsG2MDpBNBwz3-aRawevI5RrfqjKKxGxMWEWx7ed4dkJ7rYC9Qu-e6klSStvaN0sV3sDnQry2A_gtFzuPTxe240RmwMdJSyv1FKZyaEHB1ERDe1b6Vd3T2DUiMH_OcfRdW-VgroEG3O4dF6CjeJLxj_svw_4r7gYmS4OrTVVwaArJleaO2WBH2A-3pAXLKa0y-zzPD1skDBY_mNcmVsBKfOeeC6pLbc9IyyzH5Z1rC_TWuanICh60Ux-EX7DP7Dh-IBMSnacpt4M6n2Gr8991aVca5jmu33NXDHa1-lUZ1hP6feew1ro-ws7fbuG9b6k99hoekZSuacXbr4PkoDJOJo-K-X4oM2CgFVNavxVvQ7vnEKAvswaVPXZWk62lZy1-JWGBfzjWP_hlnBd-mZIETXQknFTKFkBwnyyzR41LLrLBFu9qsoy0XsKzgMzybNlW5mMosvwsTRWw16U7zpQEZuzSXm9_eyzCE5fCPPnik0HrDzR1SV8Drq7ek81b-Ex0tcRdW2xTx82ux547WZxgoiJ5lWADWKLkFJKsanODsa1G-QxzuQfZudJgjcbMB6wSppUbI0w8EG7yZtSnsxFBo46GczP7Qf7vTnHiSDNg2dlbWa_71pq1CAWHx6dxsZua0qH6-ZgXplQj2C7BqEMHwBr6Jw4g3LCjY02saAQDVkpkR1slXBeyxPvAGbyY6KfynUUJc7Ol5HiX-IZwjKGYrkAtV6suiJ8nMIoCT5ACvzTzfPhUk23md9rmtaWsXMxlFO_x0luF0Od7fRPZQaxLUpbAsm42kFbJH071P3tIaXFjgzOx2tBVdEOfhT8kVASEN3kWzwfwCPdIYDBoo4vpZnh4Zko94dcXC_BuVvp35eE29Bn_Q8kJDNM41ZUUq491RbruHGN-PcffPcp079WYW2Ss4G-NLXezL_sDifs46f6JJfaaXTXK5MCMPhswFWKFXnb_IMOXrZpg-KYtvzKaODqh1sUr40eo7XY3dt6mHAKQlDXNUuEny96ZFeZ7Ik_VpBTAU1s8Cef_HF07RD-BvrgZe6d9mn-y8OQ7jFe5ZeA3oxgF_27Zsp798wdqR4Q4TA6rX9rAoz_Tf0mH80nTjlQjPxz9TnJ7Ode5oyMN19rm9tEpLn06UKaiRW0xqbbTBqnVtF_sRDksqs_6WcyfJtQl9R7fDx558b8sg61Y7jn4IabrRxrDwuut0kl05anuUmxJaGDBa8DfXyxWWCD9pv0DBYCJxzOu-v4uAtTjPNqbZY7KzEuTmT3MoOjJHoZVoRD1irJGPXQY4qe1L857JqZH8cGtNGmW_v4ZiCUfJjueMA5fWsNpfZIaV-Aa2ByJ1Sqpri_9IGBQdBrD9oTlP654cVGn9NF2B-4stY0i3cU20KCfmEv00qo0BUO2mgJ2XgmYS70PJGRes8eZiT1HMDTNzMfhWS47TnALGYpTXDCLOV_xUjfi9XA7RlfX4xsq1GjeFxycZkUzKTn9y-b-8yEWDWH3aVq5CQFgBURvIg_qOVQ_MT3u0Htm6mTPczbHEdz0lspQqqvWMvqMNyQclSh7Wka_DaXd_Pw_ZlrDikk-4fAYpu237iJe2Yrv1M2oJo9-CdNA4lSrSGIAGnzCY3H9Ga209IeS6T9d5hH6LGwCmeqbhtu2NWRJqlYtCUFeLkv72yP8ePUjRnFyiJI7CAwHWmrYy3A9YNOUhUl4LIql91vKYtyGrWDV4COrnxSPDK3ncogB1UuCsuABGcSNYnBV8VrSkMiiGQ6VN27_SOcJL2eBr_72boMtNxv_Gum30TJqaolAJWLpOM_MIP2N6la3fkpjjz5wH17WDP6Lw9bYcmel7bTc8r_M5lxe7gSRgigLtnQmmDAhY0NsLrCnyvZSYaJ_S-zSEXW1HzyQpo0AWqZ8Z3GM1e_O8DOhB57G5XFKf8XA7Sp_8EtZBavtXZNQQ-SK-zxVKgVv0KZnwJyfJdtGD_2p_He2kh9XO9xEVCTXrJXXc48FtwPA2PHn6L-q71ZdcHSy21rt7GllNaqRsZpdlu7eWlPk2Ch5aA9F6erUwA4JM6eFZHbucA0GWcfOSiSg2p6Zj3taGcTBqiDRptq2URi5DCPq2lNk6VEjCpZD_ZkehYIpaqw7QkrStUKHhEmOmrwLR8iXqpKBOk1VRYjnMtAuB0_xXXvYSYWC39jmRtUaY-aAtdd6QkUHzl2VPU952pn6PTlJomkdY08fvqvvdjSXQEKBfeTba5Gjgg-aZ-P9SRRQocE7eXSwKNj94fjafmtnI2OsT-bdkgUBajd1CDTD6pqiBGrRUTWDvnhg4JBkkE2vIHf9NQk5JTuwYvbzKmNHLzicSK_Nhgdd8vLFd2EJEHtZ4wqoUo6Z8EWgN9cszzQGqkgwfpyAtVITmQ-hKsE9HTNmcw4AwXvHPy5fvIlj-q4NUp7dOIRBPlIUSrGMv8wgD38Euim7H_rJT3Jf2NZ9xetB38aGnP2-0RwcpKhhZAb5h_KJ3UpT96vPby9-_10SgXSpI1EizXxf5thFod4wE4MYhtLg7Ug_Jx-O9fI1ZOiNuCxyNyDxiNhYdfnnoFwCykJikg9ovtF_gUXuV_iwgPeNrFvvLYf2MHpDTiPGfqt23e1Dmdr5jOrwiFKpQjRHFYVUJP0xCm4MP8XoqU9mypkula-9bVa_9iD2lHB1uTkKYl8wcmjureQgQxn7rAXrZYZuOFq5yaAaA_rskDcnKUWl4d47VI2PjTOht44nMjXEOQmU1FD4E_-OZJ0wZcF2DH_m90lfYKZMthsBq2nkigNIVcmyblgcMJ2hEI1X3dDPY9ebGtfFcRI5uULmUbIwtGcYbea6pdbUvIGKplvpRD7zjSe3ztZMZ3XDzd3aSeARuAegyliM2poEyzCkc_eWkHbIIZEZJaeH5weU5z7Y01NANSUri1cgIIO7L6Tz7dGWHFmb0kScya7eruiHqtm_exDFBgPsss3CkiiGt28cBiuqcIlL4Vc5MsW8Isnd5mWu9i1aPoyRYLmXSleX_p54yKkfxojck7xTGPgF3A4iSmrcarMBFouBKD15F2rMGzL7lkNh6vXfCN-P1t4xnCwMHf-SWM3JKv8-Jvsc3TsZtwArIqYi1pH5as3GAoEqfpo-0G-1H28bBVs6LEraCxxR2_6bmBJGdN1lxOmkzyKuCGPfPLw7054gfeRaeVFg7-VhVcRiP_Ss_nOLY8RPj4Itf7ktmE5V8uxwoqzmrtzPDHemXSDDN2oS0I6u82KuM-SH8FGpOElNWinHO8U8Vb_2ayb24gL6nBs0gMost5q0GYZm5BSUs15BbwBvqhasWzJyw2eCNhej3exkSvhPfKPvA-dVCaOJJNR3YEc327mLq8LC1jxMeixQFwqNo1Wio4u18vJUQ9GMXDt7FWOwDmaZ0irTEnNYm-r4vCuLPhrl88vuelIVX9-WmvcaTQX7MwK2VXim345l7hwYpzdN809a8oSdenWwK0i-FXKgVWiFenTUSqRVm87IDzCd41llAG5aFYlyT094QSM9fpkEPA_RFdODPNCfjkjjCZ26txzgcuW8ybpBmhZSpc5Pw8qbxCAeeet_P8ThnwQLrkQd&cid=CAQSTwAvHhf_btBCkdBJcpuxv95na9ATpSpiF0RBGWCqVLaJ9WcyRS2kYztTAB-OMM7GZOuaGAhHF5saiMoIWUgTK96tdH9AXsMWT1Z6sSWGi40YAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fleekangw.github.io%2F&ds=l&xdt=1&iif=1&cor=7981786362068439000&adk=1761367584&idt=58&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

43d02ecc1dc3e479fd2cdd8f80cc6ef491c250ce2a231e729f51b8c18c474093

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=140&slotname=9466993845&adk=236759356&adf=3694931959&pi=t.ma~as.9466993845&w=858&lmt=1698915193&rafmt=11&format=858x140&url=https%3A%2F%2Fleekangw.github.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158816&bpp=5&bdt=150&idt=202&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C212x600%2C858x140&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=338&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=207
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13609
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame EFE2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJiLZBSAKRRiKs0DaLKfPwc&google_cver=1

43 B
332 B

28ms
28ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJiLZBSAKRRiKs0DaLKfPwc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQY_MqegAIwAQ&v=APEucNXBUeJoyQ3-5YfODQhc8jhtCaLhjzYoTuF79givg4JntohQMKzWn8lcn7GcD3nnuLiI1IhjzPwx_Q7oi9i7AFxbgz5esKpSawf5X64G-GYRaVRXiqCvqCbhen71NTJocXhBrdGObHCtcMej3ETOczv5-V_Z86ghlgh_Z1l8sdNwRX2IafA
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCmyyvpHKH7J4unA7ZgD34ldY2xzGrK2Zo520kumvZ%2BUPdGwFvw0kJ8hECs5KORX2%2F4zfcHzZF%2FDWixmaBiim9vPg%2BMI9BPyge9Y8i1K%2BPthP%2BGe4yZlfPhB%2FXabeTrCTfvZvD2IxHJqqw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84f11f7bf91a9176-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJiLZBSAKRRiKs0DaLKfPwc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame EFE2
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbyqN3wBc1t6GDVleKmKmgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJiLZBSAKRRiKs0DaLKfPwc&google_cver=1

43 B
775 B

24ms
23ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJiLZBSAKRRiKs0DaLKfPwc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQY_MqegAIwAQ&v=APEucNXBUeJoyQ3-5YfODQhc8jhtCaLhjzYoTuF79givg4JntohQMKzWn8lcn7GcD3nnuLiI1IhjzPwx_Q7oi9i7AFxbgz5esKpSawf5X64G-GYRaVRXiqCvqCbhen71NTJocXhBrdGObHCtcMej3ETOczv5-V_Z86ghlgh_Z1l8sdNwRX2IafA
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BvavC8PGE3SgJeotrKQ5KWgPsBTAoWZWo3R0%2B4jGyzWY%2BMZYBNw8mXMbhU19IuDke%2FARYqw%2B%2BDyFr4fFxk9yeueZaStV1KLdXQ%2BodJhcstOIEl44CRFYGi%2BdERudoSzpd2ASVD%2BwQDcdRg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84f11f7c8e40049b-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJiLZBSAKRRiKs0DaLKfPwc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame EFE2
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGncb61vSrlAFxg6VSEPjiY&google_cver=1

43 B
1 KB

16ms
12ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGncb61vSrlAFxg6VSEPjiY&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQt92T3QQY_MqegAIwAQ&v=APEucNXBUeJoyQ3-5YfODQhc8jhtCaLhjzYoTuF79givg4JntohQMKzWn8lcn7GcD3nnuLiI1IhjzPwx_Q7oi9i7AFxbgz5esKpSawf5X64G-GYRaVRXiqCvqCbhen71NTJocXhBrdGObHCtcMej3ETOczv5-V_Z86ghlgh_Z1l8sdNwRX2IafA

Protocol

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
an-x-request-uuid: 7f637c8a-b652-494a-a6ab-cf5ba98ba3ce
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 81.95.5.44; 81.95.5.44; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGncb61vSrlAFxg6VSEPjiY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame EFE2
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA2MjU2MzMzNjk1Mzc5MjYzMw%3D%3D

170 B
243 B

23ms
18ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA2MjU2MzMzNjk1Mzc5MjYzMw%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
an-x-request-uuid: b16327c2-c4e4-450d-a4f2-d87a2e69eae0
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODA2MjU2MzMzNjk1Mzc5MjYzMw%3D%3D
x-proxy-origin: 81.95.5.44; 81.95.5.44; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 7EF5 12 KB
5 KB 38ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 223498
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L%2BrWGXlBwuCfI5e9QVUsAPZt4GN369iz%2Fg29S6kmHv34ZH%2FRqNfFwwnnSYMin7lkLLaTija7Sj%2Fd7X%2FmVlr6FdoJDYxWOM1O3cfzHFKVIKodQrr3YMq6yKZ17NnaO7KxMJJXt00drgyEL3yHAPFNrXtT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 84f11f7bd8988fc8-FRA
expires: Wed, 22 Jan 2025 08:39:19 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 7EF5 12 KB
6 KB 20ms
20ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 08:39:19 GMT

GET
H2 200 f9d5f193fe704d30bc6e97384f41c8fe_relative-bold-pro.woff
static.criteo.net/design/dt/ Frame 7EF5 57 KB
57 KB 51ms
22ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/f9d5f193fe704d30bc6e97384f41c8fe_relative-bold-pro.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

fd8826f91fb323bf7b87cfd12679567bc1764700503b8cbebca918006642f2ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 20 Apr 2023 14:26:14 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"64414b86-e41c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 08:39:19 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7EF5 16 KB
16 KB 65ms
33ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=116&m=0&partner=2861&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F230524%2F75c497a24a854605a5134bf876794a02_logo_n_horizontal_9.png&v=3&w=420&rid=4&s=4F_VOwCyX9PMda6SRkjMhR9K

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

05e6b3f7f19592b7d534d6a279441968d4a3c3936158bfe6fabf2c6e83a1b482

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:19 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 16141
expires: Mon, 06 Jan 2025 03:50:25 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7EF5 14 KB
14 KB 61ms
29ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2FlogoATEC-Pharmatechnik-GmbH-303589DE-2301031553.gif%3Feb%3D1&v=3&w=400&rid=4&s=4hMHiDeoGZGKdx0_S_bK47IN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c10dd93b243504178f88190062879206508d26bf637aae9244b394269dc620d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:19 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=86350
timing-allow-origin: *
content-length: 13949
expires: Fri, 02 Feb 2024 16:01:27 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7EF5 13 KB
13 KB 70ms
38ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoHEMERA-Klinik-GmbH-279961DE-2110181703.gif%3Feb%3D1&v=3&w=400&rid=4&s=aBXcf3unxXIlf9F2Y1r9vO1p&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f2baf8efb893748538eecb70f10f23fdadb8408b0609bd7451c45b6c1e36cd4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:18 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=86375
timing-allow-origin: *
content-length: 13276
expires: Fri, 02 Feb 2024 08:50:38 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7EF5 1 KB
1 KB 45ms
13ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FZ%2FlogoZEISS-3427DE.gif%3Feb%3D1&v=3&w=400&rid=4&s=5QuUgeu-NNeIXx5Pm3vTp225&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bfbe88ff7cf1f6b7c145d30018e05b2154eec8b86d861fa185dea8bb88decb46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:18 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86398
timing-allow-origin: *
content-length: 1196
expires: Fri, 02 Feb 2024 17:09:11 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7EF5 1 KB
2 KB 44ms
13ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2FlogoFroneri-Ice-Cream-Deutschland-GmbH-138225DE.gif%3Feb%3D1&v=3&w=400&rid=4&s=aGW5i7aJxONSM4cKljvDBD2z&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5b1fd0b474454744220b4442fc04b77cefda3c3f710f1435342104b376af8c8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:19 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86393
timing-allow-origin: *
content-length: 1452
expires: Fri, 02 Feb 2024 23:31:45 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7EF5 4 KB
4 KB 61ms
30ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F3%2FlogoGLS-General-Logistics-Systems-Germany-GmbH-Co-OHG-55100DE-2110131221.gif%3Feb%3D1&v=3&w=400&rid=4&s=ulfwBJ4IY_Er66VP_TbKuWAb&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

db938f3269290d61b94f7587fec4c59f78eb287abc25814048db7f3a4915a0bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:19 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=86330
timing-allow-origin: *
content-length: 4391
expires: Fri, 02 Feb 2024 23:19:38 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7EF5 6 KB
6 KB 35ms
30ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoAlterric-Deutschland-GmbH-267799DE-2303291528.gif%3Feb%3D1&v=3&w=400&rid=4&s=hEAWSxoW3C9ygHIpJ-e_tY3E&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3c5de2c62523733662f920172a718f1b897e63f4d4e134ab3cd61a748eb2a577

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:19 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=86361
timing-allow-origin: *
content-length: 5757
expires: Sat, 03 Feb 2024 04:35:17 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7EF5 2 KB
3 KB 34ms
29ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FR%2FlogoREWE-Group-4036DE.gif%3Feb%3D1&v=3&w=400&rid=4&s=Uqx5wt-TDzGrZbC1tn-zNEH2&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0019cbaf2375e8f7670fb6d051b6e0916d4dda6f880b0defe27c0e9c726830a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:19 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=85483
timing-allow-origin: *
content-length: 2445
expires: Fri, 02 Feb 2024 15:29:11 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7EF5 3 KB
3 KB 36ms
31ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F4%2FlogoFERCHAU-Automotive-GmbH-99445DE-2201280711.gif%3Feb%3D1&v=3&w=400&rid=4&s=AVHrt7lw5n3A9qbQ8-kgHRfT&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2039c193b349c0e07b087aa646bc3649276328e7ca0d0f55d31e1f81ae707700

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:19 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=86182
timing-allow-origin: *
content-length: 3333
expires: Fri, 02 Feb 2024 11:39:09 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7EF5 2 KB
2 KB 33ms
28ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FS%2FlogoSt-Marien-e-V-St-Marien-Krankenhaus-Berlin-170291DE.gif%3Feb%3D1&v=3&w=400&rid=4&s=y3lvIsd-YzV2gARdqlrE2iih&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

400962600289dfa6c481233b50fddbb2f6399b5d97af04a78dea1a8255954a5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:18 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=86398
timing-allow-origin: *
content-length: 1984
expires: Fri, 02 Feb 2024 15:32:34 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7EF5 0
128 B 43ms
12ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=7SYrc5ahXooD2a1cFimMUv0PhjREMt2m1CtMuHzf0CrpLL1tESN98FxPHlfMnHEuI4pLcXOiDBP244BXRSPz0mq1FV8uf2NsY0MhfO2bDmzoU_Y0M85ljeSOQ9LKC2gCCTaSAfda0Cjcjqoe0-3GhxX_y0bTgwNFlEEIyrBsmnRWryUGn770pV5c7yNc3hQmqIk8bZpB0ATmhNfBScpNAyuqXA7otc3C7dSvrCDsAhZdmVSh6vcPp7s9sXeAuheyStq4aA&sds=2&rev=90469&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Feb 2024 08:39:18 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7EF5 2 KB
1 KB 20ms
17ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 08:39:19 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 7EF5 2 KB
1 KB 18ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:19 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 27 Jan 2025 08:39:19 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B486 0
20 B 39ms
38ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2544093169186&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B486 0
20 B 40ms
38ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2544093169186&version=m202401290101&ct=77&x=1&cor=13155442469385826000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B486 33 KB
19 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ABGFkSFVYUL1sZi2Ipr29ohkkLhoINYFiMS-L0iot2OYgkdmE3XgHurDNBDYHSf32LObERE7Mty2GvyMUXGpOyRej3-LsYr4pETWUcXr3ZZEkZl4eXENG2aRLI-VwYKnOPeIZrnPnebPu4JmSr1Tw3sMrEeW0pB6JYLlH8ZZyCO7CbaDg&cry=1&dbm_d=AKAmf-DL5Bi020buGFTlmjrLLMpSRXhO4y0usdZm7mFcb-oRW14_FC7lyXyu_mNG4OFE4q-fXmJ-QKZSR_Haqe6fa6JYxATAT9FuUrDSQS_t5kw9T7VqVKF5glxdnYnQKukGf8Kd3XGInMlWKrTdnwqi79kbix9OO3FcCAmG6svlrkDKqPdqQcZEIBTATKLYAUR7J3caV_QSMUCgfvfmF17gew0btR5Z46HjkA-NtsAFwYdcFC9dxhny3SuboWif-nqtfy8Uq2eHwrBbmmCkPzXtF6oG7haq2GN9pO_fC2V7LKwd9U9RBdXsKLmY3Llf_Qv3jWvBpu6Ad8yW9LF2aLoWc_N8CoW5y3BU-wNfm_nUPebxhLt5b2RkXGKTGZCTYD3vRuXODvyPNi6l_pZkce5u2ReDcOkK28WJ96fhp0zZMWNrxOleeD9IY-v0Akw2pAtr6TsbDzt21jxvkHC883mIli766o9LgieDfbTa84GSDyRvOepEhjBKlnEYCoxxwPiWmo6FWo047NpZ-wX5jut--dCx5LX3ynoQFO4O1fWxbpReJ3qAGvEDa90uLSjmVVY1GdMdj_LfIVDszyGmVh-l8EKEhddq-OU9xuZmslzvftQjzgDWviiuVfEUru6mRpbQi9_EE4FjAytqCnIGqI0wYdpymW5ur_rPmU4nvflQQ8--V_jgi4OGgdisxN2N7hWUx9_itoeo6IMsI8oA2fSDN5cTcKbo-DCLtV1i-zhMBsefvXz10HbWarwlcx5kP51O8lpe3DWQa_CJj4Ik55G-hNJl-KQb1iE57sTATLZwqr2RKgnZM2p92jAGUuF0Iu4oV5-UcpvnJQ6fLIM66FWnu31q64Y_zzvAXiZCQndsmdYmwB0XlfQGG22OeOOGkN4uPcZAx-Nh8Uv3Lv88QHBe61k-HIljWn2CvDwip_BhsTmd2w3q2fNfR-VPPQX4MC3mUhmr-llRbsr0mPlBKqq9i6D-zn5sUeunIKOJBdjXxEodujtjD0Aj_RUGHht67i2SN27czx8zA4h2kUX4hpx-ZfqNC1b48fr2CgXDUTnjT6PO7uL1coR2yKYa713bE0o4m_54L4j6u-841cbddw1wyRq96Eez_lDE8HON3YXdB43nge73PaIWaE-O6oUIghguP-QSNGHNFfc8k5RkIdPU33M5VVPppj2HJ2s2v50VQTKjC9etAwhDz0g6OTqQ3ThebaFpd2ewuzm2pWu13L1LWifDzj_cA0RAWf017f4yzBZRzt3ebgJoM7CrVLQ26UGTK2VpY3mntQ7Qh_nUusfWuuqvEmQxW9AgUdpg9q5zxNZ3QZo43CYxqWJDgD2n6dyp1INhyn-DlZSUmLE8uioqqTN4vhssfOTu9KSyZcpftga0quKNO6WoteG97i-SEHmBO_CWP5AW7kATUxCXh8Hyx-41Dh8C0QPWKfRM99HlZMiMnB9EVeNPRdk9Fe4DWNIm3MJBhfZOu6N3hRv8UrALG0VemUnLT_F5xHZQADTyxvxDTVJYQ53JidSym5-hnJR2egOIvlT2HsDzz8UUTq4euAtQsAi9ZhOQqu14r-m7mf1cyOwbEIwtjFcpEZ5W5x5fyw2TTQXfoCzvUrK2rR9CjApDL5hkFOhTG3eA-f9i0Ye6nfAYsJhAQEuB_GxRcFHeujlYmWHLNrPWwpEDKyxwmAQULjukQySCwzrXggKGxzv84oMDSNclqls2P_klTe2P6YWgFteMwsbwbKiypYTxbMH7GMQqlvJNu8S5cjH-iX-Q1ICuUUIRXrrUlGTwPihWuACJbKSrcIIQyO60BmlLJKDapyAEL43j7c1g1VqDy473ok7K-J-s5p-3JiLy55J1EJifV_edN_0nDULOQstDZJxSWdyWjLqKoxSiBUFliaA7CCYimEpY7kCBANhfJ1kEhH7_Dra_0tv6pe27YIxnUwNYceBV8dlEAT2PdiWZ7R8FMZ4wRkfKZwwu_0Buug6S90Dx3gThp9M8VIxNS4fnfaNHwd62ZC3m8mRnDLp4GgRX4TNbUZBKmEYE_NChUAd9xi6mwBq7MitpL9vxynmF1vclsz-SiXARfCc349UYYO5KxeotIDeeKXQJRLJJ-tD78V5VQsU5nkCA1M9xugQrpcNcn07cxpSS_UZW5Qdn7X5yOzcEdOQdHVJBFO2pLPF8Ii4F5pZ9Mdp8VPJOWeCfDGVxLwUL212BFw6fwFyUpNmVgWRXs6AGLj0NVB_5Wj2Y69b51Od5Z0JuE2UstwdY9PfTlISEkSXD4W6OWYpjbj93ZMslVVYZJu6aj67zlyaZ0-cy3kM6uLxBjukDpZMJSPr0sjk2-QZugy0qFGMe1K6d5exM0Htiw0KA5-MJq3jdfGwLj36YtctugfDaCJzdTbVzP0pC9xqzXtb2MeVO8tHtAoLgVagKpSFGjhWG8u0MjNO5e8Fl4uDPJHkg43cC9tvf6uMEXwEv4mdhrrBZ-Ap_xPcaVxjhFx8MlPsF6jDwyT8ZQo1DBPnk65N3wUbDGr7Q2j89xxQW8jTJ_nCHrYslMRfUYCpcGSEvSRXNCCaFRtvVPOXIKAIXwk-PamZZg3YOUe9uhAW4IPKb_K_lk6XixLFVZY_xZzVWJiDsStrRjxw8j2nof06-0WA30iGUKxthq84XoSlIUWGlJEXfGLloxq9AEmBuAdnE0pPgQoXbNxww3sjwhWJu0aJaI0xsGhQjgQfZLJVVjheW9IINQs9HR39cg2hQKwhMOMpEds8fIY2qrqPUZOmIEu08UTbQsxvK88hnTb-Sk62rUkpTJf2Fmhb3jEwz4wZtbvo7mK0tnI54YDhO_1qCFClPl3HgVtHSvmUkxFpAnmQT-Md8FXFm-7RcpDe8mZbaaVShCnckqDaTPLLMlsOCOy1aKaVWwXUakGlz8r-zTzY4Y_oKdBb5w85qOlcv4Px6urIirclmCi_9aVV7mjRrB9-mzMInY1GTLQOuRr_zW_iaJngt3eR46hqhEjyG3WmFt3yg9RY-Sak2xEFw8MTG-DVDJpX8MVybjx8s3Q2156EmdxQ-XExkjjmW4KQFZRvMZRU_oDnkAqGJpjiE8puTJHCtg-3ZWZxEMmsn1huPKkUMPkxhQ45YwkEWbnJldG5kOEdqs65RhLY8vkYStQM3diymjZYm4smGUDmVSt9jWsttJarV0WB3G5dfy8LLGU9NfnxaK5F5TzqD5LvJvJTNfaoWpv2-BqVcDp_czi9aNBtx2PeJBeal1n2YGtER-vYnPmiqonoOXb5wSqmFgO10rrij1AHadBUZoe5xT6AG5E8g6sqOhWQNTf-zY-RjCxjZCp67rpCa0Y7NEtN5pmCpsUYMF8EiN32a4MnGkvtOZv20SvIPBjn_CWUDPCyWdXH3XHBnAS-YND6gU7OqtMLfoa2Ix28IJiK-MxUaixOP514FdAhz0E4709wab4Gu1QdrAk275rYL-hGzxKxR6EesDAkYQkNf7SY2xK4ZAFiCFSuyQ75bfWhk7NEbwyFomVGxXi2HzMbzef3HKRex9bgmpWm6vKph_aogHOK4qOuVun-q5uOzUE1oXr8O7reYZKb2r4llaGe0R2aZamE86WRFikOacpiqXqjQifaw_1rf04T-M-WCtie-uGwTUkdAj076TSjWK_R4zzeiqy0sgaKnw5Rti6OcTIecVvbtUuK6cjayutFV3fr3y8mif1vgPkfZVNJnFC_8FC1dgDPk8ewAv42tXIOaUYEM-tgzCLMNfLFvbjALdL7zPsNLMXL8sq6la04BpT55Sscqo43D8ALhf-9jUS85XDlt3xF-VqWw1WowJehqX_2e_6dZ84k&cid=CAQSTwAvHhf_SWdnDplddIk6TgtM6fkaUiBIbOvEK86PHMkIyf8AuXbPSB-s94AcLmkcW28ZRuXHAjwpAx2t9d4fYE_C9J5gVhasmm_UN4WYAcQYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fleekangw.github.io%2F&ds=l&xdt=1&iif=1&cor=13155442469385826000&adk=497053792&idt=56&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fb66b4c575f4c1982a17a9245b686cf88dbe622a0a5d825003f7c3323526a66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=140&slotname=9466993845&adk=236759356&adf=336455553&pi=t.ma~as.9466993845&w=858&lmt=1698915193&rafmt=11&format=858x140&url=https%3A%2F%2Fleekangw.github.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158809&bpp=5&bdt=143&idt=204&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C212x600&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=338&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19503
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame B8B0 41 KB
14 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AUssZHhn0EPtSeZQMj1A2HJctm8hz7iR5d7MY_N1IAyL5okDmYVQ5V4aA-qeQHVaeyeBkGGDW7iG7xry8NarhLu5bJYRTz41z2Gl-Xy5Q9KsnM8zRu9TaUSU2eCveqgGcOYBf5DvY4pR2U-tey9tBai6P7ED0znCkFG_Mp71NCnd_Y0Xc&cry=1&dbm_d=AKAmf-DVT0_IN4Txg5-HC4mZwPi_hCoemZV5BlXzt-NPNJDnpRq6Nwyei9bBa9Wabqwai9I5ERoe3wyjBV2MfUqkmlT_uJNADN5NyFTBJRA4p91Kxldrs5xegSSqH97ePAAIwDjoVvcss_XudHYZZVK9iEoclu0gJDbXYgf4LWMc4EqA6jHfu9OFWer-qxta-ufqMxHPudCqNuqHw1bjw-vqZm2C93GeTsEq0uGAzGPA328B2K7Lf3hks0OFE2UYik2IfN0asXysAAEJePl9Ul26P2MmDRNQbFwnYhkCrThb7a0rOQYZMUexQMzrNFtfDSgOsG2MDpBNBwz3-aRawevI5RrfqjKKxGxMWEWx7ed4dkJ7rYC9Qu-e6klSStvaN0sV3sDnQry2A_gtFzuPTxe240RmwMdJSyv1FKZyaEHB1ERDe1b6Vd3T2DUiMH_OcfRdW-VgroEG3O4dF6CjeJLxj_svw_4r7gYmS4OrTVVwaArJleaO2WBH2A-3pAXLKa0y-zzPD1skDBY_mNcmVsBKfOeeC6pLbc9IyyzH5Z1rC_TWuanICh60Ux-EX7DP7Dh-IBMSnacpt4M6n2Gr8991aVca5jmu33NXDHa1-lUZ1hP6feew1ro-ws7fbuG9b6k99hoekZSuacXbr4PkoDJOJo-K-X4oM2CgFVNavxVvQ7vnEKAvswaVPXZWk62lZy1-JWGBfzjWP_hlnBd-mZIETXQknFTKFkBwnyyzR41LLrLBFu9qsoy0XsKzgMzybNlW5mMosvwsTRWw16U7zpQEZuzSXm9_eyzCE5fCPPnik0HrDzR1SV8Drq7ek81b-Ex0tcRdW2xTx82ux547WZxgoiJ5lWADWKLkFJKsanODsa1G-QxzuQfZudJgjcbMB6wSppUbI0w8EG7yZtSnsxFBo46GczP7Qf7vTnHiSDNg2dlbWa_71pq1CAWHx6dxsZua0qH6-ZgXplQj2C7BqEMHwBr6Jw4g3LCjY02saAQDVkpkR1slXBeyxPvAGbyY6KfynUUJc7Ol5HiX-IZwjKGYrkAtV6suiJ8nMIoCT5ACvzTzfPhUk23md9rmtaWsXMxlFO_x0luF0Od7fRPZQaxLUpbAsm42kFbJH071P3tIaXFjgzOx2tBVdEOfhT8kVASEN3kWzwfwCPdIYDBoo4vpZnh4Zko94dcXC_BuVvp35eE29Bn_Q8kJDNM41ZUUq491RbruHGN-PcffPcp079WYW2Ss4G-NLXezL_sDifs46f6JJfaaXTXK5MCMPhswFWKFXnb_IMOXrZpg-KYtvzKaODqh1sUr40eo7XY3dt6mHAKQlDXNUuEny96ZFeZ7Ik_VpBTAU1s8Cef_HF07RD-BvrgZe6d9mn-y8OQ7jFe5ZeA3oxgF_27Zsp798wdqR4Q4TA6rX9rAoz_Tf0mH80nTjlQjPxz9TnJ7Ode5oyMN19rm9tEpLn06UKaiRW0xqbbTBqnVtF_sRDksqs_6WcyfJtQl9R7fDx558b8sg61Y7jn4IabrRxrDwuut0kl05anuUmxJaGDBa8DfXyxWWCD9pv0DBYCJxzOu-v4uAtTjPNqbZY7KzEuTmT3MoOjJHoZVoRD1irJGPXQY4qe1L857JqZH8cGtNGmW_v4ZiCUfJjueMA5fWsNpfZIaV-Aa2ByJ1Sqpri_9IGBQdBrD9oTlP654cVGn9NF2B-4stY0i3cU20KCfmEv00qo0BUO2mgJ2XgmYS70PJGRes8eZiT1HMDTNzMfhWS47TnALGYpTXDCLOV_xUjfi9XA7RlfX4xsq1GjeFxycZkUzKTn9y-b-8yEWDWH3aVq5CQFgBURvIg_qOVQ_MT3u0Htm6mTPczbHEdz0lspQqqvWMvqMNyQclSh7Wka_DaXd_Pw_ZlrDikk-4fAYpu237iJe2Yrv1M2oJo9-CdNA4lSrSGIAGnzCY3H9Ga209IeS6T9d5hH6LGwCmeqbhtu2NWRJqlYtCUFeLkv72yP8ePUjRnFyiJI7CAwHWmrYy3A9YNOUhUl4LIql91vKYtyGrWDV4COrnxSPDK3ncogB1UuCsuABGcSNYnBV8VrSkMiiGQ6VN27_SOcJL2eBr_72boMtNxv_Gum30TJqaolAJWLpOM_MIP2N6la3fkpjjz5wH17WDP6Lw9bYcmel7bTc8r_M5lxe7gSRgigLtnQmmDAhY0NsLrCnyvZSYaJ_S-zSEXW1HzyQpo0AWqZ8Z3GM1e_O8DOhB57G5XFKf8XA7Sp_8EtZBavtXZNQQ-SK-zxVKgVv0KZnwJyfJdtGD_2p_He2kh9XO9xEVCTXrJXXc48FtwPA2PHn6L-q71ZdcHSy21rt7GllNaqRsZpdlu7eWlPk2Ch5aA9F6erUwA4JM6eFZHbucA0GWcfOSiSg2p6Zj3taGcTBqiDRptq2URi5DCPq2lNk6VEjCpZD_ZkehYIpaqw7QkrStUKHhEmOmrwLR8iXqpKBOk1VRYjnMtAuB0_xXXvYSYWC39jmRtUaY-aAtdd6QkUHzl2VPU952pn6PTlJomkdY08fvqvvdjSXQEKBfeTba5Gjgg-aZ-P9SRRQocE7eXSwKNj94fjafmtnI2OsT-bdkgUBajd1CDTD6pqiBGrRUTWDvnhg4JBkkE2vIHf9NQk5JTuwYvbzKmNHLzicSK_Nhgdd8vLFd2EJEHtZ4wqoUo6Z8EWgN9cszzQGqkgwfpyAtVITmQ-hKsE9HTNmcw4AwXvHPy5fvIlj-q4NUp7dOIRBPlIUSrGMv8wgD38Euim7H_rJT3Jf2NZ9xetB38aGnP2-0RwcpKhhZAb5h_KJ3UpT96vPby9-_10SgXSpI1EizXxf5thFod4wE4MYhtLg7Ug_Jx-O9fI1ZOiNuCxyNyDxiNhYdfnnoFwCykJikg9ovtF_gUXuV_iwgPeNrFvvLYf2MHpDTiPGfqt23e1Dmdr5jOrwiFKpQjRHFYVUJP0xCm4MP8XoqU9mypkula-9bVa_9iD2lHB1uTkKYl8wcmjureQgQxn7rAXrZYZuOFq5yaAaA_rskDcnKUWl4d47VI2PjTOht44nMjXEOQmU1FD4E_-OZJ0wZcF2DH_m90lfYKZMthsBq2nkigNIVcmyblgcMJ2hEI1X3dDPY9ebGtfFcRI5uULmUbIwtGcYbea6pdbUvIGKplvpRD7zjSe3ztZMZ3XDzd3aSeARuAegyliM2poEyzCkc_eWkHbIIZEZJaeH5weU5z7Y01NANSUri1cgIIO7L6Tz7dGWHFmb0kScya7eruiHqtm_exDFBgPsss3CkiiGt28cBiuqcIlL4Vc5MsW8Isnd5mWu9i1aPoyRYLmXSleX_p54yKkfxojck7xTGPgF3A4iSmrcarMBFouBKD15F2rMGzL7lkNh6vXfCN-P1t4xnCwMHf-SWM3JKv8-Jvsc3TsZtwArIqYi1pH5as3GAoEqfpo-0G-1H28bBVs6LEraCxxR2_6bmBJGdN1lxOmkzyKuCGPfPLw7054gfeRaeVFg7-VhVcRiP_Ss_nOLY8RPj4Itf7ktmE5V8uxwoqzmrtzPDHemXSDDN2oS0I6u82KuM-SH8FGpOElNWinHO8U8Vb_2ayb24gL6nBs0gMost5q0GYZm5BSUs15BbwBvqhasWzJyw2eCNhej3exkSvhPfKPvA-dVCaOJJNR3YEc327mLq8LC1jxMeixQFwqNo1Wio4u18vJUQ9GMXDt7FWOwDmaZ0irTEnNYm-r4vCuLPhrl88vuelIVX9-WmvcaTQX7MwK2VXim345l7hwYpzdN809a8oSdenWwK0i-FXKgVWiFenTUSqRVm87IDzCd41llAG5aFYlyT094QSM9fpkEPA_RFdODPNCfjkjjCZ26txzgcuW8ybpBmhZSpc5Pw8qbxCAeeet_P8ThnwQLrkQd&cid=CAQSTwAvHhf_btBCkdBJcpuxv95na9ATpSpiF0RBGWCqVLaJ9WcyRS2kYztTAB-OMM7GZOuaGAhHF5saiMoIWUgTK96tdH9AXsMWT1Z6sSWGi40YAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fleekangw.github.io%2F&ds=l&xdt=1&iif=1&cor=7981786362068439000&adk=1761367584&idt=58&cac=0&dtd=10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 221481
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 19:07:58 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjg2MzE1OTYzNjU3NQogIHNlcnZlcl9pcDogMTM1Mzg4MDEwCiAgcHJvY2Vzc19pZDogMjI5OTQ1NzEwMwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame B8B0 0
867 B 93ms
42ms Image
image/png 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjg2MzE1OTYzNjU3NQogIHNlcnZlcl9pcDogMTM1Mzg4MDEwCiAgcHJvY2Vzc19pZDogMjI5OTQ1NzEwMwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxNzg5NTY5NTkyMzM2Mzk3OTg4NQpkZWJ1Z19rZXk6IDE2OTE3NzgwMzEzNDUyMDA5OTYKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAyLTAyIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIxNzQ4NDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIwODYzOAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4yLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xa0aedf43682e75900000000000000000","13":"0x1a01286f6c8a0ca0000000000000000","14":"0xea008714569536ee0000000000000000","15":"0x9e293720a373cea90000000000000000"},"debug_key":"1691778031345200996","debug_reporting":true,"destination":"https://redintelligence.net","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["11868943"]},"priority":"0","source_event_id":"17895695923363979885"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK g72h7lz2c4az Show response
hal9000.redintelligence.net/zone/ Frame B8B0 11 KB
4 KB 47ms
8ms Script
text/html 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/g72h7lz2c4az?subid=&gdpr=&gdpr_consent=&rnd=1706863159115216&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCF3vTN6q8ZZCEB7Gs2OMP2PGtsAim5b2gaYWVnKfJD_AuEAEgrZWljgFgleL1gZQHyAEJqQI9mh0vtj2yPqgDAcgDmwSqBJACT9B1uvcvtYcisByHHEkaWvS8KGonj-MpP5bdgaa5pL8TUMwuX9uJm462Jn_Q8IG6XViPRW_0oW5qDmQFM2N8u2cnh7djFA5QUZ0hSBIzYZL5axHHbJZDWDx6otDVIx4erQkxgK2swwYF3LYVwXtmLWL_5z_6vx96Uwv4JR-RffD8vtLS6FGJcEG8egXeCr-lJLn0OpHqruA16XaOcnxLqku5gBwm4VKnToCwwMCQhUQJ_i5juntn1OMiIQDh2HJ8QlmQ_FfT7W9jdI2yboN7CSlbWJz7210WxFtYA_92HkIgisnHMvLHgibniadH-TUU03EljGPzJ2dgj1i7w9MixwjNyYnsadl0nh8QM5yPsSLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJQiA4YAQEAEYHzICqgI6CIBAgICEgIAESL39wTpYkqaZ4qCMhAOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_btBCkdBJcpuxv95na9ATpSpiF0RBGWCqVLaJ9WcyRS2kYztTAB-OMM7GZOuaGAhHF5saiMoIWUgTK96tdH9AXsMWT1Z6sSWGi40YAQ%26sig%3DAOD64_0z-qQSYDrq_77tkaUXP1UirofYTw%26client%3Dca-pub-4612162185209713%26dbm_c%3DAKAmf-AWXOQ38TJeIGnUPPInn1Pl-7RSl2M-Se01O-4bVK8iHD5EFgTk-EQc9Qa4sQtpYLjWykSSVsMh_yz7Nchc4FWg1V4dlDziU1bgR0e1x4GmQx5fJELu9UGa7zxUT1X0Sq8MqohsZNBEaBQ7h8XIdKuaakNqtGL4iiVRSrm9VSfrJd-ZaDQ%26cry%3D1%26dbm_d%3DAKAmf-AOWv6YlVCEIQCANn5Ty4DdvxEm5n9U10GLM8w-6pk5SuGvMmFjqIIvLewtW82RH9eG3_Y3qPMIndxze2QEBhnoz9Vzy_XMYYQP1NgH7NbtI_Spt4p-naqLL3jgYYdAuSF3m2G6FG__MVns-Iu_Ws7NfQYVEgh44NaKlZzkLj5nWzR_Tm859-RPjq1gv55pH6DxeYH22RGFdmth8rOrBnlgdtnur16PhOgeJ_CJPQd6LmiAS6xn81s7fVihJrLOtM5wfXqv6nuLICMuhYEY4t5o_lUHph4nOcTR8HdK8lLGSzHsFy_U1bGaACPGka562_Bhw600nHgXXatluoM9QtjuixwrH0NQNtHr4CPxYlpbHosA5nlqU0P0Lremo0ZhwLxvm9OpIEWXJgDAEKqkmkyChggVtdpF2DJx9r3B8PDQp5sZ3X0jOUtn6zcObXF-MUbHF7XWq7UDGYYptD3We-ZAXgu1jF0jHB6TkU7njs9F7HsJP3mqldHbGFygZPbEQlapkirhlIvv-frQ7LjCoVGVUD4smRN9TfsppP8EnLI25eBnN3adRKJ3EPKzumcp3vp4-4Pm%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=140&slotname=9466993845&adk=236759356&adf=3694931959&pi=t.ma~as.9466993845&w=858&lmt=1698915193&rafmt=11&format=858x140&url=https%3A%2F%2Fleekangw.github.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158816&bpp=5&bdt=150&idt=202&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C212x600%2C858x140&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=338&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=207
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: a699e604953dd2364d7abdc86b2adfab434fdca98a7d7ae835eeb816ca3de7c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 08:39:19 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4215
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DFA5 0
19 B 48ms
48ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmrOyN6q8ZfjiAf201fAPlbyU4AfJntKxXPXqoYaIAcCNtwEQASAAYJXi9YGUB4IBF2NhLXB1Yi00NjEyMTYyMTg1MjA5NzEzyAEJqQI9mh0vtj2yPqgDAcgDAqoE4gFP0HZq3arw_MaJeYcozaXeeYxqVXErZUoXXQHY9RalPFgx_-x_SYvBqEwoSud4SeXPxVR7OEABDCJTwhVFWhSHdRO6IMHnBahUhOLYJHqaqCA9VJHmuhxCUHeBfh76eonmFw5eu7h8kpLWsMostAK4p-mIxckRGBYMGKD-7HM82sLEXA-fKy9XShnATcJXam1JR-KA1lpg7NgeuRqau8Gk3ALkwyj9ivRfoFVcY1Ql_OznDLYiVdTOkzVznZHLHCGWWT-6rp8MkRmeR1dcxBFKIytq_-wlzivoULTyQN5bXJY0gAa3zazTroKSq-8BoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIIwiA4YAQEAEyAqoCOgiAQICAhICABEi9_cE6WNP8l-KgjIQDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTQ2MTIxNjIxODUyMDk3MTMYAA&sigh=aFphpu_bcEA&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_Ay3bbWBLm8oLP80Fvsvi5N6PrcEKTOTsdI6SlXuCao4mS2iL5MDn21DCIcBCBs9v_Jn_JvTtqvKcleG6Lknc9tj2b2HBKSbxeAUYAQ&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=600&slotname=3225019129&adk=4081495040&adf=1200720800&pi=t.ma~as.3225019129&w=212&fwrn=4&fwrnh=100&lmt=1698915193&rafmt=1&format=212x600&url=https%3A%2F%2Fleekangw.github.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158802&bpp=7&bdt=135&idt=193&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=24&ady=619&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=201
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 02 Feb 2024 08:39:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame DFA5 0
126 B 50ms
17ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kpXPF8z6RNQB2ASdg2ICAgAAABaapcMWk8jffP7vyxA2qrxlHbOGBQoHqwauQAAAEgAACgpBUVVCRHdFQkR3&wp=ZbyqNwAAcXgIFVp9AAUeFUHYRr7OB2suB08j4Q&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:18 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 157456
server: Kestrel
content-length: 0

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/ Frame B486 31 KB
12 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240131/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ABGFkSFVYUL1sZi2Ipr29ohkkLhoINYFiMS-L0iot2OYgkdmE3XgHurDNBDYHSf32LObERE7Mty2GvyMUXGpOyRej3-LsYr4pETWUcXr3ZZEkZl4eXENG2aRLI-VwYKnOPeIZrnPnebPu4JmSr1Tw3sMrEeW0pB6JYLlH8ZZyCO7CbaDg&cry=1&dbm_d=AKAmf-DL5Bi020buGFTlmjrLLMpSRXhO4y0usdZm7mFcb-oRW14_FC7lyXyu_mNG4OFE4q-fXmJ-QKZSR_Haqe6fa6JYxATAT9FuUrDSQS_t5kw9T7VqVKF5glxdnYnQKukGf8Kd3XGInMlWKrTdnwqi79kbix9OO3FcCAmG6svlrkDKqPdqQcZEIBTATKLYAUR7J3caV_QSMUCgfvfmF17gew0btR5Z46HjkA-NtsAFwYdcFC9dxhny3SuboWif-nqtfy8Uq2eHwrBbmmCkPzXtF6oG7haq2GN9pO_fC2V7LKwd9U9RBdXsKLmY3Llf_Qv3jWvBpu6Ad8yW9LF2aLoWc_N8CoW5y3BU-wNfm_nUPebxhLt5b2RkXGKTGZCTYD3vRuXODvyPNi6l_pZkce5u2ReDcOkK28WJ96fhp0zZMWNrxOleeD9IY-v0Akw2pAtr6TsbDzt21jxvkHC883mIli766o9LgieDfbTa84GSDyRvOepEhjBKlnEYCoxxwPiWmo6FWo047NpZ-wX5jut--dCx5LX3ynoQFO4O1fWxbpReJ3qAGvEDa90uLSjmVVY1GdMdj_LfIVDszyGmVh-l8EKEhddq-OU9xuZmslzvftQjzgDWviiuVfEUru6mRpbQi9_EE4FjAytqCnIGqI0wYdpymW5ur_rPmU4nvflQQ8--V_jgi4OGgdisxN2N7hWUx9_itoeo6IMsI8oA2fSDN5cTcKbo-DCLtV1i-zhMBsefvXz10HbWarwlcx5kP51O8lpe3DWQa_CJj4Ik55G-hNJl-KQb1iE57sTATLZwqr2RKgnZM2p92jAGUuF0Iu4oV5-UcpvnJQ6fLIM66FWnu31q64Y_zzvAXiZCQndsmdYmwB0XlfQGG22OeOOGkN4uPcZAx-Nh8Uv3Lv88QHBe61k-HIljWn2CvDwip_BhsTmd2w3q2fNfR-VPPQX4MC3mUhmr-llRbsr0mPlBKqq9i6D-zn5sUeunIKOJBdjXxEodujtjD0Aj_RUGHht67i2SN27czx8zA4h2kUX4hpx-ZfqNC1b48fr2CgXDUTnjT6PO7uL1coR2yKYa713bE0o4m_54L4j6u-841cbddw1wyRq96Eez_lDE8HON3YXdB43nge73PaIWaE-O6oUIghguP-QSNGHNFfc8k5RkIdPU33M5VVPppj2HJ2s2v50VQTKjC9etAwhDz0g6OTqQ3ThebaFpd2ewuzm2pWu13L1LWifDzj_cA0RAWf017f4yzBZRzt3ebgJoM7CrVLQ26UGTK2VpY3mntQ7Qh_nUusfWuuqvEmQxW9AgUdpg9q5zxNZ3QZo43CYxqWJDgD2n6dyp1INhyn-DlZSUmLE8uioqqTN4vhssfOTu9KSyZcpftga0quKNO6WoteG97i-SEHmBO_CWP5AW7kATUxCXh8Hyx-41Dh8C0QPWKfRM99HlZMiMnB9EVeNPRdk9Fe4DWNIm3MJBhfZOu6N3hRv8UrALG0VemUnLT_F5xHZQADTyxvxDTVJYQ53JidSym5-hnJR2egOIvlT2HsDzz8UUTq4euAtQsAi9ZhOQqu14r-m7mf1cyOwbEIwtjFcpEZ5W5x5fyw2TTQXfoCzvUrK2rR9CjApDL5hkFOhTG3eA-f9i0Ye6nfAYsJhAQEuB_GxRcFHeujlYmWHLNrPWwpEDKyxwmAQULjukQySCwzrXggKGxzv84oMDSNclqls2P_klTe2P6YWgFteMwsbwbKiypYTxbMH7GMQqlvJNu8S5cjH-iX-Q1ICuUUIRXrrUlGTwPihWuACJbKSrcIIQyO60BmlLJKDapyAEL43j7c1g1VqDy473ok7K-J-s5p-3JiLy55J1EJifV_edN_0nDULOQstDZJxSWdyWjLqKoxSiBUFliaA7CCYimEpY7kCBANhfJ1kEhH7_Dra_0tv6pe27YIxnUwNYceBV8dlEAT2PdiWZ7R8FMZ4wRkfKZwwu_0Buug6S90Dx3gThp9M8VIxNS4fnfaNHwd62ZC3m8mRnDLp4GgRX4TNbUZBKmEYE_NChUAd9xi6mwBq7MitpL9vxynmF1vclsz-SiXARfCc349UYYO5KxeotIDeeKXQJRLJJ-tD78V5VQsU5nkCA1M9xugQrpcNcn07cxpSS_UZW5Qdn7X5yOzcEdOQdHVJBFO2pLPF8Ii4F5pZ9Mdp8VPJOWeCfDGVxLwUL212BFw6fwFyUpNmVgWRXs6AGLj0NVB_5Wj2Y69b51Od5Z0JuE2UstwdY9PfTlISEkSXD4W6OWYpjbj93ZMslVVYZJu6aj67zlyaZ0-cy3kM6uLxBjukDpZMJSPr0sjk2-QZugy0qFGMe1K6d5exM0Htiw0KA5-MJq3jdfGwLj36YtctugfDaCJzdTbVzP0pC9xqzXtb2MeVO8tHtAoLgVagKpSFGjhWG8u0MjNO5e8Fl4uDPJHkg43cC9tvf6uMEXwEv4mdhrrBZ-Ap_xPcaVxjhFx8MlPsF6jDwyT8ZQo1DBPnk65N3wUbDGr7Q2j89xxQW8jTJ_nCHrYslMRfUYCpcGSEvSRXNCCaFRtvVPOXIKAIXwk-PamZZg3YOUe9uhAW4IPKb_K_lk6XixLFVZY_xZzVWJiDsStrRjxw8j2nof06-0WA30iGUKxthq84XoSlIUWGlJEXfGLloxq9AEmBuAdnE0pPgQoXbNxww3sjwhWJu0aJaI0xsGhQjgQfZLJVVjheW9IINQs9HR39cg2hQKwhMOMpEds8fIY2qrqPUZOmIEu08UTbQsxvK88hnTb-Sk62rUkpTJf2Fmhb3jEwz4wZtbvo7mK0tnI54YDhO_1qCFClPl3HgVtHSvmUkxFpAnmQT-Md8FXFm-7RcpDe8mZbaaVShCnckqDaTPLLMlsOCOy1aKaVWwXUakGlz8r-zTzY4Y_oKdBb5w85qOlcv4Px6urIirclmCi_9aVV7mjRrB9-mzMInY1GTLQOuRr_zW_iaJngt3eR46hqhEjyG3WmFt3yg9RY-Sak2xEFw8MTG-DVDJpX8MVybjx8s3Q2156EmdxQ-XExkjjmW4KQFZRvMZRU_oDnkAqGJpjiE8puTJHCtg-3ZWZxEMmsn1huPKkUMPkxhQ45YwkEWbnJldG5kOEdqs65RhLY8vkYStQM3diymjZYm4smGUDmVSt9jWsttJarV0WB3G5dfy8LLGU9NfnxaK5F5TzqD5LvJvJTNfaoWpv2-BqVcDp_czi9aNBtx2PeJBeal1n2YGtER-vYnPmiqonoOXb5wSqmFgO10rrij1AHadBUZoe5xT6AG5E8g6sqOhWQNTf-zY-RjCxjZCp67rpCa0Y7NEtN5pmCpsUYMF8EiN32a4MnGkvtOZv20SvIPBjn_CWUDPCyWdXH3XHBnAS-YND6gU7OqtMLfoa2Ix28IJiK-MxUaixOP514FdAhz0E4709wab4Gu1QdrAk275rYL-hGzxKxR6EesDAkYQkNf7SY2xK4ZAFiCFSuyQ75bfWhk7NEbwyFomVGxXi2HzMbzef3HKRex9bgmpWm6vKph_aogHOK4qOuVun-q5uOzUE1oXr8O7reYZKb2r4llaGe0R2aZamE86WRFikOacpiqXqjQifaw_1rf04T-M-WCtie-uGwTUkdAj076TSjWK_R4zzeiqy0sgaKnw5Rti6OcTIecVvbtUuK6cjayutFV3fr3y8mif1vgPkfZVNJnFC_8FC1dgDPk8ewAv42tXIOaUYEM-tgzCLMNfLFvbjALdL7zPsNLMXL8sq6la04BpT55Sscqo43D8ALhf-9jUS85XDlt3xF-VqWw1WowJehqX_2e_6dZ84k&cid=CAQSTwAvHhf_SWdnDplddIk6TgtM6fkaUiBIbOvEK86PHMkIyf8AuXbPSB-s94AcLmkcW28ZRuXHAjwpAx2t9d4fYE_C9J5gVhasmm_UN4WYAcQYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fleekangw.github.io%2F&ds=l&xdt=1&iif=1&cor=13155442469385826000&adk=497053792&idt=56&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d84037bada82c8af096c750483248eb827b621c42236f3b687cc07c2f93d6dbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 20:11:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11928
x-xss-protection: 0
server: cafe
etag: 10551285868935850944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 15 Feb 2024 20:11:10 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame B486 41 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Tue, 30 Jan 2024 19:07:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 221481
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Jan 2025 19:07:58 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjg2MzE1OTY4NjI2MAogIHNlcnZlcl9pcDogMTI2MDYxNTgyCiAgcHJvY2Vzc19pZDogNzM4OTAwMjg4Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkyMTIyNTIK...
ad.doubleclick.net/ddm/activity/ Frame B486 0
499 B 43ms
42ms Image
image/png 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNjg2MzE1OTY4NjI2MAogIHNlcnZlcl9pcDogMTI2MDYxNTgyCiAgcHJvY2Vzc19pZDogNzM4OTAwMjg4Cn0KZmxvb2RsaWdodF9jb25maWdfaWQ6IDkyMTIyNTIKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2Fkb2JlLmNvbSIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiA0MDUwMjIyNDAxNTYwODUxNzY3CmRlYnVnX2tleTogMTY0MTcwMjQ2OTgwMzA0MDY1OTIKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAyLTAyIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogOTIxMjI1MgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDM4Mjg2MDA0MgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTI2OTEwMDIxNQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyMDIwMDM2ODEzNQogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDUzNzM3MjAyOAogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9hZG9iZS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9mbGFzaHRhbGtpbmcuY29tIgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=140&slotname=9466993845&adk=236759356&adf=336455553&pi=t.ma~as.9466993845&w=858&lmt=1698915193&rafmt=11&format=858x140&url=https%3A%2F%2Fleekangw.github.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158809&bpp=5&bdt=143&idt=204&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C212x600&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=338&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:19 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0xac498705eddd6a720000000000000000","13":"0xffaf9ef72b1dfe610000000000000000","14":"0x3c2c629e5735cb390000000000000000","15":"0x5550cd01c9a6c0d50000000000000000"},"debug_key":"16417024698030406592","debug_reporting":true,"destination":"https://adobe.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"21":[],"8":["9212252"]},"priority":"0","source_event_id":"4050222401560851767"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B486 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37de06284be4ec8026554c6a9290c5f36810c69a8627560e4888e7ece777eed0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/8/224477;7879091;201;jsappend;DV360;DV360FY24StockBEHInMarketDEDSKBAN728x90/ Frame B486 3 KB
2 KB 63ms
27ms Script
text/javascript 104.64.122.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://servedby.flashtalking.com/imp/8/224477;7879091;201;jsappend;DV360;DV360FY24StockBEHInMarketDEDSKBAN728x90/?ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4612162185209713%26output%3Dhtml%26h%3D140%26slotname%3D9466993845%26adk%3D236759356%26adf%3D336455553%26pi%3Dt.ma~as.9466993845%26w%3D858%26lmt%3D1698915193%26rafmt%3D11%26format%3D858x140%26url%3Dhttps%253A%252F%252Fleekangw.github.io%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1706863158809%26bpp%3D5%26bdt%3D143%26idt%3D204%26shv%3Dr20240131%26mjsv%3Dm202401290101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C212x600%26nras%3D1%26correlator%3D4106480496177%26frm%3D20%26pv%3D1%26ga_vid%3D1863963592.1706863159%26ga_sid%3D1706863159%26ga_hid%3D838409285%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D338%26ady%3D472%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C44809004%252C31080826%252C95322180%252C95323007%26oid%3D2&us_privacy=${US_PRIVACY}&site_url=https://leekangw.github.io/&pub_id=1&sup_platform=1&cachebuster=955380.8320522277

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=140&slotname=9466993845&adk=236759356&adf=336455553&pi=t.ma~as.9466993845&w=858&lmt=1698915193&rafmt=11&format=858x140&url=https%3A%2F%2Fleekangw.github.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158809&bpp=5&bdt=143&idt=204&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C212x600&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=338&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.64.122.89 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-64-122-89.deploy.static.akamaitechnologies.com

Software

prod-xre-app5.frk11 /

Resource Hash

51ae59c971eca2205d71a2be11f639001985de4e384e3ed0f2f4691dde9f8e5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Feb 2024 08:39:19 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=86400
Server: prod-xre-app5.frk11
Vary: Accept-Encoding
Content-Type: text/javascript;charset=ISO-8859-1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 1416
Expires: Fri, 02 Feb 2024 08:39:19 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 956A 38 KB
13 KB 8ms
8ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 221461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 19:08:18 GMT
expires: Wed, 29 Jan 2025 19:08:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

request.php Show response
hal900017.redintelligence.net/ Frame B8B0
Redirect Chain

https://hal900017.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=be6138669f&subid=&uid=0849b6d46c3faf6c&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
https://hal900017.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=be6138669f&subid=&uid=0849b6d46c3faf6c&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...

4 KB
2 KB

137ms
123ms

Script
application/x-javascript

159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=be6138669f&subid=&uid=0849b6d46c3faf6c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCF3vTN6q8ZZCEB7Gs2OMP2PGtsAim5b2gaYWVnKfJD_AuEAEgrZWljgFgleL1gZQHyAEJqQI9mh0vtj2yPqgDAcgDmwSqBJACT9B1uvcvtYcisByHHEkaWvS8KGonj-MpP5bdgaa5pL8TUMwuX9uJm462Jn_Q8IG6XViPRW_0oW5qDmQFM2N8u2cnh7djFA5QUZ0hSBIzYZL5axHHbJZDWDx6otDVIx4erQkxgK2swwYF3LYVwXtmLWL_5z_6vx96Uwv4JR-RffD8vtLS6FGJcEG8egXeCr-lJLn0OpHqruA16XaOcnxLqku5gBwm4VKnToCwwMCQhUQJ_i5juntn1OMiIQDh2HJ8QlmQ_FfT7W9jdI2yboN7CSlbWJz7210WxFtYA_92HkIgisnHMvLHgibniadH-TUU03EljGPzJ2dgj1i7w9MixwjNyYnsadl0nh8QM5yPsSLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJQiA4YAQEAEYHzICqgI6CIBAgICEgIAESL39wTpYkqaZ4qCMhAOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_btBCkdBJcpuxv95na9ATpSpiF0RBGWCqVLaJ9WcyRS2kYztTAB-OMM7GZOuaGAhHF5saiMoIWUgTK96tdH9AXsMWT1Z6sSWGi40YAQ%26sig%3DAOD64_0z-qQSYDrq_77tkaUXP1UirofYTw%26client%3Dca-pub-4612162185209713%26dbm_c%3DAKAmf-AWXOQ38TJeIGnUPPInn1Pl-7RSl2M-Se01O-4bVK8iHD5EFgTk-EQc9Qa4sQtpYLjWykSSVsMh_yz7Nchc4FWg1V4dlDziU1bgR0e1x4GmQx5fJELu9UGa7zxUT1X0Sq8MqohsZNBEaBQ7h8XIdKuaakNqtGL4iiVRSrm9VSfrJd-ZaDQ%26cry%3D1%26dbm_d%3DAKAmf-AOWv6YlVCEIQCANn5Ty4DdvxEm5n9U10GLM8w-6pk5SuGvMmFjqIIvLewtW82RH9eG3_Y3qPMIndxze2QEBhnoz9Vzy_XMYYQP1NgH7NbtI_Spt4p-naqLL3jgYYdAuSF3m2G6FG__MVns-Iu_Ws7NfQYVEgh44NaKlZzkLj5nWzR_Tm859-RPjq1gv55pH6DxeYH22RGFdmth8rOrBnlgdtnur16PhOgeJ_CJPQd6LmiAS6xn81s7fVihJrLOtM5wfXqv6nuLICMuhYEY4t5o_lUHph4nOcTR8HdK8lLGSzHsFy_U1bGaACPGka562_Bhw600nHgXXatluoM9QtjuixwrH0NQNtHr4CPxYlpbHosA5nlqU0P0Lremo0ZhwLxvm9OpIEWXJgDAEKqkmkyChggVtdpF2DJx9r3B8PDQp5sZ3X0jOUtn6zcObXF-MUbHF7XWq7UDGYYptD3We-ZAXgu1jF0jHB6TkU7njs9F7HsJP3mqldHbGFygZPbEQlapkirhlIvv-frQ7LjCoVGVUD4smRN9TfsppP8EnLI25eBnN3adRKJ3EPKzumcp3vp4-4Pm%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4612162185209713%26output%3Dhtml%26h%3D140%26slotname%3D9466993845%26adk%3D236759356%26adf%3D3694931959%26pi%3Dt.ma~as.9466993845%26w%3D858%26lmt%3D1698915193%26rafmt%3D11%26format%3D858x140%26url%3Dhttps%253A%252F%252Fleekangw.github.io%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1706863158816%26bpp%3D5%26bdt%3D150%26idt%3D202%26shv%3Dr20240131%26mjsv%3Dm202401290101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C212x600%252C858x140%26nras%3D1%26correlator%3D4106480496177%26frm%3D20%26pv%3D1%26ga_vid%3D1863963592.1706863159%26ga_sid%3D1706863159%26ga_hid%3D838409285%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D338%26ady%3D1764%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C44809004%252C31080826%252C95322180%252C95323007%26oid%3D2%26pvsid%3D989059356523449%26tmod%3D1338357150%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26dtd%3D207&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fleekangw.github.io&random=3493803717467&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=140&slotname=9466993845&adk=236759356&adf=3694931959&pi=t.ma~as.9466993845&w=858&lmt=1698915193&rafmt=11&format=858x140&url=https%3A%2F%2Fleekangw.github.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158816&bpp=5&bdt=150&idt=202&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C212x600%2C858x140&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=338&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=207
Protocol: HTTP/1.1
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: fb522bbacefba728b5775d1f47bbe7f1e8d9522e8e95d4972664952ea3286291

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Feb 2024 08:39:19 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 29308200044990004444550012588017
Connection: close
Content-Length: 1326
Expires: Fri, 02 Feb 2024 08:39:19 +0100

Redirect headers

Pragma: no-cache
Date: Fri, 02 Feb 2024 08:39:19 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=be6138669f&subid=&uid=0849b6d46c3faf6c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCF3vTN6q8ZZCEB7Gs2OMP2PGtsAim5b2gaYWVnKfJD_AuEAEgrZWljgFgleL1gZQHyAEJqQI9mh0vtj2yPqgDAcgDmwSqBJACT9B1uvcvtYcisByHHEkaWvS8KGonj-MpP5bdgaa5pL8TUMwuX9uJm462Jn_Q8IG6XViPRW_0oW5qDmQFM2N8u2cnh7djFA5QUZ0hSBIzYZL5axHHbJZDWDx6otDVIx4erQkxgK2swwYF3LYVwXtmLWL_5z_6vx96Uwv4JR-RffD8vtLS6FGJcEG8egXeCr-lJLn0OpHqruA16XaOcnxLqku5gBwm4VKnToCwwMCQhUQJ_i5juntn1OMiIQDh2HJ8QlmQ_FfT7W9jdI2yboN7CSlbWJz7210WxFtYA_92HkIgisnHMvLHgibniadH-TUU03EljGPzJ2dgj1i7w9MixwjNyYnsadl0nh8QM5yPsSLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJQiA4YAQEAEYHzICqgI6CIBAgICEgIAESL39wTpYkqaZ4qCMhAOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_btBCkdBJcpuxv95na9ATpSpiF0RBGWCqVLaJ9WcyRS2kYztTAB-OMM7GZOuaGAhHF5saiMoIWUgTK96tdH9AXsMWT1Z6sSWGi40YAQ%26sig%3DAOD64_0z-qQSYDrq_77tkaUXP1UirofYTw%26client%3Dca-pub-4612162185209713%26dbm_c%3DAKAmf-AWXOQ38TJeIGnUPPInn1Pl-7RSl2M-Se01O-4bVK8iHD5EFgTk-EQc9Qa4sQtpYLjWykSSVsMh_yz7Nchc4FWg1V4dlDziU1bgR0e1x4GmQx5fJELu9UGa7zxUT1X0Sq8MqohsZNBEaBQ7h8XIdKuaakNqtGL4iiVRSrm9VSfrJd-ZaDQ%26cry%3D1%26dbm_d%3DAKAmf-AOWv6YlVCEIQCANn5Ty4DdvxEm5n9U10GLM8w-6pk5SuGvMmFjqIIvLewtW82RH9eG3_Y3qPMIndxze2QEBhnoz9Vzy_XMYYQP1NgH7NbtI_Spt4p-naqLL3jgYYdAuSF3m2G6FG__MVns-Iu_Ws7NfQYVEgh44NaKlZzkLj5nWzR_Tm859-RPjq1gv55pH6DxeYH22RGFdmth8rOrBnlgdtnur16PhOgeJ_CJPQd6LmiAS6xn81s7fVihJrLOtM5wfXqv6nuLICMuhYEY4t5o_lUHph4nOcTR8HdK8lLGSzHsFy_U1bGaACPGka562_Bhw600nHgXXatluoM9QtjuixwrH0NQNtHr4CPxYlpbHosA5nlqU0P0Lremo0ZhwLxvm9OpIEWXJgDAEKqkmkyChggVtdpF2DJx9r3B8PDQp5sZ3X0jOUtn6zcObXF-MUbHF7XWq7UDGYYptD3We-ZAXgu1jF0jHB6TkU7njs9F7HsJP3mqldHbGFygZPbEQlapkirhlIvv-frQ7LjCoVGVUD4smRN9TfsppP8EnLI25eBnN3adRKJ3EPKzumcp3vp4-4Pm%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4612162185209713%26output%3Dhtml%26h%3D140%26slotname%3D9466993845%26adk%3D236759356%26adf%3D3694931959%26pi%3Dt.ma~as.9466993845%26w%3D858%26lmt%3D1698915193%26rafmt%3D11%26format%3D858x140%26url%3Dhttps%253A%252F%252Fleekangw.github.io%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1706863158816%26bpp%3D5%26bdt%3D150%26idt%3D202%26shv%3Dr20240131%26mjsv%3Dm202401290101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C212x600%252C858x140%26nras%3D1%26correlator%3D4106480496177%26frm%3D20%26pv%3D1%26ga_vid%3D1863963592.1706863159%26ga_sid%3D1706863159%26ga_hid%3D838409285%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D338%26ady%3D1764%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C44809004%252C31080826%252C95322180%252C95323007%26oid%3D2%26pvsid%3D989059356523449%26tmod%3D1338357150%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26dtd%3D207&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fleekangw.github.io&random=3493803717467&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Fri, 02 Feb 2024 08:39:19 +0100

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 16E7 38 KB
13 KB 10ms
8ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 221461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 30 Jan 2024 19:08:18 GMT
expires: Wed, 29 Jan 2025 19:08:18 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 956A 39 KB
15 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 11:14:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Jan 2025 11:14:22 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 16E7 39 KB
15 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 11:14:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77097
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Jan 2025 11:14:22 GMT

GET
H2 200 ftUtils.js Show response
ajs-assets.ftstatic.com/ Frame B486 86 KB
26 KB 79ms
7ms Script
application/javascript 18.66.192.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ajs-assets.ftstatic.com/ftUtils.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/8/224477;7879091;201;jsappend;DV360;DV360FY24StockBEHInMarketDEDSKBAN728x90/?ftOBA=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4612162185209713%26output%3Dhtml%26h%3D140%26slotname%3D9466993845%26adk%3D236759356%26adf%3D336455553%26pi%3Dt.ma~as.9466993845%26w%3D858%26lmt%3D1698915193%26rafmt%3D11%26format%3D858x140%26url%3Dhttps%253A%252F%252Fleekangw.github.io%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1706863158809%26bpp%3D5%26bdt%3D143%26idt%3D204%26shv%3Dr20240131%26mjsv%3Dm202401290101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C212x600%26nras%3D1%26correlator%3D4106480496177%26frm%3D20%26pv%3D1%26ga_vid%3D1863963592.1706863159%26ga_sid%3D1706863159%26ga_hid%3D838409285%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D338%26ady%3D472%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C44809004%252C31080826%252C95322180%252C95323007%26oid%3D2&us_privacy=${US_PRIVACY}&site_url=https://leekangw.github.io/&pub_id=1&sup_platform=1&cachebuster=955380.8320522277
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-112.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cbbabf32ca01dbb0beda9a574acb9602fc4728afff9b9eb5a51aa92b0a889981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 14:34:20 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/5.2), 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 65100
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 26343
last-modified: Wed, 24 Jan 2024 14:32:35 GMT
server: AmazonS3
etag: W/"72851d1caa0fb39691fdc257bcee7227"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=86400
x-varnish: 206805508 177868529
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: SbwSYTz0eJFxktmstmG3Nu5CRpo5s7kR9d-jmAYQN67Zp9FnR0tmrw==

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 956A 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BGLBDN6q8ZZ_tJuq2x_APz9y7yAgAAAAAOAHgBAI&bg=!29il2JfNAAa8BdJLnAU7ADQBe5WfOOc4ySY62kTKxDiCXIIvMLSsKPTeVlfaUVZtYj50J6pX63Mq31mRevEOf4EOqGD_AgAAAIVSAAAAAmgBB5kDE8E5CwKyVSrS5-KkUlpChSpYvqeVPuSy0WWyiw5q0ChSuQ3G5D3Nr-jZ3373-Tr6IOXxo_V_ek4LWlfGtIviUoE2E86doU8kWet2w2nk3K2a8C4GXcJ51XTUdDQVWy9jWNsUKHT62FJCECv6-2_GnsooJdYsbdiCU_rD18JRgP74cX8DctUi4zvhGr0JkEF2PR76--X8XQy0_4M3QwjRmgJUMbkSSdiEsj1OeSK0tWcOE4EKTzhK7Md6isuNJ-JRsCLNAQpw8ZEMX1d8vcSPrWVZU_Wvh8o3c-QYpjs7EwtPekaz9fyjRADUJvKIrIivKSYj2GV2gKf05Y9Zgeup1R6KyDaa_gTJg_N9BmItxyB7v4jOcZ6aeFK3Ki_krUF1cHhOfPPdV0lC1hC4kNwAVESskNwOzbqgTqz9blYoQtXdSuHev2XyrHWuZulgl--2o7Zs7MPvqo3qiKNwSIK6nchVLQuUCsu5Pf_WZMQ3v-7iTLun8QqtlxO4-MSOILBBZ7Y0s2Ni_Y6Q1j3Ilr6IQKKtQKPTRHzYGw11zTkEtVyj21N_AqSQUUFcrx7eo2cH713VF07egpIVKVbicibmCsWc_fpSYl8F91Dev42RMEp8dmIoAmOKSWZxbLGBuvN4_M11GLAugVMrfntSjzNfZyVpBfUBt96q3SEctIFMTU2Sv-gQHWReLlTL5DLy-D1PJEvUkzg0323iCSR6Fg1ymePh1P3CkxOj76_ZayQpONt1m4LFyfYLxaduECwY4mvu-x1jp-bkVWTPS0X3YbYzDRQtFLqevOihCzIaYmysRIYp2ZKfusfvRPBPMPpycwLUG_7KjCq5A8d3eucPV7Vx5UiMwh2xHpPE8k2p55buq_B1f2s7TuwWa7CgDcoiZFLClAyYZXuJtxoqgqEzgmBE5FcbptmqZhOlnDA65nTtyciVkxZWB4DGhuhSIQ7zII3YauDfjgBsvaMxRd7BmduxobF2EqsHE9PqGka-9dXcF3vP3m1NZSU3iOsxLTQpARPSdwu-sXoR2CaHY99LN89gyKwtEII

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 16E7 0
20 B 44ms
44ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BEHe9N6q8ZbTxKY6YjuwPwPKq4AIAAAAAOAHgBAI&bg=!39yl3JPNAAa8BdJLnAU7ADQBe5WfOD1R9c04dnijPukM5UWHfw5gPzy34REgDOjvW_PjlijUWhjksi9vanVY63BuhgORAgAAAHVSAAAAAmgBBwoAajHX1Kb-_du5G1dSz6vFLROFnQfCcbNskjPhoTDb6EZB5PQi1ODqLKGN5u8KH7PULTOcCkQSo3Gg23tlon9fc7XD5Y31lmhT4fUD8BO19EQ9wtVY6f4I7vVSGJ5fRb87WUTzHUBSMVsEjmGZAxe-qS0mQqWEdeJ0n4I3-_MSuZGZ8rsLXORaSy-BKKj7wdEQZSXF9BbmcuoLiKLyFmkuCwxoIdFGSSQ7Sh2m8YZwB-F57qqiGgf2PV5jLnbtlJtV5sIjxbrX9Z1Z4J0JHKS9-mjZquZt02_z6PMwqdsk3NHR6fRWGgWBRNQ2Z9jHJ8rEaqVlAeA9-VdZUWtIH0aIRr6si-fUkkXthg_0jiqCTvq9x5jdi6vJJ3Dq95aE96XlKrSfEDqZqMXYGyaID-hXKkJn5-34HbnoI1-uz7AjKv3V6FmK2bDfNGzq1dBxId7V1Leyv_ebvN09OVSWCXyeuQ7rZBkH6kOweSYhxqeeXil0tVyJoGHjcPuC-av7nWJLRqKJ0TC2ESUYdnhYhnOWV7KRiHlWSnpdqKYgea8mm0O-MB7sfC6WSBlScH2uYqB0fuGaLvyXVBaoWXRwYlOeWzjsnA7ygidbglFokKjtx_IUFdWsNYXPlo9nbJzKWY0ArJ2LN-LbC45nuFmmoi_I365rlx9Uq5sHr8Zhxr1tuM4rJZ0kIhYWwuncnVpUzX7lDeKHuCtzttKa2zHZYbTn0zpumzYpi3oQdcMbLGlynAcJOEWl2wIEEwARMF80xMXgFvvmx2kQ0c6u2-zJTrUC-KAipyV_qTN_cwJHuVxJWXoQexnrI0p6mjSGnCi6AY3H3Pf_4RvUdWbopgDBbP3v60sb0YvYFbY-BdA5Ftrfj0sgqwwFq9xK6edO9j7AAbYt7Zm5ADPIhawLDqLcXfklFnPcUwHn-vQPAya1DxW9yqYtYADLJCy092RuHndvqSn5vdgzTdeO5yB6ffH8AtTXIAQteXq6MHPCi7R2AKp9wTw5RXCSOZk27to4ifRNavGnYY7MybF1kSQWgt5fA0mha_9Mm-w0EV1BiCEjipbfV67aocxGIR7DxjXoHHJwzSAChfAnxmWdUo0BdoCM_woZQ8ThxxfBS8iJwO4NBAexK93m_I840TUwMVjAZfXqX4z2fHVewDLSbJ69wLXWP1zVaS-vT-f6AXZG2GXZiKGARDbdMMTk9A

Requested by

Host: leekangw.github.io
URL: https://leekangw.github.io/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adv.office-partner.de/ Frame 2DA4 930 B
923 B 85ms
7ms Document
text/html 2a0b:4d07:102::1
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to

Full URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=be6138669f&subid=&uid=0849b6d46c3faf6c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCF3vTN6q8ZZCEB7Gs2OMP2PGtsAim5b2gaYWVnKfJD_AuEAEgrZWljgFgleL1gZQHyAEJqQI9mh0vtj2yPqgDAcgDmwSqBJACT9B1uvcvtYcisByHHEkaWvS8KGonj-MpP5bdgaa5pL8TUMwuX9uJm462Jn_Q8IG6XViPRW_0oW5qDmQFM2N8u2cnh7djFA5QUZ0hSBIzYZL5axHHbJZDWDx6otDVIx4erQkxgK2swwYF3LYVwXtmLWL_5z_6vx96Uwv4JR-RffD8vtLS6FGJcEG8egXeCr-lJLn0OpHqruA16XaOcnxLqku5gBwm4VKnToCwwMCQhUQJ_i5juntn1OMiIQDh2HJ8QlmQ_FfT7W9jdI2yboN7CSlbWJz7210WxFtYA_92HkIgisnHMvLHgibniadH-TUU03EljGPzJ2dgj1i7w9MixwjNyYnsadl0nh8QM5yPsSLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJQiA4YAQEAEYHzICqgI6CIBAgICEgIAESL39wTpYkqaZ4qCMhAOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_btBCkdBJcpuxv95na9ATpSpiF0RBGWCqVLaJ9WcyRS2kYztTAB-OMM7GZOuaGAhHF5saiMoIWUgTK96tdH9AXsMWT1Z6sSWGi40YAQ%26sig%3DAOD64_0z-qQSYDrq_77tkaUXP1UirofYTw%26client%3Dca-pub-4612162185209713%26dbm_c%3DAKAmf-AWXOQ38TJeIGnUPPInn1Pl-7RSl2M-Se01O-4bVK8iHD5EFgTk-EQc9Qa4sQtpYLjWykSSVsMh_yz7Nchc4FWg1V4dlDziU1bgR0e1x4GmQx5fJELu9UGa7zxUT1X0Sq8MqohsZNBEaBQ7h8XIdKuaakNqtGL4iiVRSrm9VSfrJd-ZaDQ%26cry%3D1%26dbm_d%3DAKAmf-AOWv6YlVCEIQCANn5Ty4DdvxEm5n9U10GLM8w-6pk5SuGvMmFjqIIvLewtW82RH9eG3_Y3qPMIndxze2QEBhnoz9Vzy_XMYYQP1NgH7NbtI_Spt4p-naqLL3jgYYdAuSF3m2G6FG__MVns-Iu_Ws7NfQYVEgh44NaKlZzkLj5nWzR_Tm859-RPjq1gv55pH6DxeYH22RGFdmth8rOrBnlgdtnur16PhOgeJ_CJPQd6LmiAS6xn81s7fVihJrLOtM5wfXqv6nuLICMuhYEY4t5o_lUHph4nOcTR8HdK8lLGSzHsFy_U1bGaACPGka562_Bhw600nHgXXatluoM9QtjuixwrH0NQNtHr4CPxYlpbHosA5nlqU0P0Lremo0ZhwLxvm9OpIEWXJgDAEKqkmkyChggVtdpF2DJx9r3B8PDQp5sZ3X0jOUtn6zcObXF-MUbHF7XWq7UDGYYptD3We-ZAXgu1jF0jHB6TkU7njs9F7HsJP3mqldHbGFygZPbEQlapkirhlIvv-frQ7LjCoVGVUD4smRN9TfsppP8EnLI25eBnN3adRKJ3EPKzumcp3vp4-4Pm%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4612162185209713%26output%3Dhtml%26h%3D140%26slotname%3D9466993845%26adk%3D236759356%26adf%3D3694931959%26pi%3Dt.ma~as.9466993845%26w%3D858%26lmt%3D1698915193%26rafmt%3D11%26format%3D858x140%26url%3Dhttps%253A%252F%252Fleekangw.github.io%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1706863158816%26bpp%3D5%26bdt%3D150%26idt%3D202%26shv%3Dr20240131%26mjsv%3Dm202401290101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C212x600%252C858x140%26nras%3D1%26correlator%3D4106480496177%26frm%3D20%26pv%3D1%26ga_vid%3D1863963592.1706863159%26ga_sid%3D1706863159%26ga_hid%3D838409285%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D338%26ady%3D1764%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C44809004%252C31080826%252C95322180%252C95323007%26oid%3D2%26pvsid%3D989059356523449%26tmod%3D1338357150%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26dtd%3D207&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fleekangw.github.io&random=3493803717467&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=604800
content-encoding: gzip
content-length: 552
content-type: text/html
date: Fri, 02 Feb 2024 08:39:20 GMT
etag: "3a2-5c1ab16b3be00-gzip"
expires: Fri, 09 Feb 2024 08:39:20 GMT
last-modified: Thu, 06 May 2021 15:37:28 GMT
link: <https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server: keycdn
vary: Accept-Encoding
x-accel-version: 0.01
x-cache: HIT
x-edge-location: defr

GET
H2 200 e99aace94e6e5873e27022e22519b6a9 Show response
pv.medialead.de/trck/epv/ Frame 4F95 0
326 B 71ms
20ms Document
application/javascript 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://pv.medialead.de/trck/epv/e99aace94e6e5873e27022e22519b6a9?subid=29308200044990004444550012588017&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=be6138669f&subid=&uid=0849b6d46c3faf6c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCF3vTN6q8ZZCEB7Gs2OMP2PGtsAim5b2gaYWVnKfJD_AuEAEgrZWljgFgleL1gZQHyAEJqQI9mh0vtj2yPqgDAcgDmwSqBJACT9B1uvcvtYcisByHHEkaWvS8KGonj-MpP5bdgaa5pL8TUMwuX9uJm462Jn_Q8IG6XViPRW_0oW5qDmQFM2N8u2cnh7djFA5QUZ0hSBIzYZL5axHHbJZDWDx6otDVIx4erQkxgK2swwYF3LYVwXtmLWL_5z_6vx96Uwv4JR-RffD8vtLS6FGJcEG8egXeCr-lJLn0OpHqruA16XaOcnxLqku5gBwm4VKnToCwwMCQhUQJ_i5juntn1OMiIQDh2HJ8QlmQ_FfT7W9jdI2yboN7CSlbWJz7210WxFtYA_92HkIgisnHMvLHgibniadH-TUU03EljGPzJ2dgj1i7w9MixwjNyYnsadl0nh8QM5yPsSLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJQiA4YAQEAEYHzICqgI6CIBAgICEgIAESL39wTpYkqaZ4qCMhAOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_btBCkdBJcpuxv95na9ATpSpiF0RBGWCqVLaJ9WcyRS2kYztTAB-OMM7GZOuaGAhHF5saiMoIWUgTK96tdH9AXsMWT1Z6sSWGi40YAQ%26sig%3DAOD64_0z-qQSYDrq_77tkaUXP1UirofYTw%26client%3Dca-pub-4612162185209713%26dbm_c%3DAKAmf-AWXOQ38TJeIGnUPPInn1Pl-7RSl2M-Se01O-4bVK8iHD5EFgTk-EQc9Qa4sQtpYLjWykSSVsMh_yz7Nchc4FWg1V4dlDziU1bgR0e1x4GmQx5fJELu9UGa7zxUT1X0Sq8MqohsZNBEaBQ7h8XIdKuaakNqtGL4iiVRSrm9VSfrJd-ZaDQ%26cry%3D1%26dbm_d%3DAKAmf-AOWv6YlVCEIQCANn5Ty4DdvxEm5n9U10GLM8w-6pk5SuGvMmFjqIIvLewtW82RH9eG3_Y3qPMIndxze2QEBhnoz9Vzy_XMYYQP1NgH7NbtI_Spt4p-naqLL3jgYYdAuSF3m2G6FG__MVns-Iu_Ws7NfQYVEgh44NaKlZzkLj5nWzR_Tm859-RPjq1gv55pH6DxeYH22RGFdmth8rOrBnlgdtnur16PhOgeJ_CJPQd6LmiAS6xn81s7fVihJrLOtM5wfXqv6nuLICMuhYEY4t5o_lUHph4nOcTR8HdK8lLGSzHsFy_U1bGaACPGka562_Bhw600nHgXXatluoM9QtjuixwrH0NQNtHr4CPxYlpbHosA5nlqU0P0Lremo0ZhwLxvm9OpIEWXJgDAEKqkmkyChggVtdpF2DJx9r3B8PDQp5sZ3X0jOUtn6zcObXF-MUbHF7XWq7UDGYYptD3We-ZAXgu1jF0jHB6TkU7njs9F7HsJP3mqldHbGFygZPbEQlapkirhlIvv-frQ7LjCoVGVUD4smRN9TfsppP8EnLI25eBnN3adRKJ3EPKzumcp3vp4-4Pm%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4612162185209713%26output%3Dhtml%26h%3D140%26slotname%3D9466993845%26adk%3D236759356%26adf%3D3694931959%26pi%3Dt.ma~as.9466993845%26w%3D858%26lmt%3D1698915193%26rafmt%3D11%26format%3D858x140%26url%3Dhttps%253A%252F%252Fleekangw.github.io%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1706863158816%26bpp%3D5%26bdt%3D150%26idt%3D202%26shv%3Dr20240131%26mjsv%3Dm202401290101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C212x600%252C858x140%26nras%3D1%26correlator%3D4106480496177%26frm%3D20%26pv%3D1%26ga_vid%3D1863963592.1706863159%26ga_sid%3D1706863159%26ga_hid%3D838409285%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D338%26ady%3D1764%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C44809004%252C31080826%252C95322180%252C95323007%26oid%3D2%26pvsid%3D989059356523449%26tmod%3D1338357150%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26dtd%3D207&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fleekangw.github.io&random=3493803717467&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 Paris, France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
attribution-reporting-register-source: {"source_event_id":"17200521800103982","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length: 0
content-type: application/javascript; charset=utf-8
date: Fri, 02 Feb 2024 08:39:20 GMT
host: pv.medialead.de
proxy-host: pv.medialead.de
server: nginx
vary: Origin

GET
H2 200 link.html Show response
track.webgains.com/ Frame B8B0 2 KB
2 KB 151ms
91ms Script
text/html 18.134.223.160
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=29308200044990004444550012588017&nw=1
Requested by: Host: leekangw.github.io
URL: https://leekangw.github.io/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.134.223.160 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-134-223-160.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 697dfbb2884084554b3ab679239b89d9a37d40d689dc87f7a30d2e561aa27519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:20 GMT
last-modified: Fri, 02 Feb 2024 08:39:20 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Fri, 02 Feb 2024 08:40:20 GMT

GET
H2

200

activityi;dc_pre=CJSq2uKgjIQDFaZgHgIdCwEC6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=509913104931.9627 Show response
8019191.fls.doubleclick.net/ Frame 15AB
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=509913104931.9627?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CJSq2uKgjIQDFaZgHgIdCwEC6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=509913104931.9627?

2 KB
1 KB

50ms
50ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CJSq2uKgjIQDFaZgHgIdCwEC6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=509913104931.9627?

Requested by

Host: leekangw.github.io
URL: https://leekangw.github.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.198 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

e7154c7021935bde1cf1ce1013fb4c50ea662ac7de5ec4b24512ca928f378cd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 902
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 08:39:20 GMT
expires: Fri, 02 Feb 2024 08:39:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 08:39:20 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJSq2uKgjIQDFaZgHgIdCwEC6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=509913104931.9627?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal900017.redintelligence.net/ Frame 940B 7 KB
2 KB 21ms
8ms Document
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/request_content.php?s=29308200044990004444550012588017&a=87b7803a
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request.php?zone=g72h7lz2c4az&nw=20&renderingType=javascript&namespace=be6138669f&subid=&uid=0849b6d46c3faf6c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCF3vTN6q8ZZCEB7Gs2OMP2PGtsAim5b2gaYWVnKfJD_AuEAEgrZWljgFgleL1gZQHyAEJqQI9mh0vtj2yPqgDAcgDmwSqBJACT9B1uvcvtYcisByHHEkaWvS8KGonj-MpP5bdgaa5pL8TUMwuX9uJm462Jn_Q8IG6XViPRW_0oW5qDmQFM2N8u2cnh7djFA5QUZ0hSBIzYZL5axHHbJZDWDx6otDVIx4erQkxgK2swwYF3LYVwXtmLWL_5z_6vx96Uwv4JR-RffD8vtLS6FGJcEG8egXeCr-lJLn0OpHqruA16XaOcnxLqku5gBwm4VKnToCwwMCQhUQJ_i5juntn1OMiIQDh2HJ8QlmQ_FfT7W9jdI2yboN7CSlbWJz7210WxFtYA_92HkIgisnHMvLHgibniadH-TUU03EljGPzJ2dgj1i7w9MixwjNyYnsadl0nh8QM5yPsSLABOuP_I73A-AEA4gF76-WiD6QBgGgBk2AB6yt9Z8DqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJQiA4YAQEAEYHzICqgI6CIBAgICEgIAESL39wTpYkqaZ4qCMhAOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_btBCkdBJcpuxv95na9ATpSpiF0RBGWCqVLaJ9WcyRS2kYztTAB-OMM7GZOuaGAhHF5saiMoIWUgTK96tdH9AXsMWT1Z6sSWGi40YAQ%26sig%3DAOD64_0z-qQSYDrq_77tkaUXP1UirofYTw%26client%3Dca-pub-4612162185209713%26dbm_c%3DAKAmf-AWXOQ38TJeIGnUPPInn1Pl-7RSl2M-Se01O-4bVK8iHD5EFgTk-EQc9Qa4sQtpYLjWykSSVsMh_yz7Nchc4FWg1V4dlDziU1bgR0e1x4GmQx5fJELu9UGa7zxUT1X0Sq8MqohsZNBEaBQ7h8XIdKuaakNqtGL4iiVRSrm9VSfrJd-ZaDQ%26cry%3D1%26dbm_d%3DAKAmf-AOWv6YlVCEIQCANn5Ty4DdvxEm5n9U10GLM8w-6pk5SuGvMmFjqIIvLewtW82RH9eG3_Y3qPMIndxze2QEBhnoz9Vzy_XMYYQP1NgH7NbtI_Spt4p-naqLL3jgYYdAuSF3m2G6FG__MVns-Iu_Ws7NfQYVEgh44NaKlZzkLj5nWzR_Tm859-RPjq1gv55pH6DxeYH22RGFdmth8rOrBnlgdtnur16PhOgeJ_CJPQd6LmiAS6xn81s7fVihJrLOtM5wfXqv6nuLICMuhYEY4t5o_lUHph4nOcTR8HdK8lLGSzHsFy_U1bGaACPGka562_Bhw600nHgXXatluoM9QtjuixwrH0NQNtHr4CPxYlpbHosA5nlqU0P0Lremo0ZhwLxvm9OpIEWXJgDAEKqkmkyChggVtdpF2DJx9r3B8PDQp5sZ3X0jOUtn6zcObXF-MUbHF7XWq7UDGYYptD3We-ZAXgu1jF0jHB6TkU7njs9F7HsJP3mqldHbGFygZPbEQlapkirhlIvv-frQ7LjCoVGVUD4smRN9TfsppP8EnLI25eBnN3adRKJ3EPKzumcp3vp4-4Pm%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4612162185209713%26output%3Dhtml%26h%3D140%26slotname%3D9466993845%26adk%3D236759356%26adf%3D3694931959%26pi%3Dt.ma~as.9466993845%26w%3D858%26lmt%3D1698915193%26rafmt%3D11%26format%3D858x140%26url%3Dhttps%253A%252F%252Fleekangw.github.io%252F%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1706863158816%26bpp%3D5%26bdt%3D150%26idt%3D202%26shv%3Dr20240131%26mjsv%3Dm202401290101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C212x600%252C858x140%26nras%3D1%26correlator%3D4106480496177%26frm%3D20%26pv%3D1%26ga_vid%3D1863963592.1706863159%26ga_sid%3D1706863159%26ga_hid%3D838409285%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D338%26ady%3D1764%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C44809004%252C31080826%252C95322180%252C95323007%26oid%3D2%26pvsid%3D989059356523449%26tmod%3D1338357150%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeEbr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D1%26fsb%3D1%26dtd%3D207&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2Fleekangw.github.io&random=3493803717467&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: 3a4547a73a18ba8ce369686f89a6f2f5665a4982a43e2f28e1a77e785a7b46d4

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 2088
Content-Type: text/html; charset=utf-8
Date: Fri, 02 Feb 2024 08:39:20 GMT
Expires: Fri, 02 Feb 2024 08:39:20 +0100
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H2 200 e99aace94e6e5873e27022e22519b6a9
pv.medialead.de/trck/eview/ Frame B8B0 43 B
361 B 69ms
20ms Image
image/gif 91.121.248.44
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pv.medialead.de/trck/eview/e99aace94e6e5873e27022e22519b6a9?subid=29308200044990004444550012588017&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=140&slotname=9466993845&adk=236759356&adf=3694931959&pi=t.ma~as.9466993845&w=858&lmt=1698915193&rafmt=11&format=858x140&url=https%3A%2F%2Fleekangw.github.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158816&bpp=5&bdt=150&idt=202&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C212x600%2C858x140&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=338&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=207
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 91.121.248.44 Paris, France, ASN16276 (OVH, FR),
Reverse DNS: ip44.ip-91-121-248.eu
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:20 GMT
attribution-reporting-register-source: {"source_event_id":"17200521800103982","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server: nginx
host: pv.medialead.de
vary: Origin
content-type: image/gif
access-control-allow-origin: *
access-control-expose-headers: X-Request-ID
access-control-allow-credentials: true
content-length: 43
proxy-host: pv.medialead.de

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame B8B0 43 B
702 B 91ms
59ms Image
image/gif 2.23.68.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=3266505&v=11601&q=357526&r=113440&pref1=29308200044990004444550012588017&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

2.23.68.89 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-23-68-89.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Feb 2024 08:39:20 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
Content-Type: image/gif
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 43
Expires: 0

GET
DATA 200
OK truncated
/ Frame B8B0 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15da40c58241aa0daac3f255e9b7dfe6d32b039a0082633acbd1f4f3d34eba50

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4215661.json Show response
agen-assets.ftstatic.com/display/7879091/ Frame B486 4 KB
2 KB 75ms
23ms XHR
application/json 65.9.86.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://agen-assets.ftstatic.com/display/7879091/4215661.json
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-86-121.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b49dba856922c036fd7f3dec4a56709f09fcd3e3e84b42537b07341ff2333a05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:20 GMT
content-encoding: gzip
via: 1.1 varnish (Varnish/5.2), 1.1 e13e8f228afcbd0862f27c6ebd714878.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
age: 7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 26 Jan 2024 19:55:18 GMT
server: AmazonS3
etag: W/"c6ecfb5fa5b78deb2047e1661e504cfa"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
cache-control: max-age=30
x-varnish: 1049858458
vary: Accept-Encoding,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: OZ2DoJsu3-rbCMymZZCsPkezLRHTsg9GVxugZj10leQ5GuGviPBHbQ==

GET
H2 200 css
fonts.googleapis.com/ Frame 940B 2 KB
530 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Titillium+Web:400,700

Requested by

Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=29308200044990004444550012588017&a=87b7803a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Feb 2024 08:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 08:00:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Feb 2024 08:39:20 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 940B 16 KB
16 KB 24ms
10ms Image
image/png 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=29308200044990004444550012588017&a=87b7803a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 82d7825ef275364ecbdae85501a9266358bbf94e63292f664170e08416fa18c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 08:39:20 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16509
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 940B 17 KB
17 KB 22ms
8ms Image
image/png 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank-business-giro-aktiv-1200x627.jpg
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=29308200044990004444550012588017&a=87b7803a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 00dc28d485859bcd4f5b8603b4055bdbc61dcdeab6f0803c146f0652c5cfbaa4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 08:39:20 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 17144
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 940B 11 KB
11 KB 22ms
9ms Image
image/png 88.99.165.19
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/36340/creativesup/native2.png
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=29308200044990004444550012588017&a=87b7803a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 88.99.165.19 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.19.165.99.88.clients.your-server.de
Software: Apache /
Resource Hash: 8bcbc76635e51eeeb80e2e6af0141b45c06f387985dd908dcd1297ebf88d57e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 08:39:20 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 10937
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal900017.redintelligence.net/ Frame 940B 0
150 B 22ms
7ms Script
text/html 159.69.70.9
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900017.redintelligence.net/viewability?s=29308200044990004444550012588017&a=3db060ca&vb=m
Requested by: Host: hal900017.redintelligence.net
URL: https://hal900017.redintelligence.net/request_content.php?s=29308200044990004444550012588017&a=87b7803a
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.70.9 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.9.70.69.159.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal900017.redintelligence.net/request_content.php?s=29308200044990004444550012588017&a=87b7803a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 08:39:20 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ Frame 2DA4 181 KB
64 KB 16ms
15ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Requested by

Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

27a25a100d7b9cedebadc4ceff8931815c63ed3fbdae1fedb5ee732b35426b66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65805
x-xss-protection: 0
last-modified: Fri, 02 Feb 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 02 Feb 2024 08:39:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ Frame 2DA4 277 KB
92 KB 17ms
17ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

69c8d4c643a915faa9f5e9fe490556f6f10edbc7487258080d20c8f14fb996d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adv.office-partner.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93975
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 02 Feb 2024 08:39:20 GMT

GET
H/1.1 200
OK score.min.js Show response
js.ad-score.com/ Frame B486 553 KB
160 KB 74ms
13ms Script
application/javascript 2600:9000:26db:fe00:a:deb0:3380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ad-score.com/score.min.js?pid=1000940&tt=g&tid=15091&l1=224477&l2=DV360&l3=7879091&l4=4215661&l5=1&l6=1&utid=3950B146-F1DB-D80B-FB47-7EC55CDF0881&creative_type=display&adid=ftdiv7879091&pub_app=&pub_domain=https://leekangw.github.io/&uid=&cb=717345.0935146029&pub_ts=1706298880&445382225
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26db:fe00:a:deb0:3380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: bf639b0ff22481edd684a047083c4644bb391c84ecb36f4b30f1f1b3a67f874d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Thu, 01 Feb 2024 15:30:14 GMT
Content-Encoding: br
Via: 1.1 9564791ed47030dad53c797ee814c66e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P3
Age: 61746
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 01 Feb 2024 15:30:14 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
X-Amz-Cf-Id: QyABMNCQMXuq5045xRDh-rQ_7k29eXEZMf63MKREweX2LQxr4aCV1Q==
Expires: Fri, 02 Feb 2024 15:30:14 GMT

GET
H/1.1 200
OK ftpagefold_v4.7.2.js Show response
cdn.flashtalking.com/pageFold/ Frame B486 17 KB
6 KB 336ms
267ms Script
application/javascript 184.30.20.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/pageFold/ftpagefold_v4.7.2.js
Requested by: Host: ajs-assets.ftstatic.com
URL: https://ajs-assets.ftstatic.com/ftUtils.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-47.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 08:39:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Nov 2022 15:59:45 GMT
Server: Flashtalking (AKA)
ETag: W/"41e1de2061b5162671c94aaf53e51cc1"
Vary: Accept-Encoding
Content-Type: application/javascript
X-Varnish: 245816087 241254950
Cache-Control: max-age=11278
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5545
Expires: Fri, 02 Feb 2024 11:47:18 GMT

GET
H/1.1 200
OK FY23Q1_Stock_Stock_Stock_DE_DE_Discover2023CreativeTrendsB2CPsychicWaves_ST_728x90.png
cdn.flashtalking.com/155165/4215661/ Frame B486 141 KB
142 KB 83ms
18ms Image
image/png 184.30.20.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/155165/4215661/FY23Q1_Stock_Stock_Stock_DE_DE_Discover2023CreativeTrendsB2CPsychicWaves_ST_728x90.png?906673558
Requested by: Host: leekangw.github.io
URL: https://leekangw.github.io/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-47.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: b2f5d5a2bbe083f2ad74a879b856661e525450587347376f8acad794a037ed1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 08:39:20 GMT
Last-Modified: Wed, 30 Aug 2023 20:22:40 GMT
Server: Flashtalking (AKA)
ETag: W/"fd66e1574f6aba989daa82b294512763"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 376475538
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=38
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 144866
Expires: Fri, 02 Feb 2024 08:39:58 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame B8B0 56 KB
19 KB 95ms
46ms Script
application/javascript 108.138.36.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=29308200044990004444550012588017&nw=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.36.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-36-89.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ace44b78e613a7199dfb108bc4b31f8d017c1053d469e231eab78eb60cb51b07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:52:35 GMT
content-encoding: gzip
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
last-modified: Thu, 01 Feb 2024 09:49:57 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 82006
etag: W/"2ef4dffee1e13116d65e55acc50ac4aa"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: fcSPoEyHFXwNRS1_fOUFcXhkdlRq71lcm860yKilTF9sOtzYwpd2uw==

GET
H2 200 1x1.gif
cdn.track.production.webgains.team/7121/ Frame B8B0 85 B
437 B 293ms
9ms Image
image/gif 99.86.4.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1706863460&Signature=RKmMyT8W8I7tFd8QwfZToTal6cXHhwgTGks14tUJoVTsTfIHC6sssyVYgss9sR9SXSNvhwkTotz3QhsLDWV6KZuu79R4A2H6djfZ5Rn7uDlxOARmzBGbpzZeau3gMzouHyQxptgz8jPP8AE6XQx0rb7CeD4~xbokijYxF6pq7nUBbp2ThpatyyR0aL9vW8d5N6M3oYtmGYd7XlGlxGElRHfnXCG86beZIMrWA~sRzpkdZw4AiP8KAjrnrGLeMek0PtjTMcdvQNmv-UwpmO95wXG~LYaxnfM9lyleiIU6Mqoz4zykt-vKAMIt5Etoq0nK39Rs4MR4jv5HEToatgb~tg__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=140&slotname=9466993845&adk=236759356&adf=3694931959&pi=t.ma~as.9466993845&w=858&lmt=1698915193&rafmt=11&format=858x140&url=https%3A%2F%2Fleekangw.github.io%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158816&bpp=5&bdt=150&idt=202&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C212x600%2C858x140&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=338&ady=1764&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=207
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-53.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

x-amz-version-id: null
date: Thu, 01 Feb 2024 15:07:25 GMT
via: 1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 11:40:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 63116
etag: "70af33d70b6810475aae19743c8c435b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 85
x-amz-cf-id: VeWfdQkwUg-TbFT9SP7a5IfccR_mQb_TmJI3lI1VAIwySaPM-UyS_Q==

GET
H2 200 dc_pre=CJSq2uKgjIQDFaZgHgIdCwEC6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=509913104931.9627
adservice.google.com/ddm/fls/z/ Frame 15AB 42 B
401 B 88ms
45ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJSq2uKgjIQDFaZgHgIdCwEC6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=509913104931.9627

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CJSq2uKgjIQDFaZgHgIdCwEC6A;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=509913104931.9627?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDgwMTkxOTEKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2RvdWJsZWNsaWNrLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04KZGVidWdf...
ad.doubleclick.net/ddm/activity/ Frame 15AB 0
1 KB 46ms
46ms Image
image/png 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=Zmxvb2RsaWdodF9jb25maWdfaWQ6IDgwMTkxOTEKYWR2ZXJ0aXNlcl9kb21haW46ICJodHRwczovL2RvdWJsZWNsaWNrLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IENPTlZFUlNJT04KZGVidWdfa2V5OiAxMjc0OTMwNDE2OTgzNTM2MzM1OQpjdGNfY29udmVyc2lvbl9idWNrZXQ6IDEKYXJjaGV0eXBlX2lkOiAxCmFyY2hldHlwZV9pZDogMwphcmNoZXR5cGVfaWQ6IDQKYXJjaGV0eXBlX2lkOiA1CmFyY2hldHlwZV9pZDogNgphcmNoZXR5cGVfaWQ6IDcKYXJjaGV0eXBlX2lkOiA4CmFyY2hldHlwZV9pZDogOQphcmNoZXR5cGVfaWQ6IDEwCmFyY2hldHlwZV9pZDogMTEKYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphcmNoZXR5cGVfaWQ6IDE2CmFyY2hldHlwZV9pZDogMTcKYXJjaGV0eXBlX2lkOiAxOAphcmNoZXR5cGVfaWQ6IDE5CmFyY2hldHlwZV9pZDogMjAKYXJjaGV0eXBlX2lkOiAyMQpjb252ZXJzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBDT05WRVJTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0FDVElWSVRZX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA2MDM5MDAxCiAgfQp9CmNvbnZlcnNpb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IENPTlZFUlNJT05fRElNRU5TSU9OX0NPTlZFUlNJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAyLTAyIgogIH0KfQpicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNTcwNDI1MzQ0CmdjbGlkOiAiIgp0cmlnZ2VyX2RlZHVwbGljYXRpb25fa2V5OiAxNzk2NDE1ODczNjYwMzUyNTQzMAo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:20 GMT
attribution-reporting-register-trigger: {"aggregatable_deduplication_keys":[{"deduplication_key":"17964158736603525430"}],"aggregatable_trigger_data":[{"filters":{"14":["6039001"]},"key_piece":"0x7cc664d92863adf1","source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"key_piece":"0xdaf0380e59203b1","not_filters":{"14":["6039001"]},"source_keys":["1","3","4","5","6","7","8","9","10","11"]},{"filters":{"14":["6039001"]},"key_piece":"0xf81c8a696a96f8d1","source_keys":["12","13","14","15","16","17","18","19","20","21"]},{"key_piece":"0xa6ba7335d7a651c5","not_filters":{"14":["6039001"]},"source_keys":["12","13","14","15","16","17","18","19","20","21"]}],"aggregatable_values":{"1":327,"10":327,"11":5570,"12":65,"13":65,"14":65,"15":6356,"16":65,"17":65,"18":6356,"19":65,"20":65,"21":6356,"3":327,"4":327,"5":5570,"6":327,"7":327,"8":5570,"9":327},"debug_key":"12749304169835363359","debug_reporting":true,"event_trigger_data":[{"deduplication_key":"17964158736603525430","filters":{"14":["6039001"],"source_type":["event"]},"priority":"10","trigger_data":"1"},{"deduplication_key":"17964158736603525430","filters":{"14":["6039001"],"source_type":["navigation"]},"priority":"10","trigger_data":"6"},{"deduplication_key":"17964158736603525430","filters":{"source_type":["event"]},"priority":"0","trigger_data":"0"},{"deduplication_key":"17964158736603525430","filters":{"source_type":["navigation"]},"priority":"0","trigger_data":"7"}],"filters":{"8":["8019191"]}}
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame B486 102 B
661 B 489ms
121ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=qFinFErVGdnfZADcsHZhWjJvLBieVjIz-FE7fPshldVrlKDQQ037LEEnD-E03BOsVnalbjMg==&pm_ct=d5b84d3daaa9d62f5ded51bf&pm_pl=1706863160284&pm_td=16&pid=1000940&en=1.1&callback=__pm_glbl_kIvMlBVIqXZoBhaxcm0Gx4dQ._gc1&tt=g&v=f487d82
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000940&tt=g&tid=15091&l1=224477&l2=DV360&l3=7879091&l4=4215661&l5=1&l6=1&utid=3950B146-F1DB-D80B-FB47-7EC55CDF0881&creative_type=display&adid=ftdiv7879091&pub_app=&pub_domain=https://leekangw.github.io/&uid=&cb=717345.0935146029&pub_ts=1706298880&445382225
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 4b465ae00631e3a4f982c468d31125847adbfa9d60199664707674c843631cac

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 02 Feb 2024 08:39:20 GMT
Age: 0
Access-Control-Allow-Methods: POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Content-Type: text/plain; charset=utf-8
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 102

GET
DATA 200
OK truncated
/ Frame DA10 266 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B486 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK d0404a9f-4575-497e-92dd-98d2e158c005
https://googleads.g.doubleclick.net/ Frame B486 720 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/d0404a9f-4575-497e-92dd-98d2e158c005
Requested by: Host: leekangw.github.io
URL: https://leekangw.github.io/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 720
Content-Type: application/javascript

GET
BLOB 200
OK 891a826d-85a7-45e3-ad7d-8e772fbfbfcd
https://googleads.g.doubleclick.net/ Frame B486 725 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/891a826d-85a7-45e3-ad7d-8e772fbfbfcd
Requested by: Host: leekangw.github.io
URL: https://leekangw.github.io/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 725
Content-Type: text/javascript

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 50ms
50ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240131&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7a2c1b1744d858bd70fb8c11208340c7c528c8907a740fba42bcb8f226fb1df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leekangw.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12190
x-xss-protection: 0

GET
H2 200 /
ad-events.flashtalking.com/state/7879091;4215661;0;271;3950B146-F1DB-D80B-FB47-7EC55CDF0881/ Frame B486 0
67 B 55ms
6ms Image
text/plain 52.28.104.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/7879091;4215661;0;271;3950B146-F1DB-D80B-FB47-7EC55CDF0881/?cachebuster=261898938
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.104.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-104-40.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:20 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame B486 1 B
377 B 47ms
9ms Image
text/plain 184.30.20.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7879091;4215661;0-304-0-0-542076070
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Feb 2024 08:39:20 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Fri, 02 Feb 2024 08:39:20 GMT

GET
BLOB 200
OK adb54495-4c01-4dbc-a963-d213b405cca7
https://googleads.g.doubleclick.net/ Frame B486 288 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/adb54495-4c01-4dbc-a963-d213b405cca7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Length: 288
Content-Type: text/javascript

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leekangw.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 02 Feb 2024 08:39:20 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1A97 13 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://leekangw.github.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 32786
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 01 Feb 2024 23:32:54 GMT
expires: Fri, 31 Jan 2025 23:32:54 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C5E2 829 B
1 KB 46ms
22ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1c114554be6ad3cf1b04d3d948d654b7b218e6d78e21319457b3a8c399738e46

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NmUI25SoU7d4LBfftL20kQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://leekangw.github.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-NmUI25SoU7d4LBfftL20kQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 02 Feb 2024 08:39:20 GMT
expires: Fri, 02 Feb 2024 08:39:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame B486 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A97 39 KB
15 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 11:14:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 31 Jan 2025 11:14:22 GMT

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame B486 1 B
377 B 10ms
9ms Image
text/plain 184.30.20.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7879091;4215661;0-306-0-0-484545315
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Feb 2024 08:39:20 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Fri, 02 Feb 2024 08:39:20 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C5E2 0
0 38ms
38ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240131&jk=989059356523449&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame 7EF5 0
127 B 13ms
12ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 02 Feb 2024 08:39:19 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1A97 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-1xcxQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DFA5 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstAdQ8wEBIcGd5vVU6VrK_EdT6IgGhKuI-VVkXfneFnSoNaQd-FDOYHmmYtmcZGW-e6RBdu7sWpM0hu9SwF5ErEivwisc5CMqG_mytKo0ZDzxPRFRh8OGLM0236LL2b8rPkaSu88Q&sig=Cg0ArKJSzBiSizQZRTxkEAE&id=lidar2&mcvt=1000&p=0,0,600,212&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&vu=1&app=0&itpl=20&adk=4081495040&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=279595900&rst=1706863159004&rpt=692&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B486 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPOKkjj7srJ6cH5kXbO-Oyy5KPw5Ow6O8kQ3w_JH8cW8SgtSCwgZqviRb3AUb45btyeOpl7j3d0c2aKT8rfScu6RSPq-HpjI3z-N2meWk3SUVZhFyqmxG-gHMWGFQy1FzGApobvXwbxOW419TNlHySYihW7do6oHnP&sai=AMfl-YSL12AgAWN9mfUlv8o68avrq1CTsRIDhXcZfgH9V3FtdHYCRXicMzJZkMkEy2ps5PD0PU-wrWXcl8p4iPMJwC3BGwtqMCoUYCADmhmA_mc5Zx8lCfDWHPHshVzDDndMHjRSh3TRbXi8w_8FLVbf4Q&sig=Cg0ArKJSzIZgFMHckMlmEAE&cid=CAQSTwAvHhf_SWdnDplddIk6TgtM6fkaUiBIbOvEK86PHMkIyf8AuXbPSB-s94AcLmkcW28ZRuXHAjwpAx2t9d4fYE_C9J5gVhasmm_UN4WYAcQYAQ&id=lidar2&mcvt=1037&p=0,0,90,728&mtos=1037,1037,1037,1037,1037&tos=1037,0,0,0,0&v=20240131&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=236759356&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=279595900&rst=1706863159546&rpt=257&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame B486 1 B
283 B 234ms
234ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=qFinFErVGdnfZADcsHZhWjJvLBieVjIz-FE7fPshldVrlKDQQ037LEEnD-E03BOsVnalbjMg==&pm_ct=d5b84d3daaa9d62f5ded51bf&pm_pl=1706863160284&pm_td=572&pid=1000940&en=1.1&callback=__pm_glbl_kIvMlBVIqXZoBhaxcm0Gx4dQ._gc2&tt=g&v=f487d82
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000940&tt=g&tid=15091&l1=224477&l2=DV360&l3=7879091&l4=4215661&l5=1&l6=1&utid=3950B146-F1DB-D80B-FB47-7EC55CDF0881&creative_type=display&adid=ftdiv7879091&pub_app=&pub_domain=https://leekangw.github.io/&uid=&cb=717345.0935146029&pub_ts=1706298880&445382225
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Fri, 02 Feb 2024 08:39:21 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame B8B0 16 B
209 B 67ms
66ms Fetch
application/json 13.42.93.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.42.93.91 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-42-93-91.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/8.1.14

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 02 Feb 2024 08:39:21 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/8.1.14
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 93ms
22ms Preflight 13.42.93.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.42.93.91 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-42-93-91.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-headers: Authorization, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Fri, 02 Feb 2024 08:39:20 GMT
server: nginx

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B486 0
20 B 39ms
39ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2544093169186&version=m202401290101&ct=77&x=1&cor=13155442469385826000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame B486 6 KB
6 KB 146ms
13ms Image
image/png 184.30.20.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-47.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Date: Fri, 02 Feb 2024 08:39:21 GMT
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Server: Flashtalking (AKA)
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
Content-Type: image/png
X-Varnish: 69423302 69718121
Cache-Control: max-age=840
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5953
Expires: Fri, 02 Feb 2024 08:53:21 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 41ms
41ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240131&jk=989059356523449&bg=!ISKlIm3NAAa8BdJLnAU7ADQBe5WfOARSRNorsAFFZC-2TdKEVhw6g_J382rlglLT1V7DlMa2RR_xQ9mvesL3B6yiX1PPAgAAAC1SAAAAAWgBB5kCvSwPORdQ8_JBV2-3xqZS6l5MTmaSoHPT79KdY3-AN4kZI9vBL-SboF1YeJHM5fM0I2yn_jLaAEYzSIlwGxLnrmulG6iQ_NaJ_r6cn1gdliwkm0Tk5PvIZ461g1esssQ_n8pjsJL_6aOhtsiSmoosQhM6ZwXm6sqDahfQ6du_ghqZSia5Z7GPUOzhSdpxl7gPteDUEwXTzVoldeL67FxNS3h7J7xiqipMl5JlK8ah5_B6i0-oWBEElZUlIwdCJUgcj2sxGBFp7AhmsT3zZ5c4XLxZy_y3V-ReHl6f0qwcbKZTm9ASggTQVtFa417kSz7iwnYr0OEuaIg32DqHdmsiuh5uODyQFw05xT0E9GWvYcps3kOQ_rXk2tBWABCDYWm7DeIPhkKzZiJrspyVwBcAVLwP4QbOem-PmVfBOweDrmvH17VWZC6eNDp6FUYkoNECa2dRCDqkmKIQizvXdm0T-UOXK1SKt4GU2LD3XaAnCJjKwDJ3FWN8I4ZktZ9lnkDfpCggiiqsv9lC2BNXeICUJThrhNMPM1iHVa7D3BZv5gqVWHJoF6qM8yR-gmgZp82mT9XtEZtWshVbaiD5VSna0cxa_rpo0aYfa_IyXfKtopXyGvDBTvLLuDw_bl6cqeAns_znFMpGaB-OcgtbUhlBHvke73kX-zjOjUMHMuDXjPuU48WwWDlp3kVa1yt1EEaL4AnK-zkQ9auQH-W9-y3Id1oLGg9lYZ9V6_91Qt0rt-60sApnkTvwwjQEfBN0hOfm92fwvSidCvkGOYFV-_te1CaFY8_GeZWlLV8Ntc-51NKlsB7zvi9lgUx9tF1ZcTbvidvO-putFtU-QsJ9UReHKaKLaJI6x0RbtlIeqh-UwSycEvYBks_VYvHPS_Lgn8ZhSsd8UWNp9gR_EWbQ-PJ7wi7_F5XKXeyuSmXgzF8p
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leekangw.github.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B8B0 0
20 B 38ms
38ms Ping
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3446143132826&version=m202401290101&ct=77&x=1&cor=7981786362068439000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 02 Feb 2024 08:39:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ft.stat
stat.flashtalking.com/reportV3/ Frame B486 1 B
377 B 7ms
7ms Image
text/plain 184.30.20.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stat.flashtalking.com/reportV3/ft.stat?0-7879091;4215661;0-307-0-0-778033977
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.20.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-20-47.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 02 Feb 2024 08:39:21 GMT
Last-Modified: Thu, 28 Jun 2012 14:38:09 GMT
Server: AkamaiNetStorage
ETag: "c4ca4238a0b923820dcc509a6f75849b:1340894289"
Content-Type: text/plain
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1
Expires: Fri, 02 Feb 2024 08:39:21 GMT

GET
H2 200 /
ad-events.flashtalking.com/state/7879091;4215661;0;202;3950B146-F1DB-D80B-FB47-7EC55CDF0881/ Frame B486 0
66 B 6ms
6ms Image
text/plain 52.28.104.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-events.flashtalking.com/state/7879091;4215661;0;202;3950B146-F1DB-D80B-FB47-7EC55CDF0881/?cachebuster=638450611
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.104.40 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-104-40.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Fri, 02 Feb 2024 08:39:21 GMT
server: awselb/2.0
content-length: 0
content-type: text/plain; charset=utf-8

POST
H/1.1 200
OK cors Show response
data.ad-score.com/data/ Frame B486 1 B
283 B 119ms
119ms Fetch
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/data/cors?pm_st=qFinFErVGdnfZADcsHZhWjJvLBieVjIz-FE7fPshldVrlKDQQ037LEEnD-E03BOsVnalbjMg==&pm_ct=d5b84d3daaa9d62f5ded51bf&pm_pl=1706863160284&pm_td=1310&pid=1000940&en=1.1&callback=__pm_glbl_kIvMlBVIqXZoBhaxcm0Gx4dQ._gc3&tt=g&v=f487d82
Requested by: Host: js.ad-score.com
URL: https://js.ad-score.com/score.min.js?pid=1000940&tt=g&tid=15091&l1=224477&l2=DV360&l3=7879091&l4=4215661&l5=1&l6=1&utid=3950B146-F1DB-D80B-FB47-7EC55CDF0881&creative_type=display&adid=ftdiv7879091&pub_app=&pub_domain=https://leekangw.github.io/&uid=&cb=717345.0935146029&pub_ts=1706298880&445382225
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Fri, 02 Feb 2024 08:39:21 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1
Access-Control-Allow-Methods: POST
Content-Type: text/plain; charset=utf-8

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.leekangw.github.io/	1970-01-21 03:43:43	Name: _ga Value: GA1.1.1863963592.1706863159
.leekangw.github.io/	1970-01-21 03:43:43	Name: _ga_M41H0PRK7N Value: GS1.1.1706863158.1.0.1706863158.0.0.0
hits.seeyoufarm.com/	1970-01-20 18:09:09	Name: ckid Value: MmEwMTo0YTA6MmI6OjExLTE3MDY4NjMxNTg4MDAxNjMwMjU=
.doubleclick.net/	1970-01-21 03:29:19	Name: IDE Value: AHWqTUlP3Ww735NZqYg3gsaQ4IXnK6X76jBz2_wxToz13eZl4pqqw9nuBgGucZrT
.casalemedia.com/	1970-01-21 02:53:19	Name: CMID Value: ZbyqN3wBc1t6GDVleKmKmgAA
.casalemedia.com/	1970-01-20 20:17:19	Name: CMPS Value: 2175
.casalemedia.com/	1970-01-20 20:17:19	Name: CMPRO Value: 2175
.doubleclick.net/	1970-01-20 22:26:55	Name: APC Value: AfxxVi7IKAWU68kqHdIWkcwkW80ny8EOR0kWzcbiO89vK9GMcXug2A
.doubleclick.net/	1970-01-20 22:26:55	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 03:43:43	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:17:19	Name: XANDR_PANID Value: RVNXaAATYbxIppimPTIG2nVvjAbx9bsQZxmD3q-NV6bRcP17XLO9l3hujfPHbqhm0iBucGM03N1uFYVt87R0PKv8aPfRh1TreMw1a9MY_Qg.
.adnxs.com/	1970-01-20 20:17:19	Name: uuid2 Value: 8062563336953792633
.adnxs.com/	1970-01-20 20:17:19	Name: anj Value: dTM7k!M41.D>6NRF']wIg2IlkeVIV*!]tbPl1M>e)ZlrFUfJ+tGXxoiCC56xD=MTLRmbkMaqn1BGLyu7Yvq`WXDY?B3If)y3KL9D3I?+wtg[5`
.doubleclick.net/	1970-01-20 18:50:55	Name: ar_debug Value: 1
.redintelligence.net/	1970-01-20 20:17:19	Name: 8lcfmzhxc8d6_uid Value: 1715b9e1fa479e68
.awin1.com/	1970-01-20 18:17:47	Name: awpv11601 Value: 113440\|1706863160\|8ee183e0-c1a6-11ee-a4ff-226608db104b
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 357526:3266505
.office-partner.de/	1970-01-21 03:43:43	Name: source Value: {"webgains_webgains":{"timestamp":1706863160153,"clickCookie":false}}

101 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4612162185209713&output=html&h=600&slotname=3225019129&adk=4081495040&adf=1200720800&pi=t.ma~as.3225019129&w=212&fwrn=4&fwrnh=100&lmt=1698915193&rafmt=1&format=212x600&url=https%3A%2F%2Fleekangw.github.io%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706863158802&bpp=7&bdt=135&idt=193&shv=r20240131&mjsv=m202401290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4106480496177&frm=20&pv=1&ga_vid=1863963592.1706863159&ga_sid=1706863159&ga_hid=838409285&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=24&ady=619&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C44809004%2C31080826%2C95322180%2C95323007&oid=2&pvsid=989059356523449&tmod=1338357150&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=201 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leekangw.github.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000940&tt=g&tid=15091&l1=224477&l2=DV360&l3=7879091&l4=4215661&l5=1&l6=1&utid=3950B146-F1DB-D80B-FB47-7EC55CDF0881&creative_type=display&adid=ftdiv7879091&pub_app=&pub_domain=https://leekangw.github.io/&uid=&cb=717345.0935146029&pub_ts=1706298880&445382225(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000940&tt=g&tid=15091&l1=224477&l2=DV360&l3=7879091&l4=4215661&l5=1&l6=1&utid=3950B146-F1DB-D80B-FB47-7EC55CDF0881&creative_type=display&adid=ftdiv7879091&pub_app=&pub_domain=https://leekangw.github.io/&uid=&cb=717345.0935146029&pub_ts=1706298880&445382225(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000940&tt=g&tid=15091&l1=224477&l2=DV360&l3=7879091&l4=4215661&l5=1&l6=1&utid=3950B146-F1DB-D80B-FB47-7EC55CDF0881&creative_type=display&adid=ftdiv7879091&pub_app=&pub_domain=https://leekangw.github.io/&uid=&cb=717345.0935146029&pub_ts=1706298880&445382225(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000940&tt=g&tid=15091&l1=224477&l2=DV360&l3=7879091&l4=4215661&l5=1&l6=1&utid=3950B146-F1DB-D80B-FB47-7EC55CDF0881&creative_type=display&adid=ftdiv7879091&pub_app=&pub_domain=https://leekangw.github.io/&uid=&cb=717345.0935146029&pub_ts=1706298880&445382225(Line 1) Message: Failed to create WebGPU Context Provider
javascript	info	URL: https://js.ad-score.com/score.min.js?pid=1000940&tt=g&tid=15091&l1=224477&l2=DV360&l3=7879091&l4=4215661&l5=1&l6=1&utid=3950B146-F1DB-D80B-FB47-7EC55CDF0881&creative_type=display&adid=ftdiv7879091&pub_app=&pub_domain=https://leekangw.github.io/&uid=&cb=717345.0935146029&pub_ts=1706298880&445382225(Line 1) Message: WebGPU is experimental on this platform. See https://github.com/gpuweb/gpuweb/wiki/Implementation-Status#implementation-status
rendering	warning	URL: https://js.ad-score.com/score.min.js?pid=1000940&tt=g&tid=15091&l1=224477&l2=DV360&l3=7879091&l4=4215661&l5=1&l6=1&utid=3950B146-F1DB-D80B-FB47-7EC55CDF0881&creative_type=display&adid=ftdiv7879091&pub_app=&pub_domain=https://leekangw.github.io/&uid=&cb=717345.0935146029&pub_ts=1706298880&445382225(Line 1) Message: Failed to create WebGPU Context Provider

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556952

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8019191.fls.doubleclick.net
ad-events.flashtalking.com
ad.doubleclick.net
ads.eu.criteo.com
adservice.google.com
adv.office-partner.de
agen-assets.ftstatic.com
ajs-assets.ftstatic.com
analytics.webgains.io
api.webgains.io
cat.nl3.eu.criteo.com
cdn.flashtalking.com
cdn.jsdelivr.net
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
csm.eu.criteo.net
data.ad-score.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900017.redintelligence.net
hits.seeyoufarm.com
ib.adnxs.com
imageproxy.eu.criteo.net
js.ad-score.com
leekangw.github.io
pagead2.googlesyndication.com
pv.medialead.de
region1.google-analytics.com
rtb.fr3.eu.criteo.com
secure-gl.imrworldwide.com
secure.flashtalking.com
servedby.flashtalking.com
stat.flashtalking.com
static.criteo.net
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.64.122.89
108.138.36.89
13.42.93.91
130.211.115.4
142.250.185.162
142.250.74.198
159.69.70.9
172.64.151.101
178.250.1.6
18.134.223.160
18.66.192.112
184.30.20.47
185.89.210.46
2.23.68.89
2001:4860:4802:32::15
2001:4860:4802:34::36
216.58.212.166
2600:9000:21f3:2400:1e:a43d:b640:93a1
2600:9000:26db:fe00:a:deb0:3380:93a1
2606:4700::6810:5514
2606:4700::6811:190e
2606:50c0:8002::153
2606:50c0:8003::153
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2004
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:d::c
2a0b:4d07:102::1
52.28.104.40
65.9.86.121
88.99.165.19
91.121.248.44
99.86.4.53
0019cbaf2375e8f7670fb6d051b6e0916d4dda6f880b0defe27c0e9c726830a0
00dc28d485859bcd4f5b8603b4055bdbc61dcdeab6f0803c146f0652c5cfbaa4
04a4ec051482dbeac84bf68c61fe3abc1cd91a21d49527e14521723bd7606d94
05093fc29b69f47176cef4de948ca4f1c22d7703b8ce2e20c2725cc2be62080d
05e6b3f7f19592b7d534d6a279441968d4a3c3936158bfe6fabf2c6e83a1b482
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bc7efc8c589298b44bb63c71158d9a15aa244ea977f90ecbceaa68c6601f565
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
15da40c58241aa0daac3f255e9b7dfe6d32b039a0082633acbd1f4f3d34eba50
1c114554be6ad3cf1b04d3d948d654b7b218e6d78e21319457b3a8c399738e46
1edb1725a9ea8ca4dcf2f5508cee183218aa1685e47c1b23056717f754f58ebf
2039c193b349c0e07b087aa646bc3649276328e7ca0d0f55d31e1f81ae707700
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
27a25a100d7b9cedebadc4ceff8931815c63ed3fbdae1fedb5ee732b35426b66
28300c650d86a63c22733cac8b4ce85bd62c3029620d11742c0b12a98b6bb04b
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
343b94e49200f7c2ae4af0f2c9f5cc183b241d40c6e0854dd98b1fa142883736
37de06284be4ec8026554c6a9290c5f36810c69a8627560e4888e7ece777eed0
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
3a4547a73a18ba8ce369686f89a6f2f5665a4982a43e2f28e1a77e785a7b46d4
3c5de2c62523733662f920172a718f1b897e63f4d4e134ab3cd61a748eb2a577
400962600289dfa6c481233b50fddbb2f6399b5d97af04a78dea1a8255954a5a
405ed26a3e42faec2b163b01c0b614c318138def8e32da3ad1b34bb76d0480eb
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43d02ecc1dc3e479fd2cdd8f80cc6ef491c250ce2a231e729f51b8c18c474093
49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98
4b465ae00631e3a4f982c468d31125847adbfa9d60199664707674c843631cac
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51ae59c971eca2205d71a2be11f639001985de4e384e3ed0f2f4691dde9f8e5f
5479c67bc793969961db0fba17823653327a1066e5f60f5d21c3a6dfd2f834ed
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b1fd0b474454744220b4442fc04b77cefda3c3f710f1435342104b376af8c8b
5e89733d8a8e055100cda68bf7a712ab0e1b24fefee7e39792b47cb5ff7c3cb1
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
689770f9f15ed9c68cfb8834c4473bb63cf8967ecd5b3b5930b6f4ff17ff5f4f
697dfbb2884084554b3ab679239b89d9a37d40d689dc87f7a30d2e561aa27519
69c8d4c643a915faa9f5e9fe490556f6f10edbc7487258080d20c8f14fb996d0
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7152a6933ee3d690ec2af3d09da9d701723d16aa3410a6d80f28ff8866f3b880
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
748332090c4b8e20f95d0ff59f0be20fa9c889359d3b36d4b886d73376054207
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7fb66b4c575f4c1982a17a9245b686cf88dbe622a0a5d825003f7c3323526a66
82d7825ef275364ecbdae85501a9266358bbf94e63292f664170e08416fa18c8
8842a8f110d5266ec17ed32c20d373c1d5eff7c7143d04e42359474bfd5f54b3
8bcbc76635e51eeeb80e2e6af0141b45c06f387985dd908dcd1297ebf88d57e8
8c424026592e2f97ca179d813a8dfbe76cd156827b0253fcd071fb57310b111b
8e7e5ea1b15f62ab14dbd41768e8fbcd21cc859a4ea5da812457ee714299fb35
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
97bf326860f50a3e48b937a395da44fb697f230259b45d63cca9dcd24fddb243
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a03f17cc2800b943db9fc43b6922530bd460b6e0362ee23f087f8f5b13e528c9
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3dfc01bfefc0087efec74c8b50a7813e3c0a828d99867102d08a0afc8612fde
a4d94af534c700b4cc663a664528a8578fb4f73f09df71d98f331f70ae8f101b
a699e604953dd2364d7abdc86b2adfab434fdca98a7d7ae835eeb816ca3de7c0
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ace44b78e613a7199dfb108bc4b31f8d017c1053d469e231eab78eb60cb51b07
aee584e3d58344a41b190bb7b6e550f98ad3bb8e28fbc7ea6ddca22f0ef97183
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2f5d5a2bbe083f2ad74a879b856661e525450587347376f8acad794a037ed1d
b3139d14c8cf6af557105bb9de05f1243643e37a619d8765df798bbc1d87b955
b49dba856922c036fd7f3dec4a56709f09fcd3e3e84b42537b07341ff2333a05
bb32ef70baf6f49f09b1fe50f680f2217d8fc8021f2b91beaabb96f6d582c96b
bf5b911ce6645add415b3dbf40d50dc8cda426f38f5300525bf4793c4131b2c2
bf639b0ff22481edd684a047083c4644bb391c84ecb36f4b30f1f1b3a67f874d
bfbe88ff7cf1f6b7c145d30018e05b2154eec8b86d861fa185dea8bb88decb46
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
c10dd93b243504178f88190062879206508d26bf637aae9244b394269dc620d4
c7a2c1b1744d858bd70fb8c11208340c7c528c8907a740fba42bcb8f226fb1df
c8ac0cec888fb8419bc7420359d82bc6e0de8f2accc8edec1ad701d7bbddc529
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cbbabf32ca01dbb0beda9a574acb9602fc4728afff9b9eb5a51aa92b0a889981
cf20741e17b5d52abda5610e0d3571ad6b7a4abf4416726506d3dca51bdaa517
d2ec07a6e77bc3abc56f801e141e9889c018ca8e96dfbe4042f49378699ee85f
d84037bada82c8af096c750483248eb827b621c42236f3b687cc07c2f93d6dbe
d965f3a9df7b66192bc96b3ff4aeb802189ac961c7710d33a00fec474a0335aa
db938f3269290d61b94f7587fec4c59f78eb287abc25814048db7f3a4915a0bd
dbcaaffb8316ec8f2e6ee6825a8bde4bfe9866993f5d6b30766ad0cb7f15146c
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7154c7021935bde1cf1ce1013fb4c50ea662ac7de5ec4b24512ca928f378cd5
e7773570573ca08c633a1a379230b59dcd189a2e606fb05854c7019e23bd8c47
e8bdac9dd8e8e67f3a3bbcc7e232a336f72ed4934f7bd619f4bbe8c5e041fec1
eb3a20dbc5fc3dc1a19b35700732b894289142501dd5bbc2cf1a85a8ce8a57b6
eb449938e7af7411dcd1c436fbc293b05a3be79cb2368c656523f6a61239ec3e
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2baf8efb893748538eecb70f10f23fdadb8408b0609bd7451c45b6c1e36cd4a
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fb522bbacefba728b5775d1f47bbe7f1e8d9522e8e95d4972664952ea3286291
fd8826f91fb323bf7b87cfd12679567bc1764700503b8cbebca918006642f2ff

leekangw.github.io Open in urlscan Pro 2606:50c0:8002::153 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

148 Requests

92 %HTTPS

53 %IPv6

27 Domains

44 Subdomains

43 IPs

6 Countries

2399 kBTransfer

5892 kBSize

18 Cookies

5 Outgoing links

Page URL History

Redirected requests

148 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

leekangw.github.io Open in urlscan Pro
2606:50c0:8002::153 Public Scan

Screenshot
Live screenshot

Full Image

148
Requests

92 %
HTTPS

53 %
IPv6

27
Domains

44
Subdomains

43
IPs

6
Countries

2399 kB
Transfer

5892 kB
Size

18
Cookies

148 HTTP transactions
6 data transactions